Refactor: use Base struct

base.go

@@ -0,0 +1,77 @@
+package minitrust
+
+import (
+	"errors"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"strings"
+
+	"github.com/jedisct1/go-minisign"
+)
+
+const (
+	trustedDirPerm = 0700
+	trustedKeyPerm = 0600
+)
+
+type Base struct {
+	trustedDir string
+}
+
+func New(trustedDir string) Base {
+	return Base{trustedDir: trustedDir}
+}
+
+func (b *Base) ensureTrustedDir() error {
+	err := os.MkdirAll(b.trustedDir, trustedDirPerm)
+	if err != nil && !os.IsExist(err) {
+		return err
+	}
+	return nil
+}
+func (b *Base) getKeyPath(keyID [8]byte) string {
+	return filepath.Join(b.trustedDir, EncodeID(keyID)+".pub")
+}
+
+// SearchTrustedPubKey returns public key and untrusted comment.
+func (b *Base) SearchTrustedPubKey(sigFile string) (minisign.PublicKey, string, error) {
+	if err := b.ensureTrustedDir(); err != nil {
+		return minisign.PublicKey{}, "", errors.New("minitrust: can't create trusted directory.")
+	}
+
+	signature, err := minisign.NewSignatureFromFile(sigFile)
+	if err != nil {
+		return minisign.PublicKey{}, "", err
+	}
+
+	key, comment, err := readKeyFile(b.getKeyPath(signature.KeyId))
+	if err != nil {
+		return minisign.PublicKey{}, "", err
+	}
+
+	return key, comment, nil
+}
+
+func (b *Base) AddTrustedPubKey(rawPubKey, comment string) error {
+	if err := b.ensureTrustedDir(); err != nil {
+		return errors.New("minitrust: can't create trusted directory.")
+	}
+	if strings.Count(comment, "\n") != 0 {
+		return errors.New("minitrust: comment must be one-lined.")
+	}
+
+	pk, err := minisign.NewPublicKey(rawPubKey)
+	if err != nil {
+		return err
+	}
+
+	content := strings.Join(
+		[]string{
+			commentPrefix + comment,
+			EncodePublicKey(pk),
+		},
+		"\n",
+	)
+	return ioutil.WriteFile(b.getKeyPath(pk.KeyId), []byte(content), trustedKeyPerm)
+}

base_test.go

@@ -0,0 +1,40 @@
+package minitrust
+
+import (
+	"os"
+	"path/filepath"
+	"testing"
+)
+
+const rawPubKey = "RWRWfuqg9DPmJzteqVmj5xSm7z1V0ZTNA66UGpF+5vdkUe8llEMWkC6n"
+const pubKeyID = "27E633F4A0EA7E56"
+
+func mkdirTempHome(t *testing.T) string {
+	dir, err := os.MkdirTemp("", "test-minitrust-*")
+	if err != nil {
+		t.Fatal(err)
+	}
+	return dir
+}
+
+func TestEnsureTrustedDir(t *testing.T) {
+	dir := mkdirTempHome(t)
+	defer os.RemoveAll(dir)
+
+	for _, test := range []string{
+		dir,
+		filepath.Join(dir, "whataboutthis"),
+		filepath.Join(dir, "foo", "bar"),
+		filepath.Join(dir, "exists"),
+		filepath.Join(dir, "exists"),
+	} {
+		b := New(test)
+		if err := b.ensureTrustedDir(); err != nil {
+			t.Fatal(err)
+		}
+		_, err := os.Stat(test)
+		if err != nil {
+			t.Fatal(err)
+		}
+	}
+}

cmd/minitrust/minitrust.go

@@ -114,11 +114,13 @@ func main() {
 }
 
 func add(trustedDir, pubKey, comment string) error {
-	return minitrust.AddTrustedPubKey(trustedDir, pubKey, comment)
+	b := minitrust.New(trustedDir)
+	return b.AddTrustedPubKey(pubKey, comment)
 }
 
 func verify(trustedDir, file, sigFile string) error {
-	key, comment, err := minitrust.SearchTrustedPubKey(trustedDir, sigFile)
+	b := minitrust.New(trustedDir)
+	key, comment, err := b.SearchTrustedPubKey(sigFile)
 	if err != nil {
 		return err
 	}

minitrust.go → pubkey.go

@@ -19,31 +19,14 @@ import (
 	"encoding/binary"
 	"errors"
 	"io/ioutil"
-	"log"
 	"os"
-	"path/filepath"
 	"strconv"
 	"strings"
 
