From: Sergey Matveev <stargrave@stargrave.org>
Date: Tue, 8 Aug 2023 12:09:31 +0000 (+0300)
Subject: OpenSSH signatures inclusion support
X-Git-Tag: v0.1.0
X-Git-Url: http://www.git.stargrave.org/?a=commitdiff_plain;h=aa374e463efcad40433b2af494c1bbdcd8b7a8f6;p=meta4ra.git

OpenSSH signatures inclusion support
---

diff --git a/cmd/meta4-check/main.go b/cmd/meta4-check/main.go
index 45b08bd..5133807 100644
--- a/cmd/meta4-check/main.go
+++ b/cmd/meta4-check/main.go
@@ -49,10 +49,23 @@ func main() {
 			log.Fatalln(err)
 		}
 		for _, f := range meta.Files {
-			if f.Signature != nil && *extractSig {
+			for _, sig := range f.Signature {
+				if !*extractSig {
+					continue
+				}
+				var fn string
+				switch sig.MediaType {
+				case meta4ra.SigMediaTypePGP:
+					fn = f.Name + ".asc"
+				case meta4ra.SigMediaTypeSSH:
+					fn = f.Name + ".sig"
+				}
+				if fn == "" {
+					continue
+				}
 				if err = os.WriteFile(
-					f.Name+".asc",
-					[]byte(f.Signature.Signature),
+					fn,
+					[]byte(strings.TrimPrefix(sig.Signature, "\n")),
 					fs.FileMode(0666),
 				); err != nil {
 					fmt.Println("Error:", f.Name, "can not save signature:", err)
diff --git a/cmd/meta4-create/main.go b/cmd/meta4-create/main.go
index f5d8b5c..bd539b9 100644
--- a/cmd/meta4-create/main.go
+++ b/cmd/meta4-create/main.go
@@ -36,7 +36,8 @@ func main() {
 	fn := flag.String("fn", "", "Filename")
 	mtime := flag.String("mtime", "", "Take that file's mtime as a Published date")
 	desc := flag.String("desc", "", "Description")
-	sig := flag.String("sig", "", "Path to signature file")
+	sigPGP := flag.String("sig-pgp", "", "Path to OpenPGP .asc signature file")
+	sigSSH := flag.String("sig-ssh", "", "Path to OpenSSH .sig signature file")
 	hashes := flag.String("hashes", strings.Join(meta4ra.HashesDefault, ","), "hash-name:command-s")
 	torrent := flag.String("torrent", "", "Torrent URL")
 	log.SetFlags(log.Lshortfile)
@@ -63,15 +64,25 @@ func main() {
 		URLs:        urls,
 		Hashes:      h.Sums(),
 	}
-	if *sig != "" {
-		sigData, err := os.ReadFile(*sig)
+	if *sigPGP != "" {
+		sigData, err := os.ReadFile(*sigPGP)
 		if err != nil {
 			log.Fatalln(err)
 		}
-		f.Signature = &meta4ra.Signature{
-			MediaType: meta4ra.GPGSigMediaType,
+		f.Signature = append(f.Signature, meta4ra.Signature{
+			MediaType: meta4ra.SigMediaTypePGP,
 			Signature: "\n" + string(sigData),
+		})
+	}
+	if *sigSSH != "" {
+		sigData, err := os.ReadFile(*sigSSH)
+		if err != nil {
+			log.Fatalln(err)
 		}
+		f.Signature = append(f.Signature, meta4ra.Signature{
+			MediaType: meta4ra.SigMediaTypeSSH,
+			Signature: "\n" + string(sigData),
+		})
 	}
 	if *torrent != "" {
 		f.MetaURLs = []meta4ra.MetaURL{{MediaType: "torrent", URL: *torrent}}
diff --git a/common.go b/common.go
index a20c243..dcd3e16 100644
--- a/common.go
+++ b/common.go
@@ -19,6 +19,7 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package meta4ra
 
 const (
-	Generator       = "meta4ra/0.3.0"
-	GPGSigMediaType = "application/pgp-signature"
+	Generator       = "meta4ra/0.4.0"
+	SigMediaTypePGP = "application/pgp-signature"
+	SigMediaTypeSSH = "application/ssh-signature"
 )
diff --git a/scheme.go b/scheme.go
index b839282..6c37040 100644
--- a/scheme.go
+++ b/scheme.go
@@ -35,7 +35,7 @@ type File struct {
 	Description string     `xml:"description,,omitempty"`
 	Hashes      []Hash     `xml:"hash,,omitempty"`
 	MetaURLs    []MetaURL  `xml:"metaurl,,omitempty"`
-	Signature   *Signature `xml:"signature"`
+	Signature   []Signature `xml:"signature"`
 	Size        uint64     `xml:"size,,omitempty"`
 	URLs        []URL      `xml:"url,,omitempty"`
 }