1 files changed, 35 insertions, 3 deletions

diff --git a/sign_input.go b/sign_input.go
index 6a264dc..c1ab9e0 100644
--- a/sign_input.go
+++ b/sign_input.go
@@ -4,10 +4,12 @@ import (
   "crypto"
   "crypto/rand"
   "crypto/sha256"
+  "encoding/base64"
   "errors"
   "flag"
   "fmt"
   "io"
+  "io/ioutil"
   "os"
 //  "crypto/ecdsa"
 //  "crypto/rsa"
@@ -16,16 +18,22 @@ import (
 type (
   SignInputFlags struct {
     Message        string // the message to sign
+    MessageStream  string // the message stream to sign
     PrivateKeyPath string // path to the private key
     Output         string // a path or stream to output the private key to
+    Format         string // the format of the output
 
     private_key crypto.Signer
     output_stream io.Writer // the output stream for the CSR
+    input_stream  io.Reader // the input stream to read the message from
   }
 )
 
 func sign_input() {
   flags := parse_sign_input_flags()
+  if flags.Message != "" && flags.MessageStream != "" {
+    crash_with_help(2, "Only message or message file can be signed!")
+  }
   flags.private_key = load_private_key(flags.PrivateKeyPath)
 
   output_stream, err := open_output_stream(flags.Output)
@@ -35,6 +43,15 @@ func sign_input() {
   flags.output_stream = output_stream
   defer output_stream.Close()
 
+  if flags.MessageStream != "" {
+    input_stream, err := open_input_stream(flags.MessageStream)
+    if err != nil {
+      crash_with_help(2, fmt.Sprintf("Error when opening stream %s: %s", flags.MessageStream, err))
+    }
+    flags.input_stream = input_stream
+    defer input_stream.Close()
+  }
+
   if err := create_signature(flags); err != nil {
     fmt.Fprintln(os.Stderr, "Error when creating signature", err)
     os.Exit(3)
@@ -45,15 +62,25 @@ func parse_sign_input_flags() SignInputFlags {
   flags := SignInputFlags{}
   fs := flag.NewFlagSet("sign-input", flag.ExitOnError)
   fs.StringVar(&flags.PrivateKeyPath, "private-key", "", "path to the private key file")
-  fs.StringVar(&flags.Output, "output", "STDOUT", "path where the generated signature should be stored")
+  fs.StringVar(&flags.Output, "output", "STDOUT", "path where the generated signature should be stored (STDOUT, STDERR, file)")
   fs.StringVar(&flags.Message, "message", "", "the message to sign")
+  fs.StringVar(&flags.MessageStream, "message-stream", "STDIN", "the path to the stream to sign (file, STDIN)")
+  fs.StringVar(&flags.Format, "format", "base64", "the output format (binary, base64)")
   fs.Parse(os.Args[2:])
 
   return flags
 }
 
 func create_signature(flags SignInputFlags) error {
-  message := []byte(flags.Message)
+  var message []byte
+  var err error
+
+  if flags.MessageStream != "" {
+    message, err = ioutil.ReadAll(flags.input_stream)
+    if err != nil { return err }
+  } else {
+    message = []byte(flags.Message)
+  }
   // compute sha256 of the message
   hash := sha256.New()
   length, _ := hash.Write(message)
@@ -66,6 +93,11 @@ func create_signature(flags SignInputFlags) error {
     nil,
   )
   if err != nil { return err }
-  flags.output_stream.Write(signature)
+  if flags.Format == "base64" {
+    flags.output_stream.Write([]byte(base64.StdEncoding.EncodeToString(signature)))
+  } else {
+    flags.output_stream.Write(signature)
+  }
+  flags.output_stream.Write([]byte("\n"))
   return nil
 }