notaryproject · rrsemlani · Dec 26, 2023 · Jan 16, 2024 · Feb 13, 2024 · Mar 22, 2024
@@ -0,0 +1,30 @@
+// Copyright The Notary Project Authors.
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package blob
+
+import "github.com/spf13/cobra"
+
+func Cmd() *cobra.Command {
+	command := &cobra.Command{
+		Use:   "blob [command]",
+		Short: "Operation on BLOB",
+		Long:  "Generate, verify and inspect signature for BLOB",
+	}
+
+	command.AddCommand(
+		inspectCommand(nil),
+	)
+
+	return command
+}
@@ -0,0 +1,131 @@
+// Copyright The Notary Project Authors.
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package blob
+
+import (
+	"errors"
+	"fmt"
+	"github.com/notaryproject/notation/cmd/notation/internal/osutil"
+	"github.com/notaryproject/notation/cmd/notation/internal/outputs"
+	"github.com/notaryproject/notation/internal/cmd"
+	"github.com/notaryproject/notation/internal/envelope"
+	"github.com/notaryproject/notation/internal/ioutil"
+	"github.com/notaryproject/notation/internal/tree"
+	"github.com/spf13/cobra"
+	"path/filepath"
+	"strconv"
+)
+
+type blobInspectOpts struct {
+	cmd.LoggingFlagOpts
+	signaturePath string
+	outputFormat  string
+}
+
+func inspectCommand(opts *blobInspectOpts) *cobra.Command {
+	if opts == nil {
+		opts = &blobInspectOpts{}
+	}
+	longMessage := `Inspect signature associated with the signed blob.
+
+Example - Inspect BLOB signature:
+  notation blob inspect <signature_path>
+
+Example - Inspect BLOB signature and output as JSON:
+  notation blob inspect --output json <signature_path>
+`
+
+	command := &cobra.Command{
+		Use:   "blob inspect [signaturePath]",
+		Short: "Inspect signature associated with the signed BLOB",
+		Long:  longMessage,
+		Args: func(cmd *cobra.Command, args []string) error {
+			if len(args) == 0 {
+				return errors.New("missing signature path to the artifact: use `notation blob inspect --help` to see what parameters are required")
+			}
+			opts.signaturePath = args[0]
+			return nil
+		},
+		RunE: func(cmd *cobra.Command, args []string) error {
+			return runBlobInspect(opts)
+		},
+	}
+
+	opts.LoggingFlagOpts.ApplyFlags(command.Flags())
+	cmd.SetPflagOutput(command.Flags(), &opts.outputFormat, cmd.PflagOutputUsage)
+	return command
+}
+
+func runBlobInspect(opts *blobInspectOpts) error {
+	if opts.outputFormat != cmd.OutputJSON && opts.outputFormat != cmd.OutputPlaintext {
+		return fmt.Errorf("unrecognized output format %s", opts.outputFormat)
+	}
+
+	// initialize
+	mediaType, err := envelope.GetEnvelopeMediaType(filepath.Ext(opts.signaturePath))
+	if err != nil {
+		return err
+	}
+	contents, err := osutil.ReadFile(opts.signaturePath)
+	if err != nil {
+		return err
+	}
+	output := outputs.InspectOutput{MediaType: mediaType, Signatures: []outputs.SignatureOutput{}}
+	err, _, output.Signatures = outputs.Signature(mediaType, false, "", output, contents)
+	if err != nil {
+		return nil
+	}
+	if err := printOutput(opts.outputFormat, opts.signaturePath, output); err != nil {
+		return err
+	}
+	return nil
+}
+
+func printOutput(outputFormat string, ref string, output outputs.InspectOutput) error {
+	if outputFormat == cmd.OutputJSON {
+		return ioutil.PrintObjectAsJSON(output)
+	}
+
+	if len(output.Signatures) == 0 {
+		fmt.Printf("%s has no associated signature\n", ref)
+		return nil
+	}
+
+	root := tree.New(ref)
+	var signature outputs.SignatureOutput
+	root.AddPair("signature algorithm", signature.SignatureAlgorithm)
+	root.AddPair("signature envelope type", signature.MediaType)
+
+	signedAttributesNode := root.Add("signed attributes")
+	outputs.AddMapToTree(signedAttributesNode, signature.SignedAttributes)
+
+	unsignedAttributesNode := root.Add("unsigned attributes")
+	outputs.AddMapToTree(unsignedAttributesNode, signature.UnsignedAttributes)
+
+	certListNode := root.Add("certificates")
+	for _, cert := range signature.Certificates {
+		certNode := certListNode.AddPair("SHA256 fingerprint", cert.SHA256Fingerprint)
+		certNode.AddPair("issued to", cert.IssuedTo)
+		certNode.AddPair("issued by", cert.IssuedBy)
+		certNode.AddPair("expiry", cert.Expiry)
+	}
+
+	artifactNode := root.Add("signed artifact")
+	artifactNode.AddPair("media type", signature.SignedArtifact.MediaType)
+	artifactNode.AddPair("digest", signature.SignedArtifact.Digest.String())
+	artifactNode.AddPair("size", strconv.FormatInt(signature.SignedArtifact.Size, 10))
+
+	root.Print()
+	return nil
+}
@@ -0,0 +1,63 @@
+// Copyright The Notary Project Authors.
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package blob
+
+import (
+	"errors"
+	"github.com/notaryproject/notation/cmd/notation/internal/osutil"
+	"path/filepath"
+	"testing"
+)
+
+func TestBlobInspectCommand_MissingArgs(t *testing.T) {
+	command := inspectCommand(nil)
+	if err := command.ParseFlags(nil); err != nil {
+		t.Fatalf("Parse Flag failed: %v", err)
+	}
+	if err := command.Args(command, command.Flags().Args()); err == nil {
+		t.Fatal("Parse Args expected error, but ok")
+	}
+}
+
+func TestReadFile(t *testing.T) {
+	noFile := filepath.FromSlash("")
+	expectedErr := errors.New("open : no such file or directory")
+	_, err := osutil.ReadFile(noFile)
+	if err == nil || err.Error() != "open : no such file or directory" {
+		t.Fatalf("expected err: %v, got: %v", expectedErr, err)
+	}
+
+	emptyFile := filepath.FromSlash("../../../internal/testdata/Empty.txt")
+	expectedErr = errors.New("file is empty")
+	_, err = osutil.ReadFile(emptyFile)
+	if err == nil || err.Error() != "file is empty" {
+		t.Fatalf("expected err: %v, got: %v", expectedErr, err)
+	}
+
+	largeFile := filepath.FromSlash("../../../internal/testdata/LargeFile.txt")
+	expectedErr = errors.New("unable to read as file size was greater than 10485760 bytes")
+	_, err = osutil.ReadFile(largeFile)
+	if err == nil || err.Error() != "unable to read as file size was greater than 10485760 bytes" {
+		t.Fatalf("expected err: %v, got: %v", expectedErr, err)
+	}
+
+	file := filepath.FromSlash("../../../internal/testdata/File.txt")
+	contents, err := osutil.ReadFile(file)
+	if err != nil {
+		t.Fatalf("Reading file failed: %v", err)
+	}
+	if string(contents) != "awesome notation\n" {
+		t.Fatalf("Reading contents of file failed")
+	}
+}