diff --git a/src/main.rs b/src/main.rs index 9064e66..9065a89 100644 --- a/src/main.rs +++ b/src/main.rs @@ -93,10 +93,12 @@ pub enum Command { ssi: SsiQuery, }, + /// Verify signature certificate Verify { /// Signature certificate to verify signature: SsiCert, }, + // Recover, } fn main() { @@ -210,6 +212,20 @@ fn main() { Err(err) => eprintln!("invalid: {err}"), } println!(); - } + } /* + Command::Recover => { + use std::collections::HashSet; + let passwd = rpassword::prompt_password("Password for private key encryption: ") + .expect("unable to read password"); + let mut identities = HashSet::new(); + for mut ssi in runtime.identities.iter().cloned() { + let secret = runtime.find_signer(ssi.pk.fingerprint(), &passwd).unwrap(); + ssi.sig = secret.sk.sign(ssi.to_message()); + identities.push(ssi); + } + runtime.identities = identities; + runtime.store().unwrap() + } + */ } } diff --git a/src/runtime.rs b/src/runtime.rs index c379266..8770f51 100644 --- a/src/runtime.rs +++ b/src/runtime.rs @@ -24,6 +24,7 @@ pub const SSI_DIR: &'static str = "~/.ssi"; use std::collections::{BTreeSet, HashSet}; use std::fs; use std::io::{self, BufRead, Write}; +use std::os::unix::fs::PermissionsExt; use std::path::PathBuf; use crate::baid64::Baid64ParseError; @@ -62,6 +63,8 @@ impl SsiRuntime { .write(true) .create(true) .open(path)?; + let mut permissions = file.metadata()?.permissions(); + permissions.set_mode(0o600); let reader = io::BufReader::new(file); let mut secrets = bset![]; for line in reader.lines() { @@ -76,6 +79,8 @@ impl SsiRuntime { .write(true) .create(true) .open(path)?; + let mut permissions = file.metadata()?.permissions(); + permissions.set_mode(0o600); let reader = io::BufReader::new(file); let mut identities = set![]; for line in reader.lines() {