...

author: Gregor Kleen <gkleen@yggdrasil.li> 2022-05-26 13:58:07 +0200
committer: Gregor Kleen <gkleen@yggdrasil.li> 2022-05-26 13:58:07 +0200
commit: fc6cf6169868e60c189e4b243330c3717ff159f3 (patch)
tree: 3f6dea9c1420e23756257b5abea27ec9ed92d58a /overlays/spm/provision
parent: 84f2affd66a0ff3947b91a30308cb8e6a8ff7594 (diff)
download: nixos-fc6cf6169868e60c189e4b243330c3717ff159f3.tar
nixos-fc6cf6169868e60c189e4b243330c3717ff159f3.tar.gz
nixos-fc6cf6169868e60c189e4b243330c3717ff159f3.tar.bz2
nixos-fc6cf6169868e60c189e4b243330c3717ff159f3.tar.xz
nixos-fc6cf6169868e60c189e4b243330c3717ff159f3.zip
1 files changed, 46 insertions, 0 deletions
diff --git a/overlays/spm/provision/Spm/Provision.hs b/overlays/spm/provision/Spm/Provision.hs
new file mode 100644
index 00000000..ff18baa0
--- /dev/null
+++ b/overlays/spm/provision/Spm/Provision.hs
@@ -0,0 +1,46 @@
+module Spm.Provision
+  ( main
+  ) where
+import Prelude
+import Options.Applicative
+import Control.Monad
+import qualified Data.Text.IO as Text
+import qualified Data.UUID as UUID
+import qualified Data.UUID.V4 as UUID
+import Crypto.JOSE.JWK
+import qualified Data.ByteString.Lazy.Char8 as CLBS
+import qualified Data.Aeson as JSON
+import Control.Lens
+data Command
+  = InstanceId
+  | JwkSet
+  deriving stock (Eq, Ord, Read, Show)
+cmdInstanceId :: IO ()
+cmdInstanceId = Text.putStrLn . UUID.toText =<< UUID.nextRandom
+cmdJwkSet :: IO ()
+cmdJwkSet = do
+  k' <- genJWK (OKPGenParam Ed25519)
+  kid <- UUID.nextRandom
+  let k = k' & jwkKid ?~ UUID.toText kid
+             & jwkUse ?~ Sig
+             & jwkKeyOps ?~ [Sign, Verify]
+  CLBS.putStrLn . JSON.encode . JWKSet $ pure k
+opts :: Parser (IO ())
+opts = subparser $
+     command "instance-id" (info (pure cmdInstanceId) idm)
+  <> command "jwk-set" (info (pure cmdJwkSet) idm)
+  
+main :: IO ()
+main = join $ execParser (info opts idm)
author	Gregor Kleen <gkleen@yggdrasil.li>	2022-05-26 13:58:07 +0200
committer	Gregor Kleen <gkleen@yggdrasil.li>	2022-05-26 13:58:07 +0200
commit	fc6cf6169868e60c189e4b243330c3717ff159f3 (patch)
tree	3f6dea9c1420e23756257b5abea27ec9ed92d58a /overlays/spm/provision
parent	84f2affd66a0ff3947b91a30308cb8e6a8ff7594 (diff)
download	nixos-fc6cf6169868e60c189e4b243330c3717ff159f3.tar nixos-fc6cf6169868e60c189e4b243330c3717ff159f3.tar.gz nixos-fc6cf6169868e60c189e4b243330c3717ff159f3.tar.bz2 nixos-fc6cf6169868e60c189e4b243330c3717ff159f3.tar.xz nixos-fc6cf6169868e60c189e4b243330c3717ff159f3.zip

diff --git a/overlays/spm/provision/Spm/Provision.hs b/overlays/spm/provision/Spm/Provision.hs new file mode 100644 index 00000000..ff18baa0 --- /dev/null +++ b/overlays/spm/provision/Spm/Provision.hs
@@ -0,0 +1,46 @@
	1	module Spm.Provision
	2	( main
	3	) where
	4
	5	import Prelude
	6	import Options.Applicative
	7	import Control.Monad
	8
	9	import qualified Data.Text.IO as Text
	10
	11	import qualified Data.UUID as UUID
	12	import qualified Data.UUID.V4 as UUID
	13
	14	import Crypto.JOSE.JWK
	15
	16	import qualified Data.ByteString.Lazy.Char8 as CLBS
	17	import qualified Data.Aeson as JSON
	18
	19	import Control.Lens
	20
	21
	22	data Command
	23	= InstanceId
	24	\| JwkSet
	25	deriving stock (Eq, Ord, Read, Show)
	26
	27	cmdInstanceId :: IO ()
	28	cmdInstanceId = Text.putStrLn . UUID.toText =<< UUID.nextRandom
	29
	30	cmdJwkSet :: IO ()
	31	cmdJwkSet = do
	32	k' <- genJWK (OKPGenParam Ed25519)
	33	kid <- UUID.nextRandom
	34	let k = k' & jwkKid ?~ UUID.toText kid
	35	& jwkUse ?~ Sig
	36	& jwkKeyOps ?~ [Sign, Verify]
	37	CLBS.putStrLn . JSON.encode . JWKSet $ pure k
	38
	39	opts :: Parser (IO ())
	40	opts = subparser $
	41	command "instance-id" (info (pure cmdInstanceId) idm)
	42	<> command "jwk-set" (info (pure cmdJwkSet) idm)
	43
	44
	45	main :: IO ()
	46	main = join $ execParser (info opts idm)