Dev/robin/9209 azkeys and cose to log chatty

azkeys/coseSigner.go

@@ -17,7 +17,6 @@ import (
 	"time"
 
 	"github.com/Azure/azure-sdk-for-go/services/keyvault/2016-10-01/keyvault"
-	"github.com/datatrails/go-datatrails-common/logger"
 	"github.com/veraison/go-cose"
 )
 
@@ -62,7 +61,6 @@ func base64BEtoBigInt(in string) (*big.Int, error) {
 
 // PublicKey gets the latest key's public key
 func (kv *CoseSignerKeyVault) PublicKey() (*ecdsa.PublicKey, error) {
-	logger.Sugar.Infof("PublicKey: %s %s", kv.url, kv.keyName)
 	ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
 	defer cancel()
 
@@ -97,7 +95,6 @@ func (kv *CoseSignerKeyVault) PublicKey() (*ecdsa.PublicKey, error) {
 // Sign signs a given content
 func (kv *CoseSignerKeyVault) Sign(rand io.Reader, content []byte) ([]byte, error) {
 
-	logger.Sugar.Infof("Sign: %s %s", kv.url, kv.keyName)
 	ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
 	defer cancel()
 

azkeys/keyvault.go

@@ -40,11 +40,6 @@ func (kv *KeyVault) GetKeyByKID(
 	ctx context.Context, keyID string,
 ) (keyvault.KeyBundle, error) {
 
-	log := logger.Sugar.FromContext(ctx)
-	defer log.Close()
-
-	log.Infof("GetKeyByKID: %s %s", kv.url, keyID)
-
 	kvClient, err := NewKvClient(kv.Authorizer)
 	if err != nil {
 		return keyvault.KeyBundle{}, err
@@ -67,11 +62,6 @@ func (kv *KeyVault) GetLatestKey(
 	ctx context.Context, keyName string,
 ) (keyvault.KeyBundle, error) {
 
-	log := logger.Sugar.FromContext(ctx)
-	defer log.Close()
-
-	log.Infof("GetLatestKey: %s %s", kv.url, keyName)
-
 	kvClient, err := NewKvClient(kv.Authorizer)
 	if err != nil {
 		return keyvault.KeyBundle{}, err
@@ -95,8 +85,6 @@ func (kv *KeyVault) GetKeyVersionsKeys(
 	log := logger.Sugar.FromContext(ctx)
 	defer log.Close()
 
-	log.Infof("GetKeyVersions: %s %s", kv.url, keyID)
-
 	kvClient, err := NewKvClient(kv.Authorizer)
 	if err != nil {
 		return []keyvault.KeyBundle{}, err
@@ -140,11 +128,6 @@ func (kv *KeyVault) GetKeyVersionsKeys(
 // getKeysFromVersions gets the keys from the given key versions
 func (kv *KeyVault) getKeysFromVersions(ctx context.Context, keyVersions []keyvault.KeyItem) ([]keyvault.KeyBundle, error) {
 
-	log := logger.Sugar.FromContext(ctx)
-	defer log.Close()
-
-	log.Infof("getKeysFromVersions")
-
 	keys := []keyvault.KeyBundle{}
 
 	for _, keyVersionValue := range keyVersions {
@@ -194,20 +177,13 @@ func (kv *KeyVault) Sign(
 	algorithm keyvault.JSONWebKeySignatureAlgorithm,
 ) ([]byte, error) {
 
-	log := logger.Sugar.FromContext(ctx)
-	defer log.Close()
-
-	log.Infof("Sign: %s %s", kv.url, keyID)
-
 	kvClient, err := NewKvClient(kv.Authorizer)
 	if err != nil {
 		return []byte{}, fmt.Errorf("failed to create keyvault client: %w", err)
 	}
 
 	payloadStr := base64.URLEncoding.EncodeToString(payload)
 
-	logger.Sugar.Infof("Payload Str: %v", payloadStr)
-
 	params := keyvault.KeySignParameters{
 		Algorithm: algorithm,
 		Value:     &payloadStr,
@@ -220,7 +196,6 @@ func (kv *KeyVault) Sign(
 		return []byte{}, fmt.Errorf("failed to sign payload: %w", err)
 	}
 
-	logger.Sugar.Infof("SignatureB64: %v", *signatureb64.Result)
 	signature, err := base64.URLEncoding.DecodeString(*signatureb64.Result)
 
 	return signature, err
@@ -254,11 +229,6 @@ func (kv *KeyVault) HashAndSign(
 	algorithm keyvault.JSONWebKeySignatureAlgorithm,
 ) ([]byte, error) {
 
-	log := logger.Sugar.FromContext(ctx)
-	defer log.Close()
-
-	log.Infof("HashAndSign: %s %s", kv.url, keyID)
-
 	key, err := kv.GetKeyByKID(ctx, keyID)
 	if err != nil {
 		return nil, fmt.Errorf("failed to get key: %w", err)
@@ -287,11 +257,6 @@ func (kv *KeyVault) Verify(
 	algorithm keyvault.JSONWebKeySignatureAlgorithm,
 ) (bool, error) {
 
