Beispiel #1
0
// TODO: check for different levels of permissions
func (self httpModUI) CheckKey(privkey string) (bool, error) {
	privkey_bytes, err := hex.DecodeString(privkey)
	if err == nil {
		kp := nacl.LoadSignKey(privkey_bytes)
		if kp != nil {
			defer kp.Free()
			pubkey := hex.EncodeToString(kp.Public())
			if self.database.CheckModPubkeyGlobal(pubkey) {
				// this user is an admin
				return true, nil
			} else {
				return false, nil
			}
		}
	}
	log.Println("invalid key format for key", privkey)
	return false, err
}
Beispiel #2
0
// sign an article with a seed
func signArticle(nntp NNTPMessage, seed []byte) (signed nntpArticle, err error) {
	signed.headers = make(ArticleHeaders)
	h := nntp.Headers()
	// copy headers
	// copy into signed part
	for k := range h {
		if k == "Content-Type" {
			signed.headers.Set(k, "message/rfc822; charset=UTF-8")
		} else {
			v := h[k][0]
			signed.headers.Set(k, v)
		}
	}
	signbuff := new(bytes.Buffer)
	// write body to sign buffer
	err = nntp.WriteTo(signbuff, "\r\n")
	if err == nil {
		// build keypair
		kp := nacl.LoadSignKey(seed)
		if kp == nil {
			log.Println("failed to load seed for signing article")
			return
		}
		defer kp.Free()
		sk := kp.Secret()
		pk := getSignPubkey(sk)
		// sign it nigguh
		data := signbuff.Bytes()
		sig := cryptoSign(data, sk)
		// log that we signed it
		log.Printf("signed %s pubkey=%s sig=%s", nntp.MessageID(), pk, sig)
		signed.headers.Set("X-Signature-Ed25519-SHA512", sig)
		signed.headers.Set("X-PubKey-Ed25519", pk)
	}
	// copy sign buffer into signed part
	_, err = io.Copy(&signed.signedPart.body, signbuff)
	// add this so the writer writes the entire post
	signed.signedPart.body.Write([]byte{13, 10})
	return
}