From f80f34d89cdb678e53c3ea68e4c42adfa0268568 Mon Sep 17 00:00:00 2001
From: Gibheer <gibheer@gmail.com>
Date: Thu, 19 Feb 2015 20:50:06 +0100
Subject: [PATCH] add message signing again

This adds again the possibility to sign messages through the API.
---
 flags.go | 21 +++++++++++++++++++++
 main.go  | 55 ++++++++++++++++++++++++++++++++++---------------------
 2 files changed, 55 insertions(+), 21 deletions(-)

diff --git a/flags.go b/flags.go
index 6c0a76d..9af8371 100644
--- a/flags.go
+++ b/flags.go
@@ -41,6 +41,7 @@ type (
   // a container go gather all incoming flags for further processing
   paramContainer struct {
     outputPath       string // path to output whatever is generated
+    inputPath        string // path to an input resource
     cryptType        string // type of something (private key)
     length           int    // the length of something (private key)
     privateKeyPath   string // path to the private key
@@ -53,6 +54,7 @@ type (
   flagSet struct {
     PrivateKey pki.PrivateKey
     Output     io.WriteCloser
+    Input      io.ReadCloser
 
     // private key specific stuff
     PrivateKeyGenerationFlags privateKeyGenerationFlags
@@ -124,6 +126,7 @@ func (f *Flags) AddPrivateKey() {
 
 // check the private key flag and load the private key
 func (f *Flags) parsePrivateKey() error {
+  if f.flag_container.privateKeyPath == "" { return fmt.Errorf("No private key given!") }
   // check permissions of private key file
   info, err := os.Stat(f.flag_container.privateKeyPath)
   if err != nil { return fmt.Errorf("Error reading private key: %s", err) }
@@ -159,6 +162,24 @@ func (f *Flags) parseOutput() error {
   return nil
 }
 
+// add the input parameter to load resources from
+func (f *Flags) AddInput() {
+  f.check_list = append(f.check_list, f.parseInput)
+  f.flagset.StringVar(&f.flag_container.inputPath, "input", "STDIN", "path to the input or STDIN")
+}
+
+// parse the input parameter and open the file handle
+func (f *Flags) parseInput() error {
+  if f.flag_container.inputPath == "STDIN" {
+    f.Flags.Input = os.Stdin
+    return nil
+  }
+  var err error
+  f.Flags.Input, err = os.Open(f.flag_container.inputPath)
+  if err != nil { return err }
+  return nil
+}
+
 // This function adds the private key generation flags.
 func (f *Flags) AddPrivateKeyGenerationFlags() {
   f.check_list = append(f.check_list, f.parsePrivateKeyGenerationFlags)
diff --git a/main.go b/main.go
index f5971eb..d7e152c 100644
--- a/main.go
+++ b/main.go
@@ -1,7 +1,11 @@
 package main
 
 import (
+  "crypto"
+  "encoding/base64"
   "fmt"
+  "io"
+  "io/ioutil"
   "os"
   "path/filepath"
 
@@ -12,19 +16,6 @@ var (
   EmptyByteArray = make([]byte, 0)
 )
 
-//const (
-//  RsaLowerLength = 2048
-//  RsaUpperLength = 4096
-//  TypeLabelRSA   = "RSA PRIVATE KEY"
-//  TypeLabelECDSA = "EC PRIVATE KEY"
-//  TypeLabelCSR   = "CERTIFICATE REQUEST"
-//  TypeLabelPubKey = "PUBLIC KEY"
-//)
-//
-//var (
-//  EcdsaLength = []int{224, 256, 384, 521}
-//)
-//
 func main() {
   if len(os.Args) == 1 {
     crash_with_help(1, "No module selected!")
@@ -32,12 +23,12 @@ func main() {
   switch os.Args[1] {
   case "create-private":   create_private_key()
   case "create-public":    create_public_key()
-  case "help":             print_modules()
-//  case "info":             info_on_file()
-//  case "sign-input":       sign_input()
+  case "sign-input":       sign_input()
 //  case "verify-signature": verify_signature()
 //  case "create-cert-sign": create_sign_request()
 //  case "sign-request":     sign_request()
+  case "help":             print_modules()
+//  case "info":             info_on_file()
   default: crash_with_help(1, "Command not supported!")
   }
 }
@@ -78,24 +69,46 @@ func create_public_key() {
   if err != nil { os.Exit(2) }
 }
 
+func sign_input() {
+  fs := NewFlags("sign-input")
+  fs.AddPrivateKey()
+  fs.AddOutput()
+  fs.AddInput()
+  err := fs.Parse(program_args())
+  if err != nil { os.Exit(2) }
+
+  message, err := ioutil.ReadAll(fs.Flags.Input)
+  if err != nil { crash_with_help(2, "Error reading input: %s", err) }
+  signature, err := fs.Flags.PrivateKey.Sign(message, crypto.SHA256)
+  if err != nil { crash_with_help(2, "Could not compute signature: %s", err) }
+  _, err = io.WriteString(fs.Flags.Output, base64.StdEncoding.EncodeToString(signature))
+  if err != nil { crash_with_help(2, "Could not write to output: %s", err) }
+
+  // if we print to stderr, send a final line break to make the output nice
+  if fs.Flags.Output == os.Stdout {
+    // we can ignore the result, as either Stdout did work or not
+    _, _ = io.WriteString(fs.Flags.Output, "\n")
+  }
+}
+
 // print the module help
 func print_modules() {
   fmt.Printf(`Usage: %s command args
 where 'command' is one of:
     create-private    create a new private key
     create-public     create a public key from a private one
-    create-cert-sign  create a new certificate sign request
-    help              show this help
-    info              get info on a file
-    sign-request      sign a certificate request
     sign-input        sign a message with a private key
     verify-signature  verify a signature
+    create-cert-sign  create a new certificate sign request
+    sign-request      sign a certificate request
+    help              show this help
+    info              get info on a file
 `, filepath.Base(os.Args[0]))
   fmt.Println()
 }
 
 // crash and provide a helpful message
-func crash_with_help(code int, message string) {
+func crash_with_help(code int, message string, args ...interface{}) {
   fmt.Fprintln(os.Stderr, message)
   print_modules()
   os.Exit(code)