diff --git a/.install/loveland.sh b/.install/loveland.sh index e547ee9..23e7157 100755 --- a/.install/loveland.sh +++ b/.install/loveland.sh @@ -107,6 +107,7 @@ nodename=$(curl -s https://git.p2p.legal/axiom-team/astroport/raw/master/zen/too echo $nodename if [[ ! $isLAN ]]; then + ### TODO install Feddless.social oasis --allow-host $nodename 2>&1>/dev/null & echo "BE CAREFULL your SSB identity could be publicly controled..." else @@ -130,6 +131,10 @@ echo "$nodename" | figlet -f slant | lolcat NODENAME=$nodename YOU=$(ps auxf --sort=+utime | grep -w ipfs | grep -v -E 'color=auto|grep' | tail -n 1 | cut -d " " -f 1); + +## Write nodename to IPFS +echo "$nodename" > /home/$YOU/.zen/ipfs/.$IPFSNODEID/G1SSB/_nodename + PHPVERSION=$(ps auxf | grep php-fpm | grep -v -E 'color=auto|grep' | head -n 1 | grep -oP '(?<=\().*(?=\))' | awk -F '/' '{print $4}') ### ASTROPORT STATION PORTAL sudo sed "s/_PHPVERSION_/$PHPVERSION/g" /home/$YOU/.zen/astroport/www/loveland.conf > /tmp/loveland.conf diff --git a/doc/images/astroport_virtual_private_swarm.png b/doc/images/astroport_virtual_private_swarm.png new file mode 100644 index 0000000..4e5ac81 Binary files /dev/null and b/doc/images/astroport_virtual_private_swarm.png differ diff --git a/g1sms/functions.sh b/g1sms/functions.sh index 66143fd..a56350d 100755 --- a/g1sms/functions.sh +++ b/g1sms/functions.sh @@ -328,11 +328,11 @@ log "__SUB:sms_INIT_ACCOUNT: ($1=phone, $2=NOSMS)" # GPG decypher PIN # TODO make decypher less stress on filesystem, use /tmp and ramdisk # /home/$YOU/.zen/astroport/zen/tools/natools.py encrypt -p $NODE_G1PUBKEY -i "$DUNIKEYFILE" -o "$DUNIKEYFILE.crypt" - # /home/$YOU/.zen/astroport/zen/tools/natools.py decrypt --pubsec -k "$NODE_PUBSECFILE" -i "$DUNIKEYFILE.crypt" -o "$DUNIKEYFILE" + # /home/$YOU/.zen/astroport/zen/tools/natools.py decrypt -f pubsec -k "$NODE_PUBSECFILE" -i "$DUNIKEYFILE.crypt" -o "$DUNIKEYFILE" # EMAIL [[ $SMSEMAIL == "" ]] && [[ -f "$GPGMAILFILE" ]] && echo "${IPFSPrivKey}" | gpg -d -q --output "$MAILFILE" --yes --pinentry-mode loopback --passphrase-fd 0 "$GPGMAILFILE" && SMSEMAIL=$(cat $MAILFILE) - [[ $SMSEMAIL == "" ]] && [[ -f "$MAILFILE.crypt" ]] && /home/$YOU/.zen/astroport/zen/tools/natools.py decrypt --pubsec -k "$NODE_PUBSECFILE" -i "$MAILFILE.crypt" -o "$MAILFILE" && SMSEMAIL=$(cat $MAILFILE) + [[ $SMSEMAIL == "" ]] && [[ -f "$MAILFILE.crypt" ]] && /home/$YOU/.zen/astroport/zen/tools/natools.py decrypt -f pubsec -k "$NODE_PUBSECFILE" -i "$MAILFILE.crypt" -o "$MAILFILE" && SMSEMAIL=$(cat $MAILFILE) log "__SUB:sms_INIT_ACCOUNT: Déchiffrage EMAIL $SMSEMAIL" # EMPTY CLEAR EMAIL FILE [[ $SMSEMAIL != "" ]] && echo "" > "$MAILFILE" diff --git a/g1sms/natools.py b/g1sms/natools.py deleted file mode 100755 index 9b6470f..0000000 --- a/g1sms/natools.py +++ /dev/null @@ -1,112 +0,0 @@ -#!