MCPcopy
hub / github.com/smallstep/cli / rwLockKeySet

Function rwLockKeySet

command/crypto/jwk/keyset.go:228–309  ·  view source on GitHub ↗
(filename string)

Source from the content-addressed store, hash-verified

226}
227
228func rwLockKeySet(filename string) (jwks *jose.JSONWebKeySet, writeFunc func(bool) error, err error) {
229 var f *os.File
230
231 f, err = os.OpenFile(filename, os.O_RDWR|os.O_CREATE, 0600)
232 if err != nil {
233 err = errs.FileError(err, filename)
234 return
235 }
236
237 fd := int(f.Fd()) // #nosec G115 -- uintptr comes from file descriptor
238
239 // non-blocking exclusive lock
240 err = sysutils.FileLock(fd)
241 switch {
242 case err == nil: // continue
243 case errors.Is(err, syscall.EWOULDBLOCK):
244 f.Close()
245 err = errors.Errorf("error reading %s: file is locked", filename)
246 return
247 default:
248 f.Close()
249 err = errors.Wrapf(err, "error locking %s", filename)
250 return
251 }
252
253 // close and unlock file on errors
254 defer func() {
255 if err != nil {
256 sysutils.FileUnlock(fd)
257 f.Close()
258 }
259 }()
260
261 // Read key set
262 var b []byte
263 b, err = io.ReadAll(f)
264 if err != nil {
265 err = errors.Wrapf(err, "error reading %s", filename)
266 return
267 }
268
269 // Unmarshal the plain JWKSet
270 jwks = new(jose.JSONWebKeySet)
271 if len(b) > 0 {
272 if err = json.Unmarshal(b, jwks); err != nil {
273 err = errors.Wrapf(err, "error reading %s", filename)
274 return
275 }
276 }
277
278 writeFunc = func(write bool) (err error) {
279 if write {
280 if b, err1 := json.MarshalIndent(jwks, "", " "); err1 != nil {
281 err = errors.Wrapf(err1, "error marshaling %s", filename)
282 } else {
283 if err1 := f.Truncate(0); err1 != nil {
284 err = errors.Wrapf(err1, "error writing %s", filename)
285 } else {

Callers 4

keysetAddActionFunction · 0.85
keysetRemoveActionFunction · 0.85
keysetListActionFunction · 0.85
keysetFindActionFunction · 0.85

Calls 3

FileLockFunction · 0.92
FileUnlockFunction · 0.92
CloseMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…