Copy paste approach.

client/client.go

@@ -15,12 +15,13 @@ import (
 	"encoding/gob"
 	"fmt"
 	"io"
+	"io/ioutil"
+	"log"
 	"net/rpc"
 	"os"
 	"os/exec"
 
 	"github.com/googleapis/enterprise-certificate-proxy/client/util"
-	"github.com/googleapis/enterprise-certificate-proxy/utils"
 )
 
 const signAPI = "EnterpriseCertSigner.Sign"
@@ -43,6 +44,17 @@ func (c *Connection) Close() error {
 	return werr
 }
 
+// / If ECP Logging is enabled return true
+// / Otherwise return false
+func enableECPLogging() bool {
+	if os.Getenv("ENABLE_ENTERPRISE_CERTIFICATE_LOGS") != "" {
+		return true
+	}
+
+	log.SetOutput(ioutil.Discard)
+	return false
+}
+
 func init() {
 	gob.Register(crypto.SHA256)
 	gob.Register(&rsa.PSSOptions{})
@@ -106,7 +118,7 @@ func (k *Key) Sign(_ io.Reader, digest []byte, opts crypto.SignerOpts) (signed [
 //
 // The config file also specifies which certificate the signer should use.
 func Cred(configFilePath string) (*Key, error) {
-	utils.EnableECPLogging()
+	enableECPLogging()
 	if configFilePath == "" {
 		configFilePath = util.GetDefaultConfigFilePath()
 	}

cshared/main.go

@@ -18,13 +18,25 @@ import (
 	"crypto/ecdsa"
 	"crypto/rsa"
 	"encoding/pem"
+	"io/ioutil"
 	"log"
+	"os"
 	"unsafe"
 
 	"github.com/googleapis/enterprise-certificate-proxy/client"
-	"github.com/googleapis/enterprise-certificate-proxy/utils"
 )
 
+// / If ECP Logging is enabled return true
+// / Otherwise return false
+func enableECPLogging() bool {
+	if os.Getenv("ENABLE_ENTERPRISE_CERTIFICATE_LOGS") != "" {
+		return true
+	}
+
+	log.SetOutput(ioutil.Discard)
+	return false
+}
+
 func getCertPem(configFilePath string) []byte {
 	key, err := client.Cred(configFilePath)
 	if err != nil {
@@ -55,7 +67,7 @@ func getCertPem(configFilePath string) []byte {
 //
 //export GetCertPemForPython
 func GetCertPemForPython(configFilePath *C.char, certHolder *byte, certHolderLen int) int {
-	utils.EnableECPLogging()
+	enableECPLogging()
 	pemBytes := getCertPem(C.GoString(configFilePath))
 	if certHolder != nil {
 		cert := unsafe.Slice(certHolder, certHolderLen)
@@ -70,7 +82,7 @@ func GetCertPemForPython(configFilePath *C.char, certHolder *byte, certHolderLen
 //export SignForPython
 func SignForPython(configFilePath *C.char, digest *byte, digestLen int, sigHolder *byte, sigHolderLen int) int {
 	// First create a handle around the specified certificate and private key.
-	utils.EnableECPLogging()
+	enableECPLogging()
 	key, err := client.Cred(C.GoString(configFilePath))
 	if err != nil {
 		log.Printf("Could not create client using config %s: %v", C.GoString(configFilePath), err)

internal/signer/darwin/go.mod

@@ -1,3 +1,3 @@
 module signer
 
-go 1.19
+go 1.19

internal/signer/darwin/signer.go

@@ -14,16 +14,26 @@ import (
 	"crypto/x509"
 	"encoding/gob"
 	"io"
+	"io/ioutil"
 	"log"
 	"net/rpc"
 	"os"
 	"signer/keychain"
 	"signer/util"
 	"time"
-
-	"github.com/googleapis/enterprise-certificate-proxy/utils"
 )
 