/usr/bin/env python3 - -""" - CopyLeft 2020 Pascal Engélibert - - This program is free software: you can redistribute it and/or modify - it under the terms of the GNU Affero General Public License as published by - the Free Software Foundation, either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU Affero General Public License for more details. - - You should have received a copy of the GNU Affero General Public License - along with this program. If not, see . -""" - -import os, sys, duniterpy.key, libnacl.sign - -def getargv(arg:str, default:str="", n:int=1, args:list=sys.argv) -> str: - if arg in args and len(args) > args.index(arg)+n: - return args[args.index(arg)+n] - else: - return default - -def read_data(data_path, b=True): - if data_path == "-": - if b: - return sys.stdin.read().encode() - else: - return sys.stdin.read() - else: - return open(os.path.expanduser(data_path), "rb" if b else "r").read() - -def write_data(data, result_path): - if result_path == "-": - sys.stdout.write(data.decode()) - else: - open(os.path.expanduser(result_path), "wb").write(data) - -def encrypt(data, pubkey): - return duniterpy.key.PublicKey(pubkey).encrypt_seal(data) - -def decrypt(data, privkey): - return privkey.decrypt_seal(data) - -def sign(data, privkey): - return privkey.sign(data) - -def verify(data, pubkey): - try: - sys.stderr.write("Signature OK!\n") - return libnacl.sign.Verifier(duniterpy.key.PublicKey(pubkey).hex_pk()).verify(data) - except ValueError: - sys.stderr.write("Bad signature!\n") - exit(1) - -def get_privkey(privkey_path, pubsec): - if pubsec: - return duniterpy.key.SigningKey.from_pubsec_file(privkey_path) - else: - return duniterpy.key.SigningKey.from_seedhex(read_data(privkey_path, False)) - -def show_help(): - print("""Usage: -python3 natools.py [options] - -Commands: - encrypt Encrypt data - decrypt Decrypt data - sign Sign data - verify Verify data - -Options: - -i Input file path (default: -) - -k Privkey file path (default: authfile.key) - --pubsec Use pub/sec format for -p - -p Pubkey (base58) - -o Output file path (default: -) - -Note: "-" means stdin or stdout. -""") - -if __name__ == "__main__": - - if "--help" in sys.argv: - show_help() - exit() - - data_path = getargv("-i", "-") - privkey_path = getargv("-k", "authfile.key") - pubsec = "--pubsec" in sys.argv - pubkey = getargv("-p") - result_path = getargv("-o", "-") - - try: - if sys.argv[1] == "encrypt": - write_data(encrypt(read_data(data_path), pubkey), result_path) - elif sys.argv[1] == "decrypt": - write_data(decrypt(read_data(data_path), get_privkey(privkey_path, pubsec)), result_path) - elif sys.argv[1] == "sign": - write_data(sign(read_data(data_path), get_privkey(privkey_path, pubsec)), result_path) - elif sys.argv[1] == "verify": - write_data(verify(read_data(data_path), pubkey), result_path) - else: - show_help() - except Exception as e: - sys.stderr.write("Error: {}\n".format(e)) - show_help() - exit(1) diff --git a/g1sms/sms_NEW.sh b/g1sms/sms_NEW.sh index b82ea02..c6ed6f7 100755 --- a/g1sms/sms_NEW.sh +++ b/g1sms/sms_NEW.sh @@ -37,7 +37,7 @@ UNIT=${countvalues[2]} # ONLY USED BY sms_NEW.sh !!! To send back PIN echo "${IPFSPrivKey}" | gpg -d -q --output "$PINFILE" --yes --pinentry-mode loopback --passphrase-fd 0 "$GPGPINFILE" PIN=$(cat "$PINFILE" | xargs) -[[ "$PIN" == "" ]] && [[ -f "${PINFILE}.crypt" ]] && /home/$YOU/.zen/astroport/zen/tools/natools.py decrypt --pubsec -k "$NODE_PUBSECFILE" -i "${PINFILE}.crypt" -o "$PINFILE" && PIN=$(cat "$PINFILE"); +[[ "$PIN" == "" ]] && [[ -f "${PINFILE}.crypt" ]] && /home/$YOU/.zen/astroport/zen/tools/natools.py