From c08ed920b54eb022511e13be191c437ccf160df9 Mon Sep 17 00:00:00 2001
From: Emery Hemingway <ehmry@posteo.net>
Date: Fri, 25 Aug 2023 10:14:13 +0100
Subject: [PATCH] Add mintsturdyref

Formally a utility hidden in the syndicate/capabilities module.
---
 README.md              |  4 ++++
 src/mintsturdyref.nim  | 44 ++++++++++++++++++++++++++++++++++++++++++
 syndicate_utils.nimble |  2 +-
 3 files changed, 49 insertions(+), 1 deletion(-)
 create mode 100644 src/mintsturdyref.nim

diff --git a/README.md b/README.md
index 1fadb16..0843034 100644
--- a/README.md
+++ b/README.md
@@ -10,6 +10,10 @@ Utility to communicate with sockets that send and receive lines of JSON using `<
 
 Do not send messages immediately to the dataspace passed `json_socket_translator`, wait until it asserts `<connected @socketPath string>`.
 
+## mintsturdyref
+
+A utility for minting [Sturdyrefs](https://synit.org/book/operation/builtin/gatekeeper.html#sturdyrefs).
+
 ## msg
 
 A utility that sends a message to `$SYNDICATE_SOCK` in the form `<ARGV0 ARG1 … ARGVn>`.
diff --git a/src/mintsturdyref.nim b/src/mintsturdyref.nim
new file mode 100644
index 0000000..e6903f7
--- /dev/null
+++ b/src/mintsturdyref.nim
@@ -0,0 +1,44 @@
+# SPDX-FileCopyrightText: ☭ Emery Hemingway
+# SPDX-License-Identifier: Unlicense
+
+from os import commandLineParams
+import preserves, syndicate/capabilities
+
+const usage = """
+mintsturdyref OID < SECRET_KEY
+
+Mint Sturdyrefs using a sixteen-byte secret key read from stdin using OIDs
+passed as command-line parameters.
+
+Example:
+	mintsturdyref '"syndicate"' < /dev/null
+
+See:
+	https://synit.org/book/operation/builtin/gatekeeper.html#sturdyrefs
+	https://synit.org/book/glossary.html?highlight=oid#oid
+"""
+
+proc main =
+  var oids: seq[Preserve[void]]
+  for p in commandLineParams():
+    case p
+    of "-h", "--help", "?":
+      quit(usage)
+    else:
+      add(oids, parsePreserves p)
+  if oids.len == 0:
+    stderr.writeLine """using the "syndicate" OID"""
+    oids.add(toPreserve "syndicate")
+
+  var key: array[16, byte]
+  case readBytes(stdin, key, 0, 16)
+  of 16: discard
+  of 0: stderr.writeLine "using null key"
+  else: quit "expected sixteen bytes of key from stdin"
+
+  for oid in oids:
+    let sturdy = mint(key, oid)
+    doAssert validate(key, sturdy)
+    stdout.writeLine(sturdy)
+
+main()
diff --git a/syndicate_utils.nimble b/syndicate_utils.nimble
index 92873a2..afe8054 100644
--- a/syndicate_utils.nimble
+++ b/syndicate_utils.nimble
@@ -5,7 +5,7 @@ author        = "Emery Hemingway"
 description   = "Utilites for Syndicated Actors and Synit"
 license       = "unlicense"
 srcDir        = "src"
-bin           = @["json_socket_translator", "json_translator", "msg", "net_mapper", "preserve_process_environment", "syndex_card", "syndump"]
+bin           = @["json_socket_translator", "json_translator", "mintsturdyref", "msg", "net_mapper", "preserve_process_environment", "syndex_card", "syndump"]
 
 
 # Dependencies