+// / If ECP Logging is enabled return true
+// / Otherwise return false
+func enableECPLogging() bool {
+	if os.Getenv("ENABLE_ENTERPRISE_CERTIFICATE_LOGS") != "" {
+		return true
+	}
+
+	log.SetOutput(ioutil.Discard)
+	return false
+}
+
 func init() {
 	gob.Register(crypto.SHA256)
 	gob.Register(crypto.SHA384)
@@ -78,7 +88,7 @@ func (k *EnterpriseCertSigner) Sign(args SignArgs, resp *[]byte) (err error) {
 }
 
 func main() {
-	utils.EnableECPLogging()
+	enableECPLogging()
 	if len(os.Args) != 2 {
 		log.Fatalln("Signer is not meant to be invoked manually, exiting...")
 	}

internal/signer/linux/go.mod

@@ -3,7 +3,3 @@ module signer
 go 1.19
 
 require github.com/google/go-pkcs11 v0.2.0
-
-require github.com/googleapis/enterprise-certificate-proxy/utils v0.0.0-00010101000000-000000000000 // indirect
-
-replace github.com/googleapis/enterprise-certificate-proxy/utils => ../../../utils

internal/signer/linux/signer.go

@@ -15,15 +15,25 @@ import (
 	"crypto/x509"
 	"encoding/gob"
 	"io"
+	"io/ioutil"
 	"log"
 	"net/rpc"
 	"os"
 	"signer/util"
 	"time"
-
-	"github.com/googleapis/enterprise-certificate-proxy/utils"
 )
 
+// / If ECP Logging is enabled return true
+// / Otherwise return false
+func enableECPLogging() bool {
+	if os.Getenv("ENABLE_ENTERPRISE_CERTIFICATE_LOGS") != "" {
+		return true
+	}
+
+	log.SetOutput(ioutil.Discard)
+	return false
+}
+
 func init() {
 	gob.Register(crypto.SHA256)
 	gob.Register(crypto.SHA384)
@@ -78,7 +88,7 @@ func (k *EnterpriseCertSigner) Sign(args SignArgs, resp *[]byte) (err error) {
 }
 
 func main() {
-	utils.EnableECPLogging()
+	enableECPLogging()
 	if len(os.Args) != 2 {
 		log.Fatalln("Signer is not meant to be invoked manually, exiting...")
 	}

internal/signer/windows/go.mod

@@ -3,9 +3,6 @@ module signer
 go 1.19
 
 require (
-	github.com/googleapis/enterprise-certificate-proxy/utils v0.0.0-00010101000000-000000000000 // indirect
 	golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4 // indirect
 	golang.org/x/sys v0.0.0-20220412211240-33da011f77ad // indirect
 )
-
-replace github.com/googleapis/enterprise-certificate-proxy/utils => ../../../utils

internal/signer/windows/signer.go

@@ -14,16 +14,26 @@ import (
 	"crypto/x509"
 	"encoding/gob"
 	"io"
+	"io/ioutil"
 	"log"
 	"net/rpc"
 	"os"
 	"signer/ncrypt"
 	"signer/util"
 	"time"
-
-	"github.com/googleapis/enterprise-certificate-proxy/utils"
 )
 
+// / If ECP Logging is enabled return true
+// / Otherwise return false
+func enableECPLogging() bool {
+	if os.Getenv("ENABLE_ENTERPRISE_CERTIFICATE_LOGS") != "" {
+		return true
+	}
+
+	log.SetOutput(ioutil.Discard)
+	return false
+}
+
 func init() {
 	gob.Register(crypto.SHA256)
 	gob.Register(crypto.SHA384)
@@ -78,7 +88,7 @@ func (k *EnterpriseCertSigner) Sign(args SignArgs, resp *[]byte) (err error) {
 }
 
 func main() {
-	utils.EnableECPLogging()
+	enableECPLogging()
 	if len(os.Args) != 2 {
 		log.Fatalln("Signer is not meant to be invoked manually, exiting...")
 	}