all: install
install:
+ cd pkg && ./deps.sh
make -C pkg install
test:
make -C pkg test
}
// TODO: maybe Serialize should do this internally
for _, ident := range e.Identities {
- err = ident.SelfSignature.SignUserId(ident.UserId.Id, e.PrimaryKey, e.PrivateKey)
+ err = ident.SelfSignature.SignUserId(rand.Reader, ident.UserId.Id, e.PrimaryKey, e.PrivateKey)
if err != nil {
return
}
}
for _, subkey := range e.Subkeys {
- err = subkey.Sig.SignKey(subkey.PublicKey, e.PrivateKey)
+ err = subkey.Sig.SignKey(rand.Reader, subkey.PublicKey, e.PrivateKey)
if err != nil {
return
}
package main
import (
- "crypto/openpgp"
"epoint/key"
"epoint/server"
"fmt"
// todo: http header limit: 64K, body limit: 64K
-// TODO: generate
-func initkey() (sk *openpgp.Entity, err error) {
- f, err := os.Open(seckey)
- if err != nil {
- return
- }
- keys, err := openpgp.ReadKeyRing(f)
- if err != nil {
- f.Close()
- return
- }
- err = f.Close()
- if err != nil {
- return
- }
- sk = keys[0]
- return
-}
-
func httpError(w http.ResponseWriter, code int, msg string) {
log.Printf("error: %d %s", code, msg)
http.Error(w, fmt.Sprintf("%d %s\n\n%s\n", code, http.StatusText(code), msg), code)
}
form = fmt.Sprintf("%v", a)
}
- return fmt.Sprintf("%s %s params:%s", r.Method, r.URL.Raw, form)
+ return fmt.Sprintf("%s %s params:%s", r.Method, r.URL, form)
}
func defaultHandler(w http.ResponseWriter, r *http.Request) {
log.Printf("%s %s", r.RemoteAddr, httpReq(r))
- fmt.Fprintf(w, "not implemented: %s %s\n", r.Method, r.URL.Raw)
+ fmt.Fprintf(w, "not implemented: %s %s\n", r.Method, r.URL)
}
func submitHandler(w http.ResponseWriter, r *http.Request) {
}
func main() {
- serverkey, err := initkey()
+ // TODO: serious keygen
+ serverkey, err := key.Server([]byte("secret seed"))
if err != nil {
log.Fatal(err)
}
return nil, fmt.Errorf("NewEntity: invalid argument: user id field contained invalid characters")
}
e = &openpgp.Entity{
- PrimaryKey: packet.NewDSAPublicKey(t, &priv.PublicKey, false /* not a subkey */ ),
- PrivateKey: packet.NewDSAPrivateKey(t, priv, false /* not a subkey */ ),
+ PrimaryKey: packet.NewDSAPublicKey(t, &priv.PublicKey),
+ PrivateKey: packet.NewDSAPrivateKey(t, priv),
Identities: make(map[string]*openpgp.Identity),
}
isPrimaryId := true
func Holder(r []byte, issuer, denomination string) (e *openpgp.Entity, err error) {
return New(DsaKey(r), time.Unix(0,0), "Holder of "+issuer, denomination, "")
}
+// Server generates a key for the server from random seed r
+func Server(r []byte) (e *openpgp.Entity, err error) {
+ return New(DsaKey(r), time.Now(), "Server", "", "")
+}
// Key id (fingerprint)
func Id(e *openpgp.Entity) string {
import (
"bytes"
"crypto/openpgp"
+ "crypto/rand"
"epoint/document"
"epoint/key"
"epoint/store"
return w
}
-func storekey() (err error) {
+func setserverkey(e *openpgp.Entity) (err error) {
+ serverkey = e
+
+ // TODO: maybe Serialize should do this internally
+ for _, ident := range e.Identities {
+ err = ident.SelfSignature.SignUserId(rand.Reader, ident.UserId.Id, e.PrimaryKey, e.PrivateKey)
+ if err != nil {
+ return
+ }
+ }
+ for _, subkey := range e.Subkeys {
+ err = subkey.Sig.SignKey(rand.Reader, subkey.PublicKey, e.PrivateKey)
+ if err != nil {
+ return
+ }
+ }
+
b := new(bytes.Buffer)
- err = serverkey.Serialize(b)
+ err = e.Serialize(b)
if err != nil {
return
}
- err = db.Set("key", key.Id(serverkey), b.Bytes())
+ err = db.Set("key", key.Id(e), b.Bytes())
if err != nil {
return
}
if err != nil {
return
}
- serverkey = sk
- err = storekey()
+ err = setserverkey(sk)
if err != nil {
return
}