-	log := logger.Sugar.FromContext(ctx)
-	defer log.Close()
-
-	log.Infof("Verify: %s %s", kv.url, keyID)
-
 	kvClient, err := NewKvClient(kv.Authorizer)
 	if err != nil {
 		return false, fmt.Errorf("failed to create keyvault client: %w", err)

azkeys/secretvault.go

@@ -57,11 +57,11 @@ func getWithDefault(key string) string {
 
 func EnvironmentAuthorizer() (autorest.Authorizer, error) {
 
-	logger.Sugar.Infof("Using env authorizer for keyvault")
-	logger.Sugar.Infof("AZURE_TENANT_ID: %s", getWithDefault("AZURE_TENANT_ID"))
-	logger.Sugar.Infof("AZURE_CLIENT_ID: %s", getWithDefault("AZURE_CLIENT_ID"))
+	logger.Sugar.Debugf("Using env authorizer for keyvault")
+	logger.Sugar.Debugf("AZURE_TENANT_ID: %s", getWithDefault("AZURE_TENANT_ID"))
+	logger.Sugar.Debugf("AZURE_CLIENT_ID: %s", getWithDefault("AZURE_CLIENT_ID"))
 	// We do not use the env auhtorizer in production
-	logger.Sugar.Infof("AZURE_CLIENT_SECRET: %s", getWithDefault("AZURE_CLIENT_SECRET"))
+	logger.Sugar.Debugf("AZURE_CLIENT_SECRET: %s", getWithDefault("AZURE_CLIENT_SECRET"))
 
 	return auth.NewAuthorizerFromEnvironment()
 }

cose/cose.go

@@ -196,28 +196,30 @@ func (cs *CoseSign1Message) CWTClaimsFromProtectedHeader() (*CWTClaims, error) {
 		return nil, &ErrUnexpectedProtectedHeaderType{label: HeaderLabelCWTClaims, expectedType: "map[interface{}]interface{}", actualType: reflect.TypeOf(cwtClaimsMap).String()}
 	}
 
-	logger.Sugar.Infof("CWT Claims: %v", cwtClaimsMap)
-
 	issuer, ok := cwtClaimsMap[int64(cwt.KeyIss)]
 	if !ok {
+		logger.Sugar.Infof("CWT Claims: %v", cwtClaimsMap)
 		logger.Sugar.Infof("CWTClaimsFromProtectedHeader: failed to get issuer from cwt claims: %v", err)
 		return nil, ErrCWTClaimsNoIssuer
 	}
 
 	issuerStr, ok := issuer.(string)
 	if !ok {
+		logger.Sugar.Infof("CWT Claims: %v", cwtClaimsMap)
 		logger.Sugar.Infof("CWTClaimsFromProtectedHeader: issuer is not string: %v", err)
 		return nil, ErrCWTClaimsIssuerNotString
 	}
 
 	subject, ok := cwtClaimsMap[int64(cwt.KeySub)]
 	if !ok {
+		logger.Sugar.Infof("CWT Claims: %v", cwtClaimsMap)
 		logger.Sugar.Infof("CWTClaimsFromProtectedHeader: failed to get subject from cwt claims: %v", err)
 		return nil, ErrCWTClaimsNoSubject
 	}
 
 	subjectStr, ok := subject.(string)
 	if !ok {
+		logger.Sugar.Infof("CWT Claims: %v", cwtClaimsMap)
 		logger.Sugar.Infof("CWTClaimsFromProtectedHeader: subject is not string: %v", err)
 		return nil, ErrCWTClaimsSubjectNotString
 	}
@@ -296,17 +298,18 @@ func (cs *CoseSign1Message) VerifyWithProvider(
 	if err != nil {
 		return err
 	}
-	logger.Sugar.Infof("verify: publicKey: %v, algorithm: %v", publicKey, algorithm)
 
 	verifier, err := cose.NewVerifier(algorithm, publicKey)
 	if err != nil {
+		logger.Sugar.Infof("verify: publicKey: %v, algorithm: %v", publicKey, algorithm)
 		logger.Sugar.Infof("verify: failed to make verifier from public key: %v", err)
 		return err
 	}
 
 	// verify the message
 	err = cs.Verify(external, verifier)
 	if err != nil {
+		logger.Sugar.Infof("verify: publicKey: %v, algorithm: %v", publicKey, algorithm)
 		logger.Sugar.Infof("verify: failed to verify message: %v", err)
 		return err
 	}

cose/ec_key.go

@@ -77,8 +77,6 @@ func NewECCoseKey(coseKey map[int64]interface{}) (*ECCoseKey, error) {
 //	ECCoseKey
 func (ecck *ECCoseKey) PublicKey() (crypto.PublicKey, error) {
 
-	logger.Sugar.Info("PublicKey: %v", ecck)
-
 	publicKey := ecdsa.PublicKey{}
 
 	// first find the curve