@@ 1,5 1,5 @@
#!/usr/bin/env python3
-# A little client for m
+# Crypto functions for my blog
import getpass
import click
from nacl import pwhash, secret, utils
@@ 10,6 10,7 @@ from pathlib import Path
import os
import os.path
import sys
+import hashlib
ourdir = os.path.join(Path.home(), ".bclient")
kdf = pwhash.argon2i.kdf
salt = None
@@ 52,7 53,7 @@ def load_signkey(inDir, passwd):
def generate(outputdir):
"""Generate a keypair"""
print(Path.home())
- print(ourdir)
+ print(outputdir)
passwd = getpass.getpass("Enter a password: ")
repeat = getpass.getpass("repeat it: ")
if passwd != repeat:
@@ 142,9 143,37 @@ def verify_msg(keyfile, signfile):
return 0
+# fast-sign is a speed hack, it signs the hash of a file rather than,
+# rather than the whole file itself. Should've done it this way from the begining
+# but I missread the go docs, so the old way of doing it will be supported for,
+# Posts and pages but the fast-sign will be used for file uploads
+
+@cli.command()
+@click.option('--keydir', default=ourdir, help="Select directory keys are in")
+@click.option("--signfile", default="STDIN", help="File to sign default stdin")
+
+def fast_sign(keydir, signfile):
+
+ passwd = getpass.getpass("Enter your password: ")
+ pKey = load_signkey(keydir, bytes(passwd, "utf-8"))
+ rKey = SigningKey(pKey)
+
+
+ inbuf = None
+ if signfile == "STDIN":
+ inbuf = sys.stdin.read()
+ inbuf = bytes(inbuf, 'utf-8')
+ else:
+ inbuf = open(signfile, "rb").read()
+
+ h = hashlib.sha256()
+ h.update(inbuf)
+ signed = rKey.sign(h.digest(), encoder=Base64Encoder)
+ click.echo(signed)
+
if __name__ == '__main__':
cli()
- >
\ No newline at end of file
+