public function fire(array $args = []) : bool
{
$file = $this->selectFile($args[0] ?? '');
if (!isset($this->config['salt']) && \count($args) < 2) {
throw new \Error('No salt configured or passed');
}
if (\count($args) > 2) {
switch (\strtolower($args[2])) {
case 'fast':
case 'i':
case 'interactive':
case 'weak':
$level = KeyFactory::INTERACTIVE;
break;
case 'm':
case 'signing':
case 'moderate':
$level = KeyFactory::MODERATE;
break;
default:
$level = KeyFactory::SENSITIVE;
break;
}
} elseif (isset($this->config['keytype'])) {
switch ($this->config['keytype']) {
case 'fast':
case 'i':
case 'interactive':
case 'weak':
$level = KeyFactory::INTERACTIVE;
break;
case 'm':
case 'signing':
case 'moderate':
$level = KeyFactory::MODERATE;
break;
default:
$level = KeyFactory::SENSITIVE;
break;
}
} else {
$level = KeyFactory::SENSITIVE;
}
$salt = \Sodium\hex2bin($args[1] ?? $this->config['salt']);
echo 'Generating a signature for: ', $file, "\n";
$password = $this->silentPrompt('Enter password: ');
// We can get rid of the 'false' in version 2.0.0 (with Halite 3)
$sign_kp = KeyFactory::deriveSignatureKeyPair($password, $salt, false, $level);
if (!$sign_kp instanceof SignatureKeyPair) {
throw new \Error('Error during key derivation');
}
$signature = File::sign($file, $sign_kp->getSecretKey());
if (isset($this->history)) {
$this->config['build_history']['signed'] = true;
}
\file_put_contents($file . '.sig', $signature);
echo 'File signed: ' . $file . '.sig', "\n";
echo 'Public key: ' . \Sodium\bin2hex($sign_kp->getPublicKey()->getRawKeyMaterial()), "\n";
return true;
}