package main import ( "errors" "flag" "io/ioutil" "dim13.org/signify/ask" "dim13.org/signify/file" "dim13.org/signify/key" ) // Usage: signify -S [-ez] [-x sigfile] -s seckey -m message func sign(args []string) error { opts := flag.NewFlagSet("sign", flag.ExitOnError) var ( embedded = opts.Bool("e", false, "Embed the message") zip = opts.Bool("z", false, "Sign gzip archive") // TODO sigFile = opts.String("x", "", "Signature file") encFile = opts.String("s", "", "Secret file (required)") msgFile = opts.String("m", "", "Message file (required)") ) opts.Parse(args) if *embedded && *zip { return errors.New("can't combine -e and -z options") } if *encFile == "" || *msgFile == "" { opts.Usage() return nil } if *sigFile == "" { *sigFile = file.SigName(*msgFile) } _ = zip // TODO encKey, err := OpenEnc(*encFile) if err != nil { return err } body, err := ioutil.ReadFile(*msgFile) if err != nil { return err } sig := encKey.Sign(body) raw, err := key.Marshal(sig) if err != nil { return err } block := &file.Block{ Comment: file.VerifyWith(*encFile), Bytes: raw, } if *embedded { block.Message = body } if err := file.EncodeFile(*sigFile, file.SigMode, block); err != nil { return err } return nil } func OpenEnc(fname string) (*key.Enc, error) { block, err := file.DecodeFile(fname) if err != nil { return nil, err } encKey := new(key.Enc) if err := key.Unmarshal(block.Bytes, encKey); err != nil { return nil, err } if err := Kdf(encKey, ask.Password); err != nil { return nil, err } if err := encKey.Check(); err != nil { return nil, err } return encKey, nil }