Beispiel #1
0
// TODO: check for different levels of permissions
func (self httpModUI) CheckKey(privkey string) (bool, error) {
	privkey_bytes, err := hex.DecodeString(privkey)
	if err == nil {
		kp := nacl.LoadSignKey(privkey_bytes)
		if kp != nil {
			defer kp.Free()
			pubkey := hex.EncodeToString(kp.Public())
			if self.daemon.database.CheckModPubkeyGlobal(pubkey) {
				// this user is an admin
				return true, nil
			} else {
				return false, nil
			}
		}
	}
	log.Println("invalid key format for key", privkey)
	return false, err
}
Beispiel #2
0
// sign an article with a seed
func signArticle(nntp NNTPMessage, seed []byte) (signed *nntpArticle, err error) {
	signed = new(nntpArticle)
	signed.headers = make(ArticleHeaders)
	h := nntp.Headers()
	// copy headers
	// copy into signed part
	for k := range h {
		if k == "X-PubKey-Ed25519" || k == "X-Signature-Ed25519-SHA512" {
			// don't set signature or pubkey header
		} else if k == "Content-Type" {
			signed.headers.Set(k, "message/rfc822; charset=UTF-8")
		} else {
			v := h[k][0]
			signed.headers.Set(k, v)
		}
	}
	sha := sha512.New()
	signed.signedPart = &nntpAttachment{}
	// write body to sign buffer
	mw := io.MultiWriter(sha, signed.signedPart)
	err = nntp.WriteTo(mw)
	mw.Write([]byte{10})
	if err == nil {
		// build keypair
		kp := nacl.LoadSignKey(seed)
		if kp == nil {
			log.Println("failed to load seed for signing article")
			return
		}
		defer kp.Free()
		sk := kp.Secret()
		pk := getSignPubkey(sk)
		// sign it nigguh
		digest := sha.Sum(nil)
		sig := cryptoSign(digest, sk)
		// log that we signed it
		log.Printf("signed %s pubkey=%s sig=%s hash=%s", nntp.MessageID(), pk, sig, hexify(digest))
		signed.headers.Set("X-Signature-Ed25519-SHA512", sig)
		signed.headers.Set("X-PubKey-Ed25519", pk)
	}
	return
}