Add support for --speed

Allow setting of speed for communication with TKey in all commands.

cmd/tkey-verification/main.go

@@ -10,6 +10,7 @@ import (
 	"strings"
 
 	"github.com/spf13/pflag"
+	"github.com/tillitis/tkeyclient"
 )
 
 const progname = "tkey-verification"
@@ -26,8 +27,14 @@ var version string
 // Use when printing err/diag msgs
 var le = log.New(os.Stderr, "", 0)
 
+type Device struct {
+	Path  string
+	Speed int
+}
+
 func main() {
-	var devPath, baseURL, baseDir, configFile, binPath string
+	var dev Device
+	var baseURL, baseDir, configFile, binPath string
 	var checkConfigOnly, verbose, showURLOnly, versionOnly, build, helpOnly bool
 
 	if version == "" {
@@ -36,8 +43,10 @@ func main() {
 
 	pflag.CommandLine.SetOutput(os.Stderr)
 	pflag.CommandLine.SortFlags = false
-	pflag.StringVar(&devPath, "port", "",
+	pflag.StringVar(&dev.Path, "port", "",
 		"Set serial port device `PATH`. If this is not passed, auto-detection will be attempted.")
+	pflag.IntVarP(&dev.Speed, "speed", "s", tkeyclient.SerialSpeed,
+		"Set serial port `speed` in bits per second.")
 	pflag.BoolVar(&verbose, "verbose", false,
 		"Enable verbose output.")
 	pflag.StringVar(&configFile, "config", defaultConfigFile,
@@ -102,7 +111,7 @@ func main() {
 			le.Printf("Couldn't load config: %v\n", err)
 		}
 
-		serveSigner(conf, devPath, verbose, checkConfigOnly)
+		serveSigner(conf, dev, verbose, checkConfigOnly)
 
 	case "remote-sign":
 		conf, err := loadRemoteSignConfig(configFile)
@@ -114,22 +123,22 @@ func main() {
 			os.Exit(0)
 		}
 
-		remoteSign(conf, devPath, verbose)
+		remoteSign(conf, dev, verbose)
 
 	case "verify":
 		if baseDir != "" && (showURLOnly || pflag.CommandLine.Lookup("base-url").Changed) {
 			le.Printf("Cannot combine --base-dir and --show-url/--base-url\n")
 			os.Exit(2)
 		}
 
-		verify(devPath, verbose, showURLOnly, baseDir, baseURL)
+		verify(dev, verbose, showURLOnly, baseDir, baseURL)
 
 	case "show-pubkey":
 		if binPath == "" {
 			le.Printf("Needs the path to an app, use `--app PATH`\n")
 			os.Exit(2)
 		}
-		showPubkey(binPath, devPath, verbose)
+		showPubkey(binPath, dev, verbose)
 
 	default:
 		le.Printf("%s is not a valid command.\n", cmd)

cmd/tkey-verification/remotesign.go

@@ -15,7 +15,7 @@ import (
 	"github.com/tillitis/tkey-verification/internal/tkey"
 )
 
-func remoteSign(conf ProvConfig, devPath string, verbose bool) {
+func remoteSign(conf ProvConfig, dev Device, verbose bool) {
 	_, _, err := net.SplitHostPort(conf.ServerAddr)
 	if err != nil {
 		le.Printf("SplitHostPort failed: %s", err)
@@ -33,7 +33,7 @@ func remoteSign(conf ProvConfig, devPath string, verbose bool) {
 		},
 	}
 
-	appBin, udi, pubKey, fw, err := signChallenge(conf, devPath, verbose)
+	appBin, udi, pubKey, fw, err := signChallenge(conf, dev, verbose)
 	if err != nil {
 		le.Printf("Couldn't sign challenge: %s\n", err)
 		os.Exit(1)
@@ -50,7 +50,7 @@ func remoteSign(conf ProvConfig, devPath string, verbose bool) {
 
 // Returns the currently used device app, UDI, pubkey, expected
 // firmware, and any error
-func signChallenge(conf ProvConfig, devPath string, verbose bool) (AppBin, *tkey.UDI, []byte, Firmware, error) {
+func signChallenge(conf ProvConfig, dev Device, verbose bool) (AppBin, *tkey.UDI, []byte, Firmware, error) {
 	appBins, err := NewAppBins()
 	if err != nil {
 		fmt.Printf("Failed to init embedded device apps: %v\n", err)
@@ -74,7 +74,7 @@ func signChallenge(conf ProvConfig, devPath string, verbose bool) (AppBin, *tkey
 	}
 
 	var fw Firmware
-	tk, err := tkey.NewTKey(devPath, verbose)
+	tk, err := tkey.NewTKey(dev.Path, dev.Speed, verbose)
 	if err != nil {
 		return appBin, nil, nil, fw, fmt.Errorf("%w", err)
 	}

cmd/tkey-verification/servesigner.go

@@ -22,7 +22,7 @@ type Verification struct {
 	Signature string `json:"signature"`
 }
 
