tillitis / tkey-sign-cli Goto Github PK

View Code? Open in Web Editor NEW

2.0 2.0 0.0 726 KB

Sign messages with the Tillitis TKey

License: GNU General Public License v2.0

Makefile 9.62% Go 77.14% Shell 11.88% HCL 1.36%

tkey-sign-cli's People

Contributors

Stargazers

Watchers

tkey-sign-cli's Issues

Bashism in signify-verify

The use of

-if [[ "${uname}" == "Darwin"* ]]

in the signify-verify script is a bashism and not compatible with Bourne shell, so this blows up on Debian-based systems that use dash as /bin/sh, for instance.

Overwrite aborts regardless of input [Windows]

When using Windows and a file already exists, you get the option to overwrite it or not, regardless of input it is always aborted.

$ tkey-sign -S -m pubkey -p pubkey
File pubkey.sig exists. Overwrite [y/n]?
y
Aborted

tkey-sign v0.0.8

Support signfiy -C, checksum verification

If we would sign an entire checksum file we would be able to use signify's feature of verifying the signature and checksum of a file, removing the need of an additional script to be compatible with Signify.

As an example an openBSD checksum file below.
It includes their comment, the signature and the file that was signed.

Can be verified using signify -Cp openbsd-74-base.pub -x SHA256.sig

It seems possible to use SHA512 instead of SHA256.
But we need to sign the entire file, not just the digest of a file.

untrusted comment: verify with openbsd-74-base.pub
RWRoyQmAD08ajdRJYwgoC1homYDTdeoVPjmN3KKPYTMR1q4qgURl+IMh72Cv6MhJLtgoV/Q2/I7p+busOoiJgHUvW6bxA06HjwM=
SHA256 (BOOTAA64.EFI) = dee5711fa4502c797650c3c4354178360bf112e2b854cff6f31e7ab0596b4355
SHA256 (BUILDINFO) = 0871fe1e438438bd32ec9ffc2d460fdd73c63600dc359c2b36e2c4ab6f473c98
SHA256 (INSTALL.arm64) = f0c7f82b6eb7479ff41358ff005024517098d681b4df83fb3e029b684a9491f4
SHA256 (base74.tgz) = fa926e58c9f8a172eec5ef2ce0ff9edd5d33bbeb358e79e868372b5eacedbaa5
SHA256 (bsd) = 250eddf69f42ed32e71c324a809a7e6d5a5babded2fe8c134622f553fd0748db
SHA256 (bsd.mp) = 850b5186dfa4851db785d08f44165da3188927e4976023bf634f1ff76e0400ae
SHA256 (bsd.rd) = 81f32e6b342f060221e77528eb5cbc23c570c29aa25d8752c7822d75488e8aee
SHA256 (comp74.tgz) = 1470f016e95231942dc4ae3c9529d93766580725e912dd20c0a115eabac60cc9
SHA256 (game74.tgz) = 41cffbf05f1194ec5976dc357af1eb6f5a382ce80ad00f95566d8015fa69f28a
SHA256 (install74.img) = 09e4d0fe6d3f49f2c4c99b6493142bb808253fa8a8615ae1ca8e5f0759cfebd8
SHA256 (man74.tgz) = a8293717479316c725e57c6dbbb9aa62daaaefce4c72d98841b7262277aa0700
SHA256 (miniroot74.img) = 7b08b2ce081cff6408d183f7152ddcfd2779912104866e4fdf6ae2d864b51142
SHA256 (xbase74.tgz) = 9b80de8f58aa7ad48bf5a201f78a4f77827396dc1178f482252b0e7f87a0142f
SHA256 (xfont74.tgz) = 000e0936929bbcbfc23700d05801e0ba149141b2f656629cf099ce2a08b8188b
SHA256 (xserv74.tgz) = eb28285fbe08321f07df85d6979e2e6566ad8df34e8aa320878c0e5f5c0fab78
SHA256 (xshare74.tgz) = 2b7e11800bfba8147c243d6731f9d8c9767e39adc53f86ba5f7b2837044881a6

USS input fails on Windows

Using tkey-sign -G -p key.pub --uss fails with:

ReadPassword: The handle is invalid.

Update go-serial to build for darwin

Due to stricter enforcement of rules in Go 1.21, go-serial version < 1.6.0 does not build on darwin.
So for our applications to be supported on darwin for Go 1.21, go-serial needs to be updated to at > 1.6.0, see release notes here.

# go.bug.st/serial/enumerator
../../../go/pkg/mod/go.bug.st/[email protected]/enumerator/usb_darwin.go:142:11: cannot define new methods on non-local type C.CFStringRef
../../../go/pkg/mod/go.bug.st/[email protected]/enumerator/usb_darwin.go:148:11: cannot define new methods on non-local type C.CFTypeRef
../../../go/pkg/mod/go.bug.st/[email protected]/enumerator/usb_darwin.go:154:11: cannot define new methods on non-local type *C.io_registry_entry_t
../../../go/pkg/mod/go.bug.st/[email protected]/enumerator/usb_darwin.go:165:11: cannot define new methods on non-local type *C.io_registry_entry_t
../../../go/pkg/mod/go.bug.st/[email protected]/enumerator/usb_darwin.go:175:11: cannot define new methods on non-local type *C.io_registry_entry_t
../../../go/pkg/mod/go.bug.st/[email protected]/enumerator/usb_darwin.go:194:11: cannot define new methods on non-local type *C.io_registry_entry_t
../../../go/pkg/mod/go.bug.st/[email protected]/enumerator/usb_darwin.go:214:11: cannot define new methods on non-local type *C.io_iterator_t
../../../go/pkg/mod/go.bug.st/[email protected]/enumerator/usb_darwin.go:218:11: cannot define new methods on non-local type *C.io_iterator_t
../../../go/pkg/mod/go.bug.st/[email protected]/enumerator/usb_darwin.go:222:11: cannot define new methods on non-local type *C.io_iterator_t
../../../go/pkg/mod/go.bug.st/[email protected]/enumerator/usb_darwin.go:229:11: cannot define new methods on non-local type *C.io_object_t
../../../go/pkg/mod/go.bug.st/[email protected]/enumerator/usb_darwin.go:233:11: cannot define new methods on non-local type *C.io_object_t

Support signature verification

Support signature verification, probably with files, something like

$ tkey-sign --verify FILE SIG-FILE PUBKEY-FILE

tkey-sign: Sign arbitratry long files

Make tkey-sign a bit more useful.

Embed signer and load automatically.
Sign arbitrarily long files with signer. Probably by using a hash over the file and signing that instead of the file data. Perhaps hide this functionality behind a flag.

Probably needs to use ed25519-ph for pre-hash signatures from Monocypher 4, so update Monocypher first.

tillitis / tkey-sign-cli Goto Github PK

tkey-sign-cli's People

Contributors

Stargazers

Watchers

tkey-sign-cli's Issues

Bashism in signify-verify

Overwrite aborts regardless of input [Windows]

Support signfiy -C, checksum verification

USS input fails on Windows

Update go-serial to build for darwin

Support signature verification

tkey-sign: Sign arbitratry long files

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent