aboutsummaryrefslogtreecommitdiff
path: root/main.go
diff options
context:
space:
mode:
authorDimitri Sokolyuk <demon@dim13.org>2017-04-19 16:21:26 +0200
committerDimitri Sokolyuk <demon@dim13.org>2017-04-19 16:21:26 +0200
commit619afaba8db996ba61d90c69ed2261b5ab910473 (patch)
tree5b9572e9990798471173b4089f2c2b5f596a722a /main.go
parent056c22dd5f2898c1be71f1501874a08e2ec8c922 (diff)
Pkg
Diffstat (limited to 'main.go')
-rw-r--r--main.go203
1 files changed, 0 insertions, 203 deletions
diff --git a/main.go b/main.go
deleted file mode 100644
index 2e0adc1..0000000
--- a/main.go
+++ /dev/null
@@ -1,203 +0,0 @@
-package main
-
-import (
- "flag"
- "fmt"
- "io/ioutil"
- "log"
- "path"
-)
-
-/*
- signify -C [-q] -p pubkey -x sigfile [file ...]
- signify -G [-n] [-c comment] -p pubkey -s seckey
- signify -S [-ez] [-x sigfile] -s seckey -m message
- signify -V [-eqz] [-p pubkey] [-t keytype] [-x sigfile] -m message
-*/
-
-const safePath = "/etc/signify"
-
-var (
- checksum = flag.Bool("C", false, "Verify a signed checksum list")
- generate = flag.Bool("G", false, "Generate a new key pair")
- sign = flag.Bool("S", false, "Sign the specfied message")
- verify = flag.Bool("V", false, "Verify the message")
- comment = flag.String("c", "signify", "Comment")
- embed = flag.Bool("e", false, "Embed the message")
- msg = flag.String("m", "", "Message file")
- nopass = flag.Bool("n", false, "No key passphrase")
- pub = flag.String("p", "", "Public key file")
- quiet = flag.Bool("q", false, "Quiet mode")
- sec = flag.String("s", "", "Secret key file")
- sig = flag.String("x", "", "Signature file")
- gzip = flag.Bool("z", false, "Sign and verify gzip archives")
-)
-
-func main() {
- flag.Parse()
-
- switch {
- case *generate:
- rounds := DefaultRounds
- if *nopass {
- rounds = 0
- }
- if err := Generate(*pub, *sec, *comment, rounds); err != nil {
- log.Fatal(err)
- }
- case *sign:
- if err := Sign(*msg, *sec, *embed); err != nil {
- log.Fatal(err)
- }
- case *verify:
- if err := Verify(*msg, *pub); err != nil {
- log.Fatal(err)
- }
- default:
- flag.Usage()
- }
-}
-
-func Generate(pubFile, secFile, comment string, rounds int) error {
- pubKey, encKey, err := NewKey()
- if err != nil {
- return err
- }
-
- if rounds > 0 {
- pass, err := AskPassword(true)
- if err != nil {
- return err
- }
- encKey.Kdf(pass, rounds)
- }
-
- encRaw, err := Marshal(encKey)
- if err != nil {
- return err
- }
-
- sfile := File{
- Comment: fmt.Sprintf("%s secret key", comment),
- RawKey: encRaw,
- }
- if err := sfile.WriteFile(secFile, SecMode); err != nil {
- return err
- }
-
- pubRaw, err := Marshal(pubKey)
- if err != nil {
- return err
- }
- pfile := File{
- Comment: fmt.Sprintf("%s public key", comment),
- RawKey: pubRaw,
- }
- if err := pfile.WriteFile(pubFile, PubMode); err != nil {
- return err
- }
-
- return nil
-}
-
-func OpenSec(fname string) (*EncKey, error) {
- f, err := ParseFile(fname)
- if err != nil {
- return nil, err
- }
- encKey := new(EncKey)
- if err := Unmarshal(f.RawKey, encKey); err != nil {
- return nil, err
- }
- if encKey.KDFRounds > 0 {
- pass, err := AskPassword(false)
- if err != nil {
- return nil, err
- }
- encKey.Kdf(pass, int(encKey.KDFRounds))
- }
- if err := encKey.Check(); err != nil {
- return nil, err
- }
- return encKey, nil
-}
-
-func OpenPub(fname string) (*PubKey, error) {
- f, err := ParseFile(fname)
- if err != nil {
- return nil, err
- }
- pubKey := new(PubKey)
- if err := Unmarshal(f.RawKey, pubKey); err != nil {
- return nil, err
- }
- if err := pubKey.Check(); err != nil {
- return nil, err
- }
- return pubKey, nil
-}
-
-func OpenSig(fname string) (*Sig, []byte, error) {
- f, err := ParseFile(fname + ".sig")
- if err != nil {
- return nil, nil, err
- }
- sig := new(Sig)
- if err := Unmarshal(f.RawKey, sig); err != nil {
- return nil, nil, err
- }
- if err := sig.Check(); err != nil {
- return nil, nil, err
- }
- if f.Embedded() {
- return sig, f.Message, nil
- }
- msg, err := ioutil.ReadFile(fname)
- if err != nil {
- return nil, nil, err
- }
- return sig, msg, nil
-}
-
-func Sign(msgFile, secFile string, embed bool) error {
- encKey, err := OpenSec(secFile)
- if err != nil {
- return err
- }
- body, err := ioutil.ReadFile(msgFile)
- if err != nil {
- return err
- }
- sig := encKey.Sign(body)
- sigRaw, err := Marshal(sig)
- if err != nil {
- return err
- }
- sigfile := File{
- Comment: fmt.Sprintf("verify with %s", path.Base(secFile)), // TODO replace .sec with .pub
- RawKey: sigRaw,
- }
- if embed {
- sigfile.Message = body
- }
- if err := sigfile.WriteFile(msgFile+".sig", PubMode); err != nil {
- return err
- }
- return nil
-}
-
-func Verify(msgFile, pubFile string) error {
- pubKey, err := OpenPub(pubFile)
- if err != nil {
- return err
- }
- sig, body, err := OpenSig(msgFile)
- if err != nil {
- return err
- }
- if err := pubKey.Verify(body, sig); err != nil {
- return err
- }
- log.Println("Signature Verfied")
- return nil
-}