def keysign_handler(name=None, self=None, basedir=None):
fname = publickey.get_pk_filename(basedir, name)
with open(fname, 'rb') as fd:
data = fd.read()
with open(fname + '.sig', 'ab') as fd:
me = publickey.Identity(self, basedir=basedir)
sig = me.sign(data, master=True)
if not sig:
sys.stderr.write('signature failed\n')
me.clear()
fd.write(sig[:nacl.crypto_sign_BYTES])
def keysign_handler(name=None, self=None, basedir=None):
# handles signing of keys using the master key
# name is the key to be signed
# self the signers name
# basedir the root for the keystore
fname = publickey.get_pk_filename(basedir, name)
with open(fname,'r') as fd:
data = fd.read()
with open(fname+'.sig','a') as fd:
me = publickey.Identity(self, basedir=basedir)
sig = me.sign(data, master=True)
if sig:
me.clear()
fd.write(sig[:nacl.crypto_sign_BYTES])
return fname+'.sig'
def keysign_handler(name=None, self=None, basedir=None):
# handles signing of keys using the master key
# name is the key to be signed
# self the signers name
# basedir the root for the keystore
fname = publickey.get_pk_filename(basedir, name)
with open(fname, 'r') as fd:
data = fd.read()
with open(fname + '.sig', 'a') as fd:
me = publickey.Identity(self, basedir=basedir)
sig = me.sign(data, master=True)
if sig:
me.clear()
fd.write(sig[:nacl.crypto_sign_BYTES])
return fname + '.sig'
def keycheck_handler(name=None, basedir=None):
fname = publickey.get_pk_filename(basedir, name)
with open(fname, 'rb') as fd:
pk = fd.read()
sigs = []
with open(fname + ".sig", 'rb') as fd:
sigdat = fd.read()
i = 0
csb = nacl.crypto_sign_BYTES
while i < len(sigdat) / 64:
res = publickey.verify(sigdat[i * csb:(i + 1) * csb] + pk,
basedir=basedir,
master=True)
if res:
sigs.append(res[0])
i += 1
sys.stderr.write('good signatures on %s from %s\n' %
(name, ', '.join(sigs)))
def keycheck_handler(name=None, basedir=None):
# handles verifying signatures of keys
# name is the key to be verified
# basedir the root for the keystore
fname = publickey.get_pk_filename(basedir, name)
with open(fname,'r') as fd:
pk = fd.read()
sigs=[]
with open(fname+".sig",'r') as fd:
sigdat=fd.read()
i=0
csb = nacl.crypto_sign_BYTES
while i<len(sigdat)/64:
res = publickey.verify(sigdat[i*csb:(i+1)*csb]+pk,
basedir=basedir,
master=True)
if res:
sigs.append(res[0])
i+=1
return sigs
def keycheck_handler(name=None, basedir=None):
# handles verifying signatures of keys
# name is the key to be verified
# basedir the root for the keystore
fname = publickey.get_pk_filename(basedir, name)
with open(fname, 'r') as fd:
pk = fd.read()
sigs = []
with open(fname + ".sig", 'r') as fd:
sigdat = fd.read()
i = 0
csb = nacl.crypto_sign_BYTES
while i < len(sigdat) / 64:
res = publickey.verify(sigdat[i * csb:(i + 1) * csb] + pk,
basedir=basedir,
master=True)
if res:
sigs.append(res[0])
i += 1
return sigs
def import_handler(infile=None, basedir=None):
# imports ascii armored key from infile or stdin to basedir
if not infile:
b85 = sys.stdin.readline().strip()
else:
with file(infile) as fd:
b85 = fd.readline().strip()
pkt = b85decode(b85)
mp = pkt[nacl.crypto_sign_BYTES:nacl.crypto_sign_BYTES+nacl.crypto_sign_PUBLICKEYBYTES]
keys = nacl.crypto_sign_open(pkt, mp)
if not keys:
return
name = keys[(nacl.crypto_sign_PUBLICKEYBYTES*3)+2*32:]
kfile = publickey.get_pk_filename(basedir, name)
if os.path.exists(kfile):
bkp = kfile+'.old'
print >>sys.stderr, "backing up existing key to %s" % bkp
os.rename(kfile,bkp)
with open(kfile, 'w') as fd:
fd.write(pkt)
# TODO check if key exists, then ask for confirmation of pk overwrite
return name
def import_handler(infile=None, basedir=None):
# imports ascii armored key from infile or stdin to basedir
if not infile:
b85 = sys.stdin.readline().strip()
else:
with file(infile) as fd:
b85 = fd.readline().strip()
pkt = b85decode(b85)
mp = pkt[nacl.crypto_sign_BYTES:nacl.crypto_sign_BYTES +
nacl.crypto_sign_PUBLICKEYBYTES]
keys = nacl.crypto_sign_open(pkt, mp)
if not keys:
return
name = keys[(nacl.crypto_sign_PUBLICKEYBYTES * 3) + 2 * 32:]
kfile = publickey.get_pk_filename(basedir, name)
if os.path.exists(kfile):
bkp = kfile + '.old'
print >> sys.stderr, "backing up existing key to %s" % bkp
os.rename(kfile, bkp)
with open(kfile, 'w') as fd:
fd.write(pkt)
# TODO check if key exists, then ask for confirmation of pk overwrite
return name
