diff --git a/cmd/cosign/cli/pkcs11cli/commands.go b/cmd/cosign/cli/pkcs11cli/commands.go index 2d0e8946d52..5d478dd828f 100644 --- a/cmd/cosign/cli/pkcs11cli/commands.go +++ b/cmd/cosign/cli/pkcs11cli/commands.go @@ -24,6 +24,7 @@ import ( "fmt" "os" "path/filepath" + "syscall" "github.com/miekg/pkcs11" "github.com/pkg/errors" @@ -112,7 +113,9 @@ func GetKeysInfo(_ context.Context, modulePath string, slotID uint, pin string) if pin == "" { if tokenInfo.Flags&pkcs11.CKF_LOGIN_REQUIRED == pkcs11.CKF_LOGIN_REQUIRED { fmt.Fprintf(os.Stderr, "Enter PIN for PKCS11 token '%s': ", tokenInfo.Label) - b, err := term.ReadPassword(0) + // Unnecessary convert of syscall.Stdin on *nix, but Windows is a uintptr + // nolint:unconvert + b, err := term.ReadPassword(int(syscall.Stdin)) if err != nil { return nil, errors.Wrap(err, "get pin") } diff --git a/pkg/cosign/common.go b/pkg/cosign/common.go index ce90de789c3..1f8034a6b8d 100644 --- a/pkg/cosign/common.go +++ b/pkg/cosign/common.go @@ -20,6 +20,7 @@ import ( "fmt" "os" "strings" + "syscall" "github.com/pkg/errors" "golang.org/x/term" @@ -46,7 +47,9 @@ func ConfirmPrompt(msg string) (bool, error) { func GetPassFromTerm(confirm bool) ([]byte, error) { fmt.Fprint(os.Stderr, "Enter password for private key: ") - pw1, err := term.ReadPassword(0) + // Unnecessary convert of syscall.Stdin on *nix, but Windows is a uintptr + // nolint:unconvert + pw1, err := term.ReadPassword(int(syscall.Stdin)) if err != nil { return nil, err } @@ -55,7 +58,9 @@ func GetPassFromTerm(confirm bool) ([]byte, error) { return pw1, nil } fmt.Fprint(os.Stderr, "Enter password for private key again: ") - confirmpw, err := term.ReadPassword(0) + // Unnecessary convert of syscall.Stdin on *nix, but Windows is a uintptr + // nolint:unconvert + confirmpw, err := term.ReadPassword(int(syscall.Stdin)) fmt.Fprintln(os.Stderr) if err != nil { return nil, err diff --git a/pkg/cosign/pivkey/pivkey.go b/pkg/cosign/pivkey/pivkey.go index 9547cb1ee16..409e6c8a7e9 100644 --- a/pkg/cosign/pivkey/pivkey.go +++ b/pkg/cosign/pivkey/pivkey.go @@ -28,6 +28,7 @@ import ( "fmt" "io" "os" + "syscall" "github.com/go-piv/piv-go/piv" "github.com/pkg/errors" @@ -194,7 +195,9 @@ func (k *Key) VerifySignature(signature, message io.Reader, opts ...signature.Ve func getPin() (string, error) { fmt.Fprint(os.Stderr, "Enter PIN for security key: ") - b, err := term.ReadPassword(0) + // Unnecessary convert of syscall.Stdin on *nix, but Windows is a uintptr + // nolint:unconvert + b, err := term.ReadPassword(int(syscall.Stdin)) if err != nil { return "", err } diff --git a/pkg/cosign/pkcs11key/pkcs11key.go b/pkg/cosign/pkcs11key/pkcs11key.go index e2417999c95..6d17ef96d1a 100644 --- a/pkg/cosign/pkcs11key/pkcs11key.go +++ b/pkg/cosign/pkcs11key/pkcs11key.go @@ -29,6 +29,7 @@ import ( "io" "os" "path/filepath" + "syscall" "github.com/ThalesIgnite/crypto11" "github.com/miekg/pkcs11" @@ -129,7 +130,9 @@ func GetKeyWithURIConfig(config *Pkcs11UriConfig, askForPinIfNeeded bool) (*Key, if tokenInfo.Flags&pkcs11.CKF_LOGIN_REQUIRED == pkcs11.CKF_LOGIN_REQUIRED { fmt.Fprintf(os.Stderr, "Enter PIN for key '%s' in PKCS11 token '%s': ", config.KeyLabel, config.TokenLabel) - b, err := term.ReadPassword(0) + // Unnecessary convert of syscall.Stdin on *nix, but Windows is a uintptr + // nolint:unconvert + b, err := term.ReadPassword(int(syscall.Stdin)) if err != nil { return errors.Wrap(err, "get pin") }