decrypt -f pubsec -k "$NODE_PUBSECFILE" -i "${PINFILE}.crypt" -o "$PINFILE" && PIN=$(cat "$PINFILE"); [[ "$PIN" != "" ]] && echo "" > "$PINFILE" || PIN="PIN EMPTY !!! Contacter $ADMINPHONE SVP" mess="[G1sms+] diff --git a/g1sms/tag_OP.sh b/g1sms/tag_OP.sh index b2d9a55..d67bce8 100755 --- a/g1sms/tag_OP.sh +++ b/g1sms/tag_OP.sh @@ -71,7 +71,7 @@ if [[ $FINALSOURCE -lt 0 ]]; then echo "__SUB:tag_OP.sh: KO. La valeur de ce G1T ############################################# ############## EXTRACT $JSOURCERR PUBLISH KEY if [[ -f $KEYFILE && ! -f "~/.ipfs/keystore/$JSOURCERR" ]]; then - /home/$YOU/.zen/astroport/zen/tools/natools.py decrypt --pubsec -k "$KEYFILE" -i "$JSOURCEPUBLISHKEY" -o "~/.ipfs/keystore/$JSOURCERR" + /home/$YOU/.zen/astroport/zen/tools/natools.py decrypt -f pubsec -k "$KEYFILE" -i "$JSOURCEPUBLISHKEY" -o "~/.ipfs/keystore/$JSOURCERR" else if [[ ! -f $KEYFILE ]]; then echo "__SUB:tag_OP.sh: KO. La clef de dévérouillage pour $JSOURCERR est inexistante. Contact: https://g1sms.fr" @@ -92,7 +92,7 @@ FINALDEST=$(echo "${JDESTVALUE} + ${VALUE}" | bc -l) # EXTRACT $JSOURCERR PUBLISH KEY to "~/.ipfs/keystore/JSOURCE" # EXTRACT PUBLISH KEY if [[ -f $KEYFILE && ! -f "~/.ipfs/keystore/$JDESTRR" ]]; then - /home/$YOU/.zen/astroport/zen/tools/natools.py decrypt --pubsec -k "$KEYFILE" -i "$JDESTPUBLISHKEY" -o "~/.ipfs/keystore/$JDESTRR" + /home/$YOU/.zen/astroport/zen/tools/natools.py decrypt -f pubsec -k "$KEYFILE" -i "$JDESTPUBLISHKEY" -o "~/.ipfs/keystore/$JDESTRR" else if [[ ! -f $KEYFILE ]]; then echo "__SUB:tag_OP.sh: KO. La clef de dévérouillage pour $JDESTRR est inexistante. Contact: https://g1sms.fr" diff --git a/g1sms/tools/G1_TUX_natools.py b/g1sms/tools/G1_TUX_natools.py deleted file mode 100755 index 5149743..0000000 --- a/g1sms/tools/G1_TUX_natools.py +++ /dev/null @@ -1,85 +0,0 @@ -#!/usr/bin/env python3 - -import os, sys, duniterpy.key, libnacl.sign - -def getargv(arg:str, default:str="", n:int=1, args:list=sys.argv) -> str: - if arg in args and len(args) > args.index(arg)+n: - return args[args.index(arg)+n] - else: - return default - -def read_data(data_path, b=True): - if data_path == "-": - if b: - return sys.stdin.read().encode() - else: - return sys.stdin.read() - else: - if b: - return open(os.path.expanduser(data_path), "rb").read() - else: - return open(os.path.expanduser(data_path), "r").read() - -def write_data(data, result_path): - (sys.stdout if result_path == "-" else open(os.path.expanduser(result_path), "wb")).write(data) - -def encrypt(data, pubkey): - return duniterpy.key.PublicKey(pubkey).encrypt_seal(data) - -def decrypt(data, privkey): - return duniterpy.key.SigningKey.from_seedhex(privkey).decrypt_seal(data) - -def sign(data, privkey): - return duniterpy.key.SigningKey.from_seedhex(privkey).sign(data) - -def verify(data, pubkey): - try: - return libnacl.sign.Verifier(duniterpy.key.PublicKey(pubkey).hex_pk()).verify(data) - except ValueError: - exit(1) - -def show_help(): - print("""Usage: -python3 natools.py [options] - -Commands: - encrypt Encrypt data - decrypt Decrypt data - sign Sign data - verify Verify data - -Options: - -i Input file path (default: -) - -k Privkey file path (default: