aboutsummaryrefslogtreecommitdiff
path: root/generate.go
diff options
context:
space:
mode:
Diffstat (limited to 'generate.go')
-rw-r--r--generate.go87
1 files changed, 87 insertions, 0 deletions
diff --git a/generate.go b/generate.go
new file mode 100644
index 0000000..4f63667
--- /dev/null
+++ b/generate.go
@@ -0,0 +1,87 @@
+package main
+
+import (
+ "flag"
+ "fmt"
+ "os"
+
+ "dim13.org/signify/ask"
+ "dim13.org/signify/bhash"
+ "dim13.org/signify/file"
+ "dim13.org/signify/key"
+)
+
+// Usage: signify -G [-n] [-c comment] -p pubkey -s seckey
+
+func Generate() error {
+ args := flag.NewFlagSet("generate", flag.ExitOnError)
+ var (
+ nopass = args.Bool("n", false, "No key passphrase")
+ comment = args.String("c", "signify", "Comment")
+ pubFile = args.String("p", "", "Public key file (required)")
+ encFile = args.String("s", "", "Secret key file (required)")
+ )
+ args.Parse(os.Args[2:])
+ if *pubFile == "" || *encFile == "" {
+ args.Usage()
+ return nil
+ }
+
+ if err := file.Names(*pubFile, *encFile); err != nil {
+ return err
+ }
+
+ pubKey, encKey, err := key.NewKey()
+ if err != nil {
+ return err
+ }
+
+ if *nopass {
+ encKey.KDFRounds = 0
+ }
+ if err := Kdf(encKey, ask.Confirmed); err != nil {
+ return err
+ }
+
+ encRaw, err := key.Marshal(encKey)
+ if err != nil {
+ return err
+ }
+
+ block := &file.Block{
+ Comment: fmt.Sprintf("%s secret key", *comment),
+ Bytes: encRaw,
+ }
+ if err := file.EncodeFile(*encFile, file.EncMode, block); err != nil {
+ return err
+ }
+
+ pubRaw, err := key.Marshal(pubKey)
+ if err != nil {
+ return err
+ }
+ block = &file.Block{
+ Comment: fmt.Sprintf("%s public key", *comment),
+ Bytes: pubRaw,
+ }
+ if err := file.EncodeFile(*pubFile, file.PubMode, block); err != nil {
+ return err
+ }
+
+ return nil
+}
+
+func Kdf(enc *key.Enc, ask func() (string, error)) error {
+ if enc.KDFRounds == 0 {
+ return nil
+ }
+ pass, err := ask()
+ if err != nil {
+ return err
+ }
+ xor := bhash.Pbkdf([]byte(pass), enc.Salt[:], int(enc.KDFRounds), len(enc.Key))
+ for i := range xor {
+ enc.Key[i] ^= xor[i]
+ }
+ return nil
+}