package main import ( "flag" "fmt" "io/ioutil" "os" "dim13.org/signify/ask" "dim13.org/signify/file" "dim13.org/signify/key" ) // Usage: signify -S [-ez] [-x sigfile] -s seckey -m message func sign() error { args := flag.NewFlagSet("sign", flag.ExitOnError) var ( embedded = args.Bool("e", false, "Embed the message") zip = args.Bool("z", false, "Sign gzip archive") sigFile = args.String("x", "", "Signature file") encFile = args.String("s", "", "Secret file (required)") msgFile = args.String("m", "", "Message file (required)") ) args.Parse(os.Args[2:]) if *embedded && *zip { return ErrEZ } if *encFile == "" || *msgFile == "" { args.Usage() return nil } _, _ = zip, sigFile encKey, err := OpenEnc(*encFile) if err != nil { return err } body, err := ioutil.ReadFile(*msgFile) if err != nil { return err } sig := encKey.Sign(body) sigRaw, err := key.Marshal(sig) if err != nil { return err } block := &file.Block{ Comment: fmt.Sprintf("verify with %s", file.PubName(*encFile)), Bytes: sigRaw, } if *embedded { block.Message = body } if err := file.EncodeFile(*msgFile+".sig", file.SigMode, block); err != nil { return err } return nil } func OpenEnc(fname string) (*key.Enc, error) { block, err := file.DecodeFile(fname) if err != nil { return nil, err } encKey := new(key.Enc) if err := key.Unmarshal(block.Bytes, encKey); err != nil { return nil, err } if err := Kdf(encKey, ask.Password); err != nil { return nil, err } if err := encKey.Check(); err != nil { return nil, err } return encKey, nil }