authfile.key) - -p Pubkey (base58) - -o Output file path (default: -) - -Note: "-" means stdin or stdout. -""") - -if __name__ == "__main__": - - if "--help" in sys.argv: - show_help() - exit() - - data_path = getargv("-i", "-") - privkey_path = getargv("-k", "authfile.key") - pubkey = getargv("-p") - result_path = getargv("-o", "-") - - try: - if sys.argv[1] == "encrypt": - write_data(encrypt(read_data(data_path), pubkey), result_path) - elif sys.argv[1] == "decrypt": - write_data(decrypt(read_data(data_path), read_data(privkey_path, False)), result_path) - elif sys.argv[1] == "sign": - write_data(sign(read_data(data_path), read_data(privkey_path, False)), result_path) - elif sys.argv[1] == "verify": - write_data(verify(read_data(data_path), pubkey), result_path) - else: - show_help() - except Exception as e: - sys.stderr.write("Error: ", e, "\n") - show_help() - exit(1) diff --git a/g1sms/tools/natools.py b/g1sms/tools/natools.py old mode 100755 new mode 100644 index 9b6470f..9de1187 --- a/g1sms/tools/natools.py +++ b/g1sms/tools/natools.py @@ -17,7 +17,9 @@ along with this program. If not, see . """ -import os, sys, duniterpy.key, libnacl.sign +__version__ = "1.0" + +import os, sys, duniterpy.key, libnacl.sign, base58, base64, getpass def getargv(arg:str, default:str="", n:int=1, args:list=sys.argv) -> str: if arg in args and len(args) > args.index(arg)+n: @@ -36,7 +38,7 @@ def read_data(data_path, b=True): def write_data(data, result_path): if result_path == "-": - sys.stdout.write(data.decode()) + os.fdopen(sys.stdout.fileno(), 'wb').write(data) else: open(os.path.expanduser(result_path), "wb").write(data) @@ -57,11 +59,54 @@ def verify(data, pubkey): sys.stderr.write("Bad signature!\n") exit(1) -def get_privkey(privkey_path, pubsec): - if pubsec: +def get_privkey(privkey_path, privkey_format): + if privkey_format == "pubsec": + if privkey_path == "*": + privkey_path = "privkey.pubsec" return duniterpy.key.SigningKey.from_pubsec_file(privkey_path) - else: + + elif privkey_format == "cred": + if privkey_path == "*": + privkey_path = "-" + if privkey_path == "-": + return duniterpy.key.SigningKey.from_credentials(getpass.getpass("Password: "), getpass.getpass("Salt: ")) + else: + return duniterpy.key.SigningKey.from_credentials_file(privkey_path) + + elif privkey_format == "seedh": + if privkey_path == "*": + privkey_path = "authfile.seedhex" return duniterpy.key.SigningKey.from_seedhex(read_data(privkey_path, False)) + + elif privkey_format == "wif": + if privkey_path == "*": + privkey_path = "authfile.wif" + return duniterpy.key.SigningKey.from_wif_or_ewif_file(privkey_path) + + elif privkey_format == "wifh": + if privkey_path == "*": + privkey_path = "authfile.wif" + return duniterpy.key.SigningKey.from_wif_or_ewif_hex(privkey_path) + + elif privkey_format == "ssb": + if privkey_path == "*": + privkey_path = "secret" + return duniterpy.key.SigningKey.from_ssb_file(privkey_path) + + elif privkey_format == "key": + if privkey_path == "*": + privkey_path = "authfile.key" + return duniterpy.key.SigningKey.from_private_key(privkey_path) + +fmt = { + "raw": lambda data: data, + "16": lambda data: data.hex().encode(), + "32": lambda data: