aboutsummaryrefslogtreecommitdiff
path: root/verify.go
diff options
context:
space:
mode:
authorDimitri Sokolyuk <demon@dim13.org>2017-07-25 23:32:10 +0200
committerDimitri Sokolyuk <demon@dim13.org>2017-07-25 23:32:10 +0200
commit15fe28c9af4a69d5fb5188c3cbeadae31a9c891f (patch)
tree89f665b0dd71fbe4db17f598bdb494924a774290 /verify.go
parente718cddb32df846caea3a1235a3dc806e03dc1e4 (diff)
prototype gzip verify
Diffstat (limited to 'verify.go')
-rw-r--r--verify.go51
1 files changed, 51 insertions, 0 deletions
diff --git a/verify.go b/verify.go
index 9f71dc8..2c62241 100644
--- a/verify.go
+++ b/verify.go
@@ -1,12 +1,18 @@
package main
import (
+ "bytes"
+ "crypto/sha512"
+ "errors"
"flag"
"fmt"
"io/ioutil"
+ "log"
+ "os"
"dim13.org/signify/file"
"dim13.org/signify/key"
+ "dim13.org/signify/zsig"
)
// Usage: signify -V [-eqz] [-p pubkey] [-t keytype] [-x sigfile] -m message
@@ -88,7 +94,52 @@ func verifyEmbedded(pubFile, sigFile string) error {
return sig.Verify(msg, pub)
}
+// TODO ugly work-in-progress
func verifyGzip(pubFile, msgFile string) error {
+ sigFile := msgFile + ".sig" // XXX
+ fd, err := os.Open(sigFile)
+ if err != nil {
+ return err
+ }
+ defer fd.Close()
+ z, err := zsig.NewReader(fd)
+ if err != nil {
+ return err
+ }
+
+ log.Println(z)
+ sig := new(key.Sig)
+ _, msg, err := file.DecodeString(z.Comment, sig)
+ if err != nil {
+ return err
+ }
+
+ pub, err := openPub(pubFile)
+ if err != nil {
+ return err
+ }
+ if err := sig.Verify(msg, pub); err != nil {
+ return err
+ }
+
+ log.Printf("%s", msg)
+ zhead, err := zsig.ParseBytes(msg)
+ if err != nil {
+ return err
+ }
+
+ if zhead.Alg != "SHA512/256" {
+ return errors.New("whatever alg")
+ }
+
+ sumch := zsig.Sum(z, zhead.BlockSize, sha512.New512_256())
+ for _, sum := range zhead.Sums {
+ s := <-sumch
+ if !bytes.Equal(sum, s) {
+ return errors.New("don't match")
+ }
+ }
+
return nil
}