veyron/security/agent: Added encryption to agent and option not
to encrypt.
* Password will only be requested when the PEM Block is not encrypted.
* Next step is to change the agent from a signer to a principal. Coming
soon...
Change-Id: I811bb6af636d83243052465039192c7bfa307cc1
diff --git a/tools/principal/main.go b/tools/principal/main.go
index 62a05ac..0a80da2 100644
--- a/tools/principal/main.go
+++ b/tools/principal/main.go
@@ -189,9 +189,12 @@
var key security.PublicKey
tobless, extension := args[0], args[1]
if finfo, err := os.Stat(tobless); err == nil && finfo.IsDir() {
- other, _, err := vsecurity.NewPersistentPrincipal(tobless)
+ // TODO(suharshs,ashankar,ataly): How should we make an ecrypted pk... or is that up to the agent?
+ other, err := vsecurity.LoadPersistentPrincipal(tobless, nil)
if err != nil {
- return fmt.Errorf("failed to read principal in directory %q: %v", tobless, err)
+ if other, err = vsecurity.CreatePersistentPrincipal(tobless, nil); err != nil {
+ return fmt.Errorf("failed to read principal in directory %q: %v", tobless, err)
+ }
}
key = other.PublicKey()
} else if other, err := decodeBlessings(tobless); err != nil {
@@ -363,9 +366,10 @@
return fmt.Errorf("requires exactly two arguments: <directory> and <blessing>, provided %d", len(args))
}
dir, name := args[0], args[1]
- p, existed, err := vsecurity.NewPersistentPrincipal(dir)
- if existed {
- return fmt.Errorf("principal already exists in %q", dir)
+ // TODO(suharshs,ashankar,ataly): How should we make an ecrypted pk... or is that up to the agent?
+ p, err := vsecurity.CreatePersistentPrincipal(dir, nil)
+ if err != nil {
+ return err
}
blessings, err := p.BlessSelf(name)
if err != nil {
