Add -K keypair_seed option

This can be used with a keypair seed from a scuttlebot invite code.

sbotc.1

@@ -13,6 +13,7 @@
 .Op Fl s Ar host
 .Op Fl p Ar port
 .Op Fl k Ar key
+.Op Fl K Ar keypair_seed
 .Op Fl t Ar type
 .Ar method
 .Op Ar argument ...
@@ -35,7 +36,14 @@ The hostname to connect to. Default is localhost.
 .It Fl p Ar port
 The port to connect to. Default is 8008.
 .It Fl k Ar key
-The key to connect to. Default is your public key.
+The key to connect to. Default is your public key, as read from your
+private key file.
+.It Fl K Ar keypair_seed
+Private key seed to use for secret-handshake. Default is to use the private key
+from your
+.Pa ~/.ssb/secret
+file or other secret file according to the environmental variables described in
+.Sx ENVIRONMENT .
 .It Fl t Ar type
 The type of method:
 .Dq async ,

sbotc.c

@@ -95,8 +95,8 @@ static const unsigned char ssb_cap[] = {
 };
 
 static void usage() {
-	fputs("usage: sbotc [-j] [-T] [-a <cap>] [-s <host>] [-p <port>] [-k <key>] [-t <type>] "
-	      "<method> [<argument>...]\n", stderr);
+	fputs("usage: sbotc [-j] [-T] [-a <cap>] [-s <host>] [-p <port>] [-k <key>] [-K <keypair_seed>] \n"
+	      "             [-t <type>] <method> [<argument>...]\n", stderr);
 	exit(EXIT_FAILURE);
 }
 
@@ -801,6 +801,7 @@ static int args_to_json(char *out, size_t outlen, unsigned int argc, char *argv[
 int main(int argc, char *argv[]) {
 	int i, s, infd, outfd, rc;
 	const char *key = NULL;
+	const char *keypair_seed_str = NULL;
 	const char *host = NULL;
 	const char *port = "8008";
 	const char *typestr = NULL, *methodstr;
@@ -839,6 +840,7 @@ int main(int argc, char *argv[]) {
 			case 'T': test = true; break;
 			case 's': host = argv[++i]; break;
 			case 'k': key = argv[++i]; break;
+			case 'K': keypair_seed_str = argv[++i]; break;
 			case 'p': port = argv[++i]; break;
 			case 't': typestr = argv[++i]; break;
 			default: usage();
@@ -883,9 +885,21 @@ int main(int argc, char *argv[]) {
 		if (rc < 0) errx(0, "unable to convert method name");
 	}
 
-	read_private_key(app_dir, private_key);
+	if (keypair_seed_str) {
+		unsigned char seed[crypto_sign_SEEDBYTES];
+		unsigned char ed25519_skpk[crypto_sign_ed25519_SECRETKEYBYTES];
+
+		rc = pubkey_decode(keypair_seed_str, ed25519_skpk);
+		if (rc < 0) err(1, "unable to decode private key");
+		rc = crypto_sign_ed25519_sk_to_seed(seed, ed25519_skpk);
+		if (rc < 0) err(1, "unable to convert private key to seed");
+		rc = crypto_sign_seed_keypair(public_key, private_key, seed);
+		if (rc < 0) err(1, "unable to generate keypair from seed");
+	} else {
+		read_private_key(app_dir, private_key);
+		memcpy(public_key, private_key+32, 32);
+	}
 
-	memcpy(public_key, private_key+32, 32);
 	if (key) {
 		rc = pubkey_decode(key, remote_key);
 		if (rc < 0) err(1, "unable to decode remote key '%s'", key);