base64.b32encode(data), + "58": lambda data: base58.b58encode(data), + "64": lambda data: base64.b64encode(data), + "64u": lambda data: base64.urlsafe_b64encode(data), + "85": lambda data: base64.b85encode(data), +} def show_help(): print("""Usage: @@ -74,11 +119,18 @@ Commands: verify Verify data Options: + -f Private key format (default: cred) + key cred pubsec seedh ssb wif wifh -i Input file path (default: -) - -k Privkey file path (default: authfile.key) - --pubsec Use pub/sec format for -p + -k Privkey file path (* for auto) (default: *) -p Pubkey (base58) -o Output file path (default: -) + --noinc Do not include msg after signature + -O Output format: raw 16 32 58 64 64u 85 (default: raw) + + --help Show help + --version Show version + --debug Debug mode (display full errors) Note: "-" means stdin or stdout. """) @@ -89,24 +141,42 @@ if __name__ == "__main__": show_help() exit() + if "--version" in sys.argv: + print(__version__) + exit() + + privkey_format = getargv("-f", "auto") data_path = getargv("-i", "-") - privkey_path = getargv("-k", "authfile.key") - pubsec = "--pubsec" in sys.argv + privkey_path = getargv("-k", "*") pubkey = getargv("-p") result_path = getargv("-o", "-") + output_format = getargv("-O", "raw") try: if sys.argv[1] == "encrypt": - write_data(encrypt(read_data(data_path), pubkey), result_path) + write_data(fmt[output_format](encrypt(read_data(data_path), pubkey)), result_path) + elif sys.argv[1] == "decrypt": - write_data(decrypt(read_data(data_path), get_privkey(privkey_path, pubsec)), result_path) + write_data(fmt[output_format](decrypt(read_data(data_path), get_privkey(privkey_path, privkey_format))), result_path) + elif sys.argv[1] == "sign": - write_data(sign(read_data(data_path), get_privkey(privkey_path, pubsec)), result_path) + data = read_data(data_path) + signed = sign(data, get_privkey(privkey_path, privkey_format)) + + if "--noinc" in sys.argv: + signed = signed[:len(signed)-len(data)] + + write_data(fmt[output_format](signed), result_path) + elif sys.argv[1] == "verify": - write_data(verify(read_data(data_path), pubkey), result_path) + write_data(fmt[output_format](verify(read_data(data_path), pubkey)), result_path) + else: show_help() + except Exception as e: + if "--debug" in sys.argv: + 0/0 # DEBUG MODE sys.stderr.write("Error: {}\n".format(e)) show_help() exit(1) diff --git a/zen/README.md b/zen/README.md index 611a5c7..ebf90ae 100644 --- a/zen/README.md +++ b/zen/README.md @@ -125,5 +125,5 @@ IPFS SWARM : ``` g1pub=$(cat ~/.ssb/secret.dunikey | grep 'pub:' | cut -d ' ' -f 2) ~/.zen/astroport/zen/tools/natools.py encrypt -p $g1pub -i file -o file.crypt -~/.zen/astroport/zen/tools/natools.py decrypt --pubsec -k ~/.ssb/secret.dunikey -i file.crypt -o file +~/.zen/astroport/zen/tools/natools.py decrypt -f pubsec -k ~/.ssb/secret.dunikey -i file.crypt -o file ``` diff --git a/zen/ssb_INIT.sh b/zen/ssb_INIT.sh index bb9fe14..003fec6 100755 --- a/zen/ssb_INIT.sh +++ b/zen/ssb_INIT.sh @@ -128,12 +128,16 @@ $imagefile $id : $type : $size bits " -nodename=$(cat /etc/hostname) -extension=$(echo $nodename | cut -d '.' -f 2) -if [[ $extension == $nodename ]]; then - nodename=$nodename.home +# NOT WORKING, sudo inside !!! +#nodename=$(~/.zen/astroport/zen/tools/nodename) +nodename=$(cat /home/$YOU/.zen/ipfs/.$IPFSNODEID/G1SSB/_nodename) +if [[ $nodename == "" ]]; then + nodename=$(cat /etc/hostname) + extension=$(echo$ nodename | cut -d '.' -f 2) + if [[ $extension == $nodename ]]; then + nodename=$nodename.home + fi fi - ######################################################################## # DUNITER G1 Wallet balance export LC_ALL=C.UTF-8 #attipix diff --git a/zen/ssb_SURVEY_swarmkey.sh b/zen/ssb_SURVEY_swarmkey.sh index 7587ff4..2979e90 100755 --- a/zen/ssb_SURVEY_swarmkey.sh +++ b/zen/ssb_SURVEY_swarmkey.sh @@ -99,7 +99,7 @@ to ~/.ipfs/ipfs_swarm.key echo "http://localhost:8989/blobs/get/$mylink" continue curl -s "http://localhost:8989/blobs/get/$mylink" > $mytmp/ipfs_swarm.key.crypt - $MY_PATH/tools/natools.py decrypt --pubsec -k ~/.ssb/secret.dunikey -i $mytmp/ipfs_swarm.key.crypt -o ~/.ipfs/ipfs_swarm.key && \ + $MY_PATH/tools/natools.py decrypt -f pubsec -k ~/.ssb/secret.dunikey -i $mytmp/ipfs_swarm.key.crypt -o ~/.ipfs/ipfs_swarm.key && \ echo "IPFS SWARM KEY ~/.ipfs/ipfs_swarm.key received from SSB $author ... OK !" diff --git a/zen/tools/make_G1SSB_secret.sh b/zen/tools/make_G1SSB_secret.sh index 1a7e529..5905077 100755 --- a/zen/tools/make_G1SSB_secret.sh +++ b/zen/tools/make_G1SSB_secret.sh @@ -91,14 +91,9 @@ echo ' \____/_/ |_/____/___//____/ ' | lolcat + nodename=$(curl -s https://git.p2p.legal/axiom-team/astroport/raw/master/zen/tools/nodename | bash) -extension=$(echo $nodename | cut -d '.' -f 2) -if [[ $extension == $nodename ]]; then - PUB="false" - nodename=$nodename.local -else - PUB="true" -fi + if [[ ! $(which oasis) ]]; then echo "INSTALL.... http://$nodename" echo "ENTER Station accessible Network name !!! Suggestion : $nodename" diff --git a/zen/tools/natools.py b/zen/tools/natools.py old mode 100755 new mode 100644 index 9b6470f..9de1187 --- a/zen/tools/natools.py +++ b/zen/tools/natools.py @@ -17,7 +17,9 @@ along with this program. If not, see . """ -import os, sys, duniterpy.key, libnacl.sign +__version__ = "1.0" + +import os, sys, duniterpy.key, libnacl.sign, base58, base64, getpass def getargv(arg:str, default:str="", n:int=1, args:list=sys.argv) -> str: if arg in args and len(args) > args.index(arg)+n: @@ -36,7 +38,7 @@ def read_data(data_path, b=True): def write_data(data, result_path): if result_path == "-": - sys.stdout.write(data.decode()) + os.fdopen(sys.stdout.fileno(), 'wb').write(data) else: open(os.path.expanduser(result_path), "wb").write(data) @@ -57,11 +59,54 @@ def verify(data, pubkey): sys.stderr.write("Bad signature!\n") exit(1) -def get_privkey(privkey_path, pubsec): - if pubsec: +def get_privkey(privkey_path, privkey_format): + if privkey_format == "pubsec": + if privkey_path == "*": + privkey_path = "privkey.pubsec" return duniterpy.key.SigningKey.from_pubsec_file(privkey_path) - else: + + elif privkey_format == "cred": + if privkey_path == "*": + privkey_path = "-" + if privkey_path == "-": + return duniterpy.key.SigningKey.from_credentials(getpass.getpass("Password: "), getpass.getpass("Salt: ")) + else: + return duniterpy.key.SigningKey.from_credentials_file(privkey_path) + + elif privkey_format == "seedh": + if privkey_path == "*": + privkey_path = "authfile.seedhex" return duniterpy.key.SigningKey.from_seedhex(read_data(privkey_path, False)) + + elif privkey_format == "wif": + if privkey_path == "*": + privkey_path = "authfile.wif" + return duniterpy.key.SigningKey.from_wif_or_ewif_file(privkey_path) + + elif privkey_format == "wifh": + if privkey_path == "*": + privkey_path = "authfile.wif" + return duniterpy.key.SigningKey.from_wif_or_ewif_hex(privkey_path) + + elif privkey_format == "ssb": + if privkey_path == "*": + privkey_path = "secret" + return duniterpy.key.SigningKey.from_ssb_file(privkey_path) + + elif privkey_format == "key": + if privkey_path == "*": + privkey_path = "authfile.key" + return duniterpy.key.SigningKey.from_private_key(privkey_path) + +fmt = { + "raw": lambda data: data, + "16": lambda data: data.hex().encode(), + "32": lambda data: base64.b32encode(data), + "58": lambda data: base58.b58encode(data), + "64": lambda data: base64.b64encode(data), + "64u": lambda data: base64.urlsafe_b64encode(data), + "85": lambda data: base64.b85encode(data), +} def show_help(): print("""Usage: @@ -74,11 +119,18 @@ Commands: verify Verify data Options: + -f Private key format (default: cred) + key cred pubsec seedh ssb wif wifh -i Input file path (default: -) - -k Privkey file path (default: authfile.key) - --pubsec Use pub/sec format for -p + -k Privkey file path (* for auto) (default: *) -p Pubkey (base58) -o Output file path (default: -) + --noinc Do not include msg after signature + -O Output format: raw 16 32 58 64 64u 85 (default: raw) + + --help Show help + --version Show version + --debug Debug mode (display full errors) Note: "-" means stdin or stdout. """) @@ -89,24 +141,42 @@ if __name__ == "__main__": show_help() exit() + if "--version" in sys.argv: + print(__version__) + exit() + + privkey_format = getargv("-f", "auto") data_path = getargv("-i", "-") - privkey_path = getargv("-k", "authfile.key") - pubsec = "--pubsec" in sys.argv + privkey_path = getargv("-k", "*") pubkey = getargv("-p") result_path = getargv("-o", "-") + output_format = getargv("-O", "raw") try: if sys.argv[1] == "encrypt": - write_data(encrypt(read_data(data_path), pubkey), result_path) + write_data(fmt[output_format](encrypt(read_data(data_path), pubkey)), result_path) + elif sys.argv[1] == "decrypt": - write_data(decrypt(read_data(data_path), get_privkey(privkey_path, pubsec)), result_path) + write_data(fmt[output_format](decrypt(read_data(data_path), get_privkey(privkey_path, privkey_format))), result_path) + elif sys.argv[1] == "sign": - write_data(sign(read_data(data_path), get_privkey(privkey_path, pubsec)), result_path) + data = read_data(data_path) + signed = sign(data, get_privkey(privkey_path, privkey_format)) + + if "--noinc" in sys.argv: + signed = signed[:len(signed)-len(data)] + + write_data(fmt[output_format](signed), result_path) + elif sys.argv[1] == "verify": - write_data(verify(read_data(data_path), pubkey), result_path) + write_data(fmt[output_format](verify(read_data(data_path), pubkey)), result_path) + else: show_help() + except Exception as e: + if "--debug" in sys.argv: + 0/0 # DEBUG MODE sys.stderr.write("Error: {}\n".format(e)) show_help() exit(1)