 	"github.com/jedisct1/go-minisign"
 )
 
-var logger = log.New(os.Stderr, "", log.Lshortfile)
-
 const commentPrefix = "untrusted comment: "
-const trustedDirEnv = "MINITRUST_DIR"
-const (
-	trustedDirPerm = 0700
-	trustedKeyPerm = 0600
-)
-
-func ensureTrustedDir(trustedDir string) error {
-	err := os.MkdirAll(trustedDir, trustedDirPerm)
-	if !os.IsExist(err) {
-		return err
-	}
-	return nil
-}
 
 func EncodePublicKey(pk minisign.PublicKey) string {
 	var bin [42]byte
@@ -81,49 +64,3 @@ func readKeyFile(keyPath string) (minisign.PublicKey, string, error) {
 	}
 	return decodeKeyFileContent(string(content))
 }
-
-func getKeyPath(trustedDir string, keyID [8]byte) string {
-	return filepath.Join(trustedDir, EncodeID(keyID)+".pub")
-}
-
-// SearchTrustedPubKey returns public key and untrusted comment.
-func SearchTrustedPubKey(trustedDir, sigFile string) (minisign.PublicKey, string, error) {
-	if err := ensureTrustedDir(trustedDir); err != nil {
-		return minisign.PublicKey{}, "", errors.New("minitrust: can't create trusted directory.")
-	}
-
-	signature, err := minisign.NewSignatureFromFile(sigFile)
-	if err != nil {
-		return minisign.PublicKey{}, "", err
-	}
-
-	key, comment, err := readKeyFile(getKeyPath(trustedDir, signature.KeyId))
-	if err != nil {
-		return minisign.PublicKey{}, "", err
-	}
-
-	return key, comment, nil
-}
-
-func AddTrustedPubKey(trustedDir, rawPubKey, comment string) error {
-	if err := ensureTrustedDir(trustedDir); err != nil {
-		return errors.New("minitrust: can't create trusted directory.")
-	}
-	if strings.Count(comment, "\n") != 0 {
-		return errors.New("minitrust: comment must be one-lined.")
-	}
-
-	pk, err := minisign.NewPublicKey(rawPubKey)
-	if err != nil {
-		return err
-	}
-
-	content := strings.Join(
-		[]string{
-			commentPrefix + comment,
-			EncodePublicKey(pk),
-		},
-		"\n",
-	)
-	return ioutil.WriteFile(getKeyPath(trustedDir, pk.KeyId), []byte(content), trustedKeyPerm)
-}

pubkey_test.go

@@ -0,0 +1,29 @@
+package minitrust
+
+import (
+	"testing"
+
+	"github.com/jedisct1/go-minisign"
+)
+
+func TestEncodePublicKey(t *testing.T) {
+	pk, err := minisign.NewPublicKey(rawPubKey)
+	if err != nil {
+		t.Fatal(err)
+	}
+	got := EncodePublicKey(pk)
+	if got != rawPubKey {
+		t.Fatalf("encoded string doesn't match: got %v, expected %v.", got, rawPubKey)
+	}
+}
+
+func TestEncodeID(t *testing.T) {
+	pk, err := minisign.NewPublicKey(rawPubKey)
+	if err != nil {
+		t.Fatal(err)
+	}
+	got := EncodeID(pk.KeyId)
+	if got != pubKeyID {
+		t.Fatalf("encoded ID doesn't match: got %v, expected %v.", got, pubKeyID)
+	}
+}