Skip to content

Commit

Permalink
Use syscall.Stdin for input handle. Fixes sigstore#1153
Browse files Browse the repository at this point in the history
While is is 0 on Unix, it's not on Windows. Golang handles this with the
syscall.Stdin targeting Windows.

Signed-off-by: Mark Percival <[email protected]>
  • Loading branch information
mdp committed Mar 25, 2022
1 parent 340b6c6 commit 8733de8
Show file tree
Hide file tree
Showing 4 changed files with 9 additions and 5 deletions.
3 changes: 2 additions & 1 deletion cmd/cosign/cli/pkcs11cli/commands.go
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ import (
"fmt"
"os"
"path/filepath"
"syscall"

"github.com/miekg/pkcs11"
"github.com/pkg/errors"
Expand Down Expand Up @@ -112,7 +113,7 @@ func GetKeysInfo(_ context.Context, modulePath string, slotID uint, pin string)
if pin == "" {
if tokenInfo.Flags&pkcs11.CKF_LOGIN_REQUIRED == pkcs11.CKF_LOGIN_REQUIRED {
fmt.Fprintf(os.Stderr, "Enter PIN for PKCS11 token '%s': ", tokenInfo.Label)
b, err := term.ReadPassword(0)
b, err := term.ReadPassword(int(syscall.Stdin))
if err != nil {
return nil, errors.Wrap(err, "get pin")
}
Expand Down
5 changes: 3 additions & 2 deletions pkg/cosign/common.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ import (
"fmt"
"os"
"strings"
"syscall"

"github.com/pkg/errors"
"golang.org/x/term"
Expand All @@ -46,7 +47,7 @@ func ConfirmPrompt(msg string) (bool, error) {

func GetPassFromTerm(confirm bool) ([]byte, error) {
fmt.Fprint(os.Stderr, "Enter password for private key: ")
pw1, err := term.ReadPassword(0)
pw1, err := term.ReadPassword(int(syscall.Stdin))
if err != nil {
return nil, err
}
Expand All @@ -55,7 +56,7 @@ func GetPassFromTerm(confirm bool) ([]byte, error) {
return pw1, nil
}
fmt.Fprint(os.Stderr, "Enter password for private key again: ")
confirmpw, err := term.ReadPassword(0)
confirmpw, err := term.ReadPassword(int(syscall.Stdin))
fmt.Fprintln(os.Stderr)
if err != nil {
return nil, err
Expand Down
3 changes: 2 additions & 1 deletion pkg/cosign/pivkey/pivkey.go
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ import (
"fmt"
"io"
"os"
"syscall"

"github.com/go-piv/piv-go/piv"
"github.com/pkg/errors"
Expand Down Expand Up @@ -194,7 +195,7 @@ func (k *Key) VerifySignature(signature, message io.Reader, opts ...signature.Ve

func getPin() (string, error) {
fmt.Fprint(os.Stderr, "Enter PIN for security key: ")
b, err := term.ReadPassword(0)
b, err := term.ReadPassword(int(syscall.Stdin))
if err != nil {
return "", err
}
Expand Down
3 changes: 2 additions & 1 deletion pkg/cosign/pkcs11key/pkcs11key.go
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ import (
"io"
"os"
"path/filepath"
"syscall"

"github.com/ThalesIgnite/crypto11"
"github.com/miekg/pkcs11"
Expand Down Expand Up @@ -129,7 +130,7 @@ func GetKeyWithURIConfig(config *Pkcs11UriConfig, askForPinIfNeeded bool) (*Key,

if tokenInfo.Flags&pkcs11.CKF_LOGIN_REQUIRED == pkcs11.CKF_LOGIN_REQUIRED {
fmt.Fprintf(os.Stderr, "Enter PIN for key '%s' in PKCS11 token '%s': ", config.KeyLabel, config.TokenLabel)
b, err := term.ReadPassword(0)
b, err := term.ReadPassword(int(syscall.Stdin))
if err != nil {
return errors.Wrap(err, "get pin")
}
Expand Down

0 comments on commit 8733de8

Please sign in to comment.