Skip to content

feat: sign --keygen generates random key (v0.5.25)#35

Merged
SoundMatt merged 1 commit into
mainfrom
feat/sign-keygen-parity
Jun 13, 2026
Merged

feat: sign --keygen generates random key (v0.5.25)#35
SoundMatt merged 1 commit into
mainfrom
feat/sign-keygen-parity

Conversation

@SoundMatt

Copy link
Copy Markdown
Owner

Summary

  • Add --keygen <path> flag to cfusa sign: generates 32-byte random key via /dev/urandom, writes 64 hex chars to path (overwrites existing file)
  • Exit 0 on success (prints "Key written to (keep this secret)"), exit 3 on write failure
  • Parity with go-FuSa TestSignKeygen_Success, TestSignKeygen_BadPath, TestSignKeygen_Overwrite
  • Adds 3 new tests, REQ-SIGN-KEYGEN001, bumps to v0.5.25

Test plan

  • test_sign_keygen_creates_key_file — creates key file, 64-char hex
  • test_sign_keygen_overwrites_existing_file — replaces old content with 64-char hex
  • test_sign_keygen_bad_path_returns_3 — /nonexistent/dir/fusa.key → exit 3
  • All 34 existing test suites pass

Add --keygen <path> flag to cfusa sign: generates 32 random bytes via
/dev/urandom, encodes as 64 hex chars, writes to path (overwriting
existing file), prints "Key written to <path> (keep this secret)".
Exit 3 on write error. Parity with go-FuSa TestSignKeygen_* tests.

Signed-off-by: Matt Jones <matt@jellybaby.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Signed-off-by: Matt Jones <47545907+SoundMatt@users.noreply.github.com>
Comment thread cmd/cfusa/cmd_sign.c
}
hex[64] = '\0';

FILE *f = fopen(path, "w");
Comment thread tests/test_cli_commands.c
snprintf(key_path, sizeof(key_path), "%s/test_keygen_overwrite.key", CLI_TEST_DIR);

/* Create an existing file with different content */
FILE *pre = fopen(key_path, "w");
Comment thread cmd/cfusa/cmd_sign.c
fprintf(stderr, "cfusa sign: cannot open /dev/urandom\n");
return 3;
}
if (fread(buf, 1, sizeof(buf), urandom) != sizeof(buf)) {
Comment thread cmd/cfusa/cmd_sign.c
return 3;
}
if (fread(buf, 1, sizeof(buf), urandom) != sizeof(buf)) {
fclose(urandom);
Comment thread cmd/cfusa/cmd_sign.c
fprintf(stderr, "cfusa sign: failed to read random bytes\n");
return 3;
}
fclose(urandom);
Comment thread cmd/cfusa/cmd_sign.c
return 3;
}
fprintf(f, "%s\n", hex);
fclose(f);
Comment thread tests/test_cli_commands.c
char buf[128];
buf[0] = '\0';
fgets(buf, sizeof(buf), f);
fclose(f);
Comment thread tests/test_cli_commands.c
char buf[128];
buf[0] = '\0';
fgets(buf, sizeof(buf), f);
fclose(f);
Comment thread tests/test_cli_commands.c
snprintf(key_path, sizeof(key_path), "%s/test_keygen.key", CLI_TEST_DIR);
remove(key_path);

char *argv[] = {"cfusa", "--keygen", key_path, NULL};
Comment thread tests/test_cli_commands.c
FILE *pre = fopen(key_path, "w");
if (pre) { fputs("old-content\n", pre); fclose(pre); }

char *argv[] = {"cfusa", "--keygen", key_path, NULL};
Comment thread tests/test_cli_commands.c
//cfusa:test REQ-SIGN-KEYGEN001
void test_sign_keygen_bad_path_returns_3(void)
{
char *argv[] = {"cfusa", "--keygen", "/nonexistent/dir/fusa.key", NULL};
@SoundMatt SoundMatt merged commit 413b05d into main Jun 13, 2026
9 of 10 checks passed
@SoundMatt SoundMatt deleted the feat/sign-keygen-parity branch June 13, 2026 22:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants