From 15fe28c9af4a69d5fb5188c3cbeadae31a9c891f Mon Sep 17 00:00:00 2001 From: Dimitri Sokolyuk Date: Tue, 25 Jul 2017 23:32:10 +0200 Subject: prototype gzip verify --- verify.go | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) (limited to 'verify.go') diff --git a/verify.go b/verify.go index 9f71dc8..2c62241 100644 --- a/verify.go +++ b/verify.go @@ -1,12 +1,18 @@ package main import ( + "bytes" + "crypto/sha512" + "errors" "flag" "fmt" "io/ioutil" + "log" + "os" "dim13.org/signify/file" "dim13.org/signify/key" + "dim13.org/signify/zsig" ) // Usage: signify -V [-eqz] [-p pubkey] [-t keytype] [-x sigfile] -m message @@ -88,7 +94,52 @@ func verifyEmbedded(pubFile, sigFile string) error { return sig.Verify(msg, pub) } +// TODO ugly work-in-progress func verifyGzip(pubFile, msgFile string) error { + sigFile := msgFile + ".sig" // XXX + fd, err := os.Open(sigFile) + if err != nil { + return err + } + defer fd.Close() + z, err := zsig.NewReader(fd) + if err != nil { + return err + } + + log.Println(z) + sig := new(key.Sig) + _, msg, err := file.DecodeString(z.Comment, sig) + if err != nil { + return err + } + + pub, err := openPub(pubFile) + if err != nil { + return err + } + if err := sig.Verify(msg, pub); err != nil { + return err + } + + log.Printf("%s", msg) + zhead, err := zsig.ParseBytes(msg) + if err != nil { + return err + