Initial commit
Verify integrity of Gemini capsules resources.
NOTE: at the actual state, this program is pretty bad.
Uses [gmni] (https://git.sr.ht/~sircmpwn/gmni) as Gemini client.
Uses OpenBSD [signify] (https://www.openbsd.org/papers/bsdcan-signify.html).
TODO: support GPG.
Basic support for tilde communities. ~username
is expected right after
the FQDM. If present, a username-specific subdirectory is created in the
cache directory.
Checks for key.pub
at $XDG_CACHE_HOME/gemisign/<host>/[<~name>/]
.
If not present, retrieved from
gemini://capsule.tld/[~name/].well-known/key.pub
and TOFU.
SHA256SUMS
and SHA256SUMS.sig
are retrieved if not cached ||
bad signature || bad resource SHASUM.
Doesn't work if the exact URL is not specified. gemini://capsule.tld/index.gmi
without index.gmi
won't work.
go build
$ gemisign -h
Usage: gemisign [options] URL
Options:
-h show help message
-v verbose output
Example:
gemisign gemini://capsule.tld/page.gmi