Fix comments, and return an error instead of fatal.

4 years ago · ccc403cf89
parent 7d9997618f
commit ccc403cf89
2 changed files with 11 additions and 5 deletions
--- a/go.sum
+++ b/go.sum
@ -307,6 +307,7 @@ golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de h1:ikNHVSjEfnvz6sxdSPCaPt
 golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897 h1:pLI5jrR7OSLijeIDcmRxNmw2api+jEfxLoykJVice/E=
 golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20201117144127-c1f2f97bffc9 h1:phUcVbl53swtrUN8kQEXFhUxPlIlWyBfKmidCu7P95o=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
--- a/kms/sshagentkms/sshagentkms.go
+++ b/kms/sshagentkms/sshagentkms.go
@ -8,7 +8,6 @@ import (
 	"crypto/rsa"
 	"crypto/x509"
 	"io"
-	"log"
 	"net"
 	"os"
 	"strings"
@ -32,7 +31,7 @@ func New(ctx context.Context, opts apiv1.Options) (*SSHAgentKMS, error) {
 	socket := os.Getenv("SSH_AUTH_SOCK")
 	conn, err := net.Dial("unix", socket)
 	if err != nil {
-		log.Fatalf("Failed to open SSH_AUTH_SOCK: %v", err)
+		return nil, errors.Wrap(err, "failed to open SSH_AUTH_SOCK")
 	}

 	agentClient := agent.NewClient(conn)
@ -42,7 +41,8 @@ func New(ctx context.Context, opts apiv1.Options) (*SSHAgentKMS, error) {
 	}, nil
 }

-// For testing
+// NewFromAgent initializes an SSHAgentKMS from a given agent, this method is
+// used for testing purposes.
 func NewFromAgent(ctx context.Context, opts apiv1.Options, agentClient agent.Agent) (*SSHAgentKMS, error) {
 	return &SSHAgentKMS{
 		agentClient: agentClient,
@ -55,20 +55,23 @@ func init() {
 	})
 }

+// Close closes the agent. This is a noop for the SSHAgentKMS.
 func (k *SSHAgentKMS) Close() error {
-	// TODO: Is there any cleanup in Agent we can do?
 	return nil
 }

-// Utility class to wrap a ssh.Signer as a crypto.Signer
+// WrappedSSHSigner is a utility type to wrap a ssh.Signer as a crypto.Signer
 type WrappedSSHSigner struct {
 	Sshsigner ssh.Signer
 }

+// Public returns the agent public key. The type of this public key is
+// *agent.Key.
 func (s *WrappedSSHSigner) Public() crypto.PublicKey {
 	return s.Sshsigner.PublicKey()
 }

+// Sign signs the given digest using the ssh agent and returns the signature.
 func (s *WrappedSSHSigner) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) (signature []byte, err error) {
 	sig, err := s.Sshsigner.Sign(rand, digest)
 	if err != nil {
@ -77,6 +80,8 @@ func (s *WrappedSSHSigner) Sign(rand io.Reader, digest []byte, opts crypto.Signe
 	return sig.Blob, nil
 }

+// NewWrappedSignerFromSSHSigner returns a new crypto signer wrapping the given
+// one.
 func NewWrappedSignerFromSSHSigner(signer ssh.Signer) crypto.Signer {
 	return &WrappedSSHSigner{signer}
 }