2015-08-21 09:22:52 +02:00
|
|
|
// Copyright (C) 2015 The Syncthing Authors.
|
|
|
|
//
|
|
|
|
// This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
// License, v. 2.0. If a copy of the MPL was not distributed with this file,
|
2017-02-09 07:52:18 +01:00
|
|
|
// You can obtain one at https://mozilla.org/MPL/2.0/.
|
2015-08-21 09:22:52 +02:00
|
|
|
|
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
|
|
|
"flag"
|
2016-05-05 19:05:45 +00:00
|
|
|
"io"
|
2015-08-21 09:22:52 +02:00
|
|
|
"io/ioutil"
|
|
|
|
"log"
|
|
|
|
"os"
|
|
|
|
|
|
|
|
"github.com/syncthing/syncthing/lib/signature"
|
2015-08-24 16:24:00 +02:00
|
|
|
"github.com/syncthing/syncthing/lib/upgrade"
|
2015-08-21 09:22:52 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
func main() {
|
|
|
|
log.SetFlags(0)
|
|
|
|
log.SetOutput(os.Stdout)
|
|
|
|
|
|
|
|
flag.Parse()
|
|
|
|
|
|
|
|
if flag.NArg() < 1 {
|
2017-12-10 19:42:08 +01:00
|
|
|
log.Print(`Usage:
|
2015-08-21 09:22:52 +02:00
|
|
|
stsigtool <command>
|
|
|
|
|
|
|
|
Where command is one of:
|
|
|
|
|
|
|
|
gen
|
|
|
|
- generate a new key pair
|
|
|
|
|
2016-05-05 19:05:45 +00:00
|
|
|
sign <privkeyfile> [datafile]
|
2015-08-21 09:22:52 +02:00
|
|
|
- sign a file
|
|
|
|
|
2015-08-24 16:24:00 +02:00
|
|
|
verify <signaturefile> <datafile>
|
|
|
|
- verify a signature, using the built in public key
|
|
|
|
|
|
|
|
verify <signaturefile> <datafile> <pubkeyfile>
|
|
|
|
- verify a signature, using the specified public key file
|
2017-12-10 19:42:08 +01:00
|
|
|
|
2015-08-21 09:22:52 +02:00
|
|
|
`)
|
|
|
|
}
|
|
|
|
|
|
|
|
switch flag.Arg(0) {
|
|
|
|
case "gen":
|
|
|
|
gen()
|
|
|
|
case "sign":
|
|
|
|
sign(flag.Arg(1), flag.Arg(2))
|
|
|
|
case "verify":
|
2015-08-24 16:24:00 +02:00
|
|
|
if flag.NArg() == 4 {
|
|
|
|
verifyWithFile(flag.Arg(1), flag.Arg(2), flag.Arg(3))
|
|
|
|
} else {
|
|
|
|
verifyWithKey(flag.Arg(1), flag.Arg(2), upgrade.SigningKey)
|
|
|
|
}
|
2015-08-21 09:22:52 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func gen() {
|
|
|
|
priv, pub, err := signature.GenerateKeys()
|
|
|
|
if err != nil {
|
|
|
|
log.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
os.Stdout.Write(priv)
|
|
|
|
os.Stdout.Write(pub)
|
|
|
|
}
|
|
|
|
|
|
|
|
func sign(keyname, dataname string) {
|
|
|
|
privkey, err := ioutil.ReadFile(keyname)
|
|
|
|
if err != nil {
|
|
|
|
log.Fatal(err)
|
|
|
|
}
|
|
|
|
|
2016-05-05 19:05:45 +00:00
|
|
|
var input io.Reader
|
|
|
|
if dataname == "-" || dataname == "" {
|
|
|
|
input = os.Stdin
|
|
|
|
} else {
|
|
|
|
fd, err := os.Open(dataname)
|
|
|
|
if err != nil {
|
|
|
|
log.Fatal(err)
|
|
|
|
}
|
|
|
|
defer fd.Close()
|
|
|
|
input = fd
|
2015-08-21 09:22:52 +02:00
|
|
|
}
|
|
|
|
|
2016-05-05 19:05:45 +00:00
|
|
|
sig, err := signature.Sign(privkey, input)
|
2015-08-21 09:22:52 +02:00
|
|
|
if err != nil {
|
|
|
|
log.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
os.Stdout.Write(sig)
|
|
|
|
}
|
|
|
|
|
2015-08-24 16:24:00 +02:00
|
|
|
func verifyWithFile(signame, dataname, keyname string) {
|
2015-08-21 09:22:52 +02:00
|
|
|
pubkey, err := ioutil.ReadFile(keyname)
|
|
|
|
if err != nil {
|
|
|
|
log.Fatal(err)
|
|
|
|
}
|
2015-08-24 16:24:00 +02:00
|
|
|
verifyWithKey(signame, dataname, pubkey)
|
|
|
|
}
|
2015-08-21 09:22:52 +02:00
|
|
|
|
2015-08-24 16:24:00 +02:00
|
|
|
func verifyWithKey(signame, dataname string, pubkey []byte) {
|
2015-08-21 09:22:52 +02:00
|
|
|
sig, err := ioutil.ReadFile(signame)
|
|
|
|
if err != nil {
|
|
|
|
log.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
fd, err := os.Open(dataname)
|
|
|
|
if err != nil {
|
|
|
|
log.Fatal(err)
|
|
|
|
}
|
|
|
|
defer fd.Close()
|
|
|
|
|
|
|
|
err = signature.Verify(pubkey, sig, fd)
|
|
|
|
if err != nil {
|
|
|
|
log.Fatal(err)
|
|
|
|
}
|
2015-08-24 16:24:00 +02:00
|
|
|
|
|
|
|
log.Println("correct signature")
|
2015-08-21 09:22:52 +02:00
|
|
|
}
|