// TODO: check for different levels of permissions func (self httpModUI) CheckKey(privkey string) (bool, error) { privkey_bytes, err := hex.DecodeString(privkey) if err == nil { kp := nacl.LoadSignKey(privkey_bytes) if kp != nil { defer kp.Free() pubkey := hex.EncodeToString(kp.Public()) if self.database.CheckModPubkeyGlobal(pubkey) { // this user is an admin return true, nil } else { return false, nil } } } log.Println("invalid key format for key", privkey) return false, err }
// sign an article with a seed func signArticle(nntp NNTPMessage, seed []byte) (signed nntpArticle, err error) { signed.headers = make(ArticleHeaders) h := nntp.Headers() // copy headers // copy into signed part for k := range h { if k == "Content-Type" { signed.headers.Set(k, "message/rfc822; charset=UTF-8") } else { v := h[k][0] signed.headers.Set(k, v) } } signbuff := new(bytes.Buffer) // write body to sign buffer err = nntp.WriteTo(signbuff, "\r\n") if err == nil { // build keypair kp := nacl.LoadSignKey(seed) if kp == nil { log.Println("failed to load seed for signing article") return } defer kp.Free() sk := kp.Secret() pk := getSignPubkey(sk) // sign it nigguh data := signbuff.Bytes() sig := cryptoSign(data, sk) // log that we signed it log.Printf("signed %s pubkey=%s sig=%s", nntp.MessageID(), pk, sig) signed.headers.Set("X-Signature-Ed25519-SHA512", sig) signed.headers.Set("X-PubKey-Ed25519", pk) } // copy sign buffer into signed part _, err = io.Copy(&signed.signedPart.body, signbuff) // add this so the writer writes the entire post signed.signedPart.body.Write([]byte{13, 10}) return }