Add client-side/hydraveil-operator.sh

2025-12-04 20:02:16 +00:00 · 2025-12-04 20:02:16 +00:00 · 30f8c1e661
commit 30f8c1e661
1 changed files with 143 additions and 0 deletions
--- a/client-side/hydraveil-operator.sh
+++ b/client-side/hydraveil-operator.sh
@ -0,0 +1,143 @@
 #!/bin/bash
 usage() {
    echo
    echo "Usage: $0 <action>"
    echo
    echo "Actions:"
    echo
    echo "  initialize"
    echo "  sign-contract <file>"
    echo "  sign <endpoint>"
    echo "  verify <endpoint> <signature>"
    echo
    exit 1
 }
 if [ -z "$1" ]; then
    usage
 fi
 action=$1
 case $action in
 initialize)
    if [ -f id_ed25519 ] || [ -f id_ed25519.pub ]; then
        echo
        echo "Error: The environment has already been initialized."
        echo
        exit 1
    fi
    openssl genpkey -out id_ed25519 -algorithm ED25519
    openssl pkey -in id_ed25519 -pubout -out id_ed25519.pub
    id_ed25519_pub="$(openssl pkey -in id_ed25519 -noout -text_pub | tail -n 3 | tr -d ': \n')"
    echo
    echo "Public Key: $id_ed25519_pub"
    echo
    ;;
 sign)
    if [ -z "$2" ]; then
        usage
    fi
    temporary_file_1=$(mktemp)
    trap 'rm -f $temporary_file_1' EXIT
    temporary_file_2=$(mktemp)
    trap 'rm -f $temporary_file_2' EXIT
    echo -n "$2" >"$temporary_file_1"
    openssl pkeyutl -sign -inkey id_ed25519 -rawin -in "$temporary_file_1" -out "$temporary_file_2"
    id_ed25519_pub_hex="$(openssl pkey -in id_ed25519 -noout -text_pub | tail -n 3 | tr -d ': \n')"
    signature=$(base64 -w 0 <"$temporary_file_2")
    echo
    echo " Signature: ${signature:0:64}"
    echo "              ${signature:64}"
    echo
    echo " Provider: $id_ed25519_pub_hex"
    echo " Endpoint: $2"
    echo
    ;;
 verify)
    if [ -z "$2" ] || [ -z "$3" ]; then
        usage
    fi
    temporary_file_1=$(mktemp)
    trap 'rm -f $temporary_file_1' EXIT
    temporary_file_2=$(mktemp)
    trap 'rm -f $temporary_file_2' EXIT
    echo -n "$2" >"$temporary_file_1"
    echo -n "$3" | base64 --decode >"$temporary_file_2"
    echo
    openssl pkeyutl -verify -inkey id_ed25519 -rawin -in "$temporary_file_1" -sigfile "$temporary_file_2"
    echo
    ;;
 sign-contract)
    if [ -z "$2" ]; then
        usage
    fi
    temporary_file_1=$(mktemp)
    trap 'rm -f $temporary_file_1' EXIT
    temporary_file_2=$(mktemp)
    trap 'rm -f $temporary_file_2' EXIT
    file_path="$2"
    # Check if the file exists
    if [ ! -f "$file_path" ]; then
    echo "File not found: $file_path"
    exit 1
    fi
    # Compute the SHA-512 hash
    sha512_hash=$(sha512sum "$file_path" | awk '{print $1}')
    # Store in temp file:
    echo -n "$sha512_hash" >"$temporary_file_1"
    # sign it:
    openssl pkeyutl -sign -inkey id_ed25519 -rawin -in "$temporary_file_1" -out "$temporary_file_2"
    id_ed25519_pub_hex="$(openssl pkey -in id_ed25519 -noout -text_pub | tail -n 3 | tr -d ': \n')"
    signature=$(base64 -w 0 <"$temporary_file_2")
    echo
    echo
    echo "SHA-512 hash of the Contract $file_path:"
    echo "$sha512_hash"
    echo
    echo "Operator's Public Key:"
    echo "$id_ed25519_pub_hex"
    echo
    echo "Signature of Contract:"
    echo "${signature}"
    echo
    ;;
 *)
    usage
    ;;
 esac