1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
|
package main
import (
"crypto"
"encoding/base64"
"fmt"
"io"
"io/ioutil"
"os"
"path/filepath"
"github.com/gibheer/pki"
)
var (
EmptyByteArray = make([]byte, 0)
)
func main() {
if len(os.Args) == 1 {
crash_with_help(1, "No module selected!")
}
switch os.Args[1] {
case "create-private": create_private_key()
case "create-public": create_public_key()
case "sign-input": sign_input()
case "verify-signature": verify_input()
// case "create-cert-sign": create_sign_request()
// case "sign-request": sign_request()
case "help": print_modules()
// case "info": info_on_file()
default: crash_with_help(1, "Command not supported!")
}
}
// create a private key
func create_private_key() {
fs := NewFlags("create-private")
fs.AddOutput()
fs.AddPrivateKeyGenerationFlags()
err := fs.Parse(program_args())
if err != nil { os.Exit(2) }
var pk pki.Pemmer
switch fs.Flags.PrivateKeyGenerationFlags.Type {
case "ecdsa": pk, err = pki.NewPrivateKeyEcdsa(fs.Flags.PrivateKeyGenerationFlags.Curve)
case "rsa": pk, err = pki.NewPrivateKeyRsa(fs.Flags.PrivateKeyGenerationFlags.Size)
}
if err != nil { os.Exit(2) }
marsh_pem, err := pk.MarshalPem()
if err != nil { os.Exit(2) }
_, err = marsh_pem.WriteTo(fs.Flags.Output)
if err != nil { os.Exit(2) }
}
// create a public key derived from a private key
func create_public_key() {
fs := NewFlags("create-public")
fs.AddPrivateKey()
fs.AddOutput()
err := fs.Parse(program_args())
if err != nil { os.Exit(2) }
var pub_key pki.Pemmer
pub_key = fs.Flags.PrivateKey.Public()
marsh_pem, err := pub_key.MarshalPem()
if err != nil { os.Exit(2) }
_, err = marsh_pem.WriteTo(fs.Flags.Output)
if err != nil { os.Exit(2) }
}
// sign a message using he private key
func sign_input() {
fs := NewFlags("sign-input")
fs.AddPrivateKey()
fs.AddInput()
fs.AddOutput()
err := fs.Parse(program_args())
if err != nil { os.Exit(2) }
message, err := ioutil.ReadAll(fs.Flags.Input)
if err != nil { crash_with_help(2, "Error reading input: %s", err) }
signature, err := fs.Flags.PrivateKey.Sign(message, crypto.SHA256)
if err != nil { crash_with_help(2, "Could not compute signature: %s", err) }
_, err = io.WriteString(fs.Flags.Output, base64.StdEncoding.EncodeToString(signature))
if err != nil { crash_with_help(2, "Could not write to output: %s", err) }
// if we print to stderr, send a final line break to make the output nice
if fs.Flags.Output == os.Stdout {
// we can ignore the result, as either Stdout did work or not
_, _ = io.WriteString(fs.Flags.Output, "\n")
}
}
// verify a message using a signature and a public key
func verify_input() {
fs := NewFlags("sign-input")
fs.AddPublicKey()
fs.AddInput()
fs.AddOutput()
fs.AddSignature()
err := fs.Parse(program_args())
if err != nil { os.Exit(2) }
signature := fs.Flags.Signature
message, err := ioutil.ReadAll(fs.Flags.Input)
if err != nil { crash_with_help(2, "Error reading input: %s", err) }
valid, err := fs.Flags.PublicKey.Verify(message, signature, crypto.SHA256)
if err != nil { crash_with_help(2, "Could not verify message with signature: %s", err) }
if valid {
fmt.Println("valid")
os.Exit(0)
}
fmt.Println("invalid")
os.Exit(1)
}
// print the module help
func print_modules() {
fmt.Printf(`Usage: %s command args
where 'command' is one of:
create-private create a new private key
create-public create a public key from a private one
sign-input sign a message with a private key
verify-signature verify a signature
create-cert-sign create a new certificate sign request
sign-request sign a certificate request
help show this help
info get info on a file
`, filepath.Base(os.Args[0]))
fmt.Println()
}
// crash and provide a helpful message
func crash_with_help(code int, message string, args ...interface{}) {
fmt.Fprintf(os.Stderr, message + "\n", args...)
print_modules()
os.Exit(code)
}
// return the arguments to the program
func program_args() []string {
return os.Args[2:]
}
|