-func serveSigner(conf ServerConfig, devPath string, verbose bool, checkConfigOnly bool) {
+func serveSigner(conf ServerConfig, dev Device, verbose bool, checkConfigOnly bool) {
 	tlsConfig := tls.Config{
 		Certificates: []tls.Certificate{
 			loadCert(conf.ServerCert, conf.ServerKey),
@@ -64,7 +64,7 @@ func serveSigner(conf ServerConfig, devPath string, verbose bool, checkConfigOnl
 		os.Exit(0)
 	}
 
-	tk, err := tkey.NewTKey(devPath, verbose)
+	tk, err := tkey.NewTKey(dev.Path, dev.Speed, verbose)
 	if err != nil {
 		le.Printf("Couldn't connect to TKey: %v\n", err)
 		os.Exit(1)

cmd/tkey-verification/showpubkey.go

@@ -14,8 +14,8 @@ import (
 	"github.com/tillitis/tkey-verification/internal/tkey"
 )
 
-func showPubkey(binPath string, devPath string, verbose bool) {
-	tk, err := tkey.NewTKey(devPath, verbose)
+func showPubkey(binPath string, dev Device, verbose bool) {
+	tk, err := tkey.NewTKey(dev.Path, dev.Speed, verbose)
 	if err != nil {
 		le.Printf("Couldn't connect to TKey: %v\n", err)
 		os.Exit(1)

cmd/tkey-verification/verify.go

@@ -20,7 +20,7 @@ import (
 
 const verifyInfoURL = "https://www.tillitis.se/verify"
 
-func verify(devPath string, verbose bool, showURLOnly bool, baseDir string, verifyBaseURL string) {
+func verify(dev Device, verbose bool, showURLOnly bool, baseDir string, verifyBaseURL string) {
 	appBins, err := NewAppBins()
 	if err != nil {
 		missing(fmt.Sprintf("no embedded device apps: %v", err))
@@ -39,7 +39,7 @@ func verify(devPath string, verbose bool, showURLOnly bool, baseDir string, veri
 		os.Exit(1)
 	}
 
-	tk, err := tkey.NewTKey(devPath, verbose)
+	tk, err := tkey.NewTKey(dev.Path, dev.Speed, verbose)
 	if err != nil {
 		commFailed(err.Error())
 		os.Exit(1)

doc/tkey-verification.scd

@@ -8,13 +8,15 @@ A program to sign or verify the identity of a Tillitis TKey.
 
 *tkey-verification* -h/--help
 
-*tkey-verification* remote-sign [--port port]
+*tkey-verification* remote-sign [--port port] [--speed speed]
 
-*tkey-verification* serve-signer [--config path] [--check-config] [--port port]
+*tkey-verification* serve-signer [--config path] [--check-config] [--port
+port] [--speed speed]
 
-*tkey-verification* show-pubkey [--port port]
+*tkey-verification* show-pubkey [--port port] [--speed speed]
 
-*tkey-verification* verify [--base-url url] [-d | --base-dir] [--port port] [-u | --show-url]
+*tkey-verification* verify [--base-url url] [-d | --base-dir] [--port
+port] [-u | --show-url] [--speed speed]
 
 # DESCRIPTION
 
@@ -41,6 +43,10 @@ The commands are as follows:
 		Path to the TKey device port. If not given, autodetection will be
 		attempted.
 
+	*--speed* speed
+
+		Speed in bit/s of the TKey device port.
+
 *serve-signer*
 
 	Provide a signing server with its own TKey, the vendor key.
@@ -63,6 +69,10 @@ The commands are as follows:
 		Path to the TKey device port. If not given, autodetection will be
 		attempted.
 
+	*--speed* speed
+
+		Speed in bit/s of the TKey device port.
+
 *show-pubkey*
 
 	Output public key data to populate "vendor-signing-pubkeys.txt"
@@ -86,6 +96,10 @@ The commands are as follows:
 		Path to the TKey device port. If not given, autodetection will be
 		attempted.
 
+	*--speed* speed
+
+		Speed in bit/s of the TKey device port.
+
 *verify*
 
 	Verify a TKey identity.
@@ -117,6 +131,10 @@ The commands are as follows:
 		Only output the URL to the verification data that should be
 		downloaded, then exit.
 
+	*--speed* speed
+
+		Speed in bit/s of the TKey device port.
+
 ## Verification on a machine without network
 
 If you're on a machine without network and need to verify a TKey you

internal/tkey/tkey.go

@@ -39,7 +39,7 @@ type TKey struct {
 	verbose bool
 }
 
-func NewTKey(devPath string, verbose bool) (*TKey, error) {
+func NewTKey(devPath string, speed int, verbose bool) (*TKey, error) {
 	if !verbose {
 		tkeyclient.SilenceLogging()
 	}
@@ -64,7 +64,7 @@ func NewTKey(devPath string, verbose bool) (*TKey, error) {
 		le.Printf("Connecting to device on serial port %s ...\n", devPath)
 	}
 
-	if err := tkey.client.Connect(devPath); err != nil {
+	if err := tkey.client.Connect(devPath, tkeyclient.WithSpeed(speed)); err != nil {
 		return nil, ConnError{devPath: devPath, err: err}
 	}