// TODO: check for different levels of permissions
func (self httpModUI) CheckKey(privkey string) (bool, error) {
privkey_bytes, err := hex.DecodeString(privkey)
if err == nil {
kp := nacl.LoadSignKey(privkey_bytes)
if kp != nil {
defer kp.Free()
pubkey := hex.EncodeToString(kp.Public())
if self.database.CheckModPubkeyGlobal(pubkey) {
// this user is an admin
return true, nil
} else {
return false, nil
}
}
}
log.Println("invalid key format for key", privkey)
return false, err
}
// sign an article with a seed
func signArticle(nntp NNTPMessage, seed []byte) (signed nntpArticle, err error) {
signed.headers = make(ArticleHeaders)
h := nntp.Headers()
// copy headers
// copy into signed part
for k := range h {
if k == "Content-Type" {
signed.headers.Set(k, "message/rfc822; charset=UTF-8")
} else {
v := h[k][0]
signed.headers.Set(k, v)
}
}
signbuff := new(bytes.Buffer)
// write body to sign buffer
err = nntp.WriteTo(signbuff, "\r\n")
if err == nil {
// build keypair
kp := nacl.LoadSignKey(seed)
if kp == nil {
log.Println("failed to load seed for signing article")
return
}
defer kp.Free()
sk := kp.Secret()
pk := getSignPubkey(sk)
// sign it nigguh
data := signbuff.Bytes()
sig := cryptoSign(data, sk)
// log that we signed it
log.Printf("signed %s pubkey=%s sig=%s", nntp.MessageID(), pk, sig)
signed.headers.Set("X-Signature-Ed25519-SHA512", sig)
signed.headers.Set("X-PubKey-Ed25519", pk)
}
// copy sign buffer into signed part
_, err = io.Copy(&signed.signedPart.body, signbuff)
// add this so the writer writes the entire post
signed.signedPart.body.Write([]byte{13, 10})
return
}