summaryrefslogtreecommitdiff
path: root/overlays/spm/provision/Spm
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2022-05-26 13:58:07 +0200
committerGregor Kleen <gkleen@yggdrasil.li>2022-05-26 13:58:07 +0200
commitfc6cf6169868e60c189e4b243330c3717ff159f3 (patch)
tree3f6dea9c1420e23756257b5abea27ec9ed92d58a /overlays/spm/provision/Spm
parent84f2affd66a0ff3947b91a30308cb8e6a8ff7594 (diff)
downloadnixos-fc6cf6169868e60c189e4b243330c3717ff159f3.tar
nixos-fc6cf6169868e60c189e4b243330c3717ff159f3.tar.gz
nixos-fc6cf6169868e60c189e4b243330c3717ff159f3.tar.bz2
nixos-fc6cf6169868e60c189e4b243330c3717ff159f3.tar.xz
nixos-fc6cf6169868e60c189e4b243330c3717ff159f3.zip
...
Diffstat (limited to 'overlays/spm/provision/Spm')
-rw-r--r--overlays/spm/provision/Spm/Provision.hs46
1 files changed, 46 insertions, 0 deletions
diff --git a/overlays/spm/provision/Spm/Provision.hs b/overlays/spm/provision/Spm/Provision.hs
new file mode 100644
index 00000000..ff18baa0
--- /dev/null
+++ b/overlays/spm/provision/Spm/Provision.hs
@@ -0,0 +1,46 @@
1module Spm.Provision
2 ( main
3 ) where
4
5import Prelude
6import Options.Applicative
7import Control.Monad
8
9import qualified Data.Text.IO as Text
10
11import qualified Data.UUID as UUID
12import qualified Data.UUID.V4 as UUID
13
14import Crypto.JOSE.JWK
15
16import qualified Data.ByteString.Lazy.Char8 as CLBS
17import qualified Data.Aeson as JSON
18
19import Control.Lens
20
21
22data Command
23 = InstanceId
24 | JwkSet
25 deriving stock (Eq, Ord, Read, Show)
26
27cmdInstanceId :: IO ()
28cmdInstanceId = Text.putStrLn . UUID.toText =<< UUID.nextRandom
29
30cmdJwkSet :: IO ()
31cmdJwkSet = do
32 k' <- genJWK (OKPGenParam Ed25519)
33 kid <- UUID.nextRandom
34 let k = k' & jwkKid ?~ UUID.toText kid
35 & jwkUse ?~ Sig
36 & jwkKeyOps ?~ [Sign, Verify]
37 CLBS.putStrLn . JSON.encode . JWKSet $ pure k
38
39opts :: Parser (IO ())
40opts = subparser $
41 command "instance-id" (info (pure cmdInstanceId) idm)
42 <> command "jwk-set" (info (pure cmdJwkSet) idm)
43
44
45main :: IO ()
46main = join $ execParser (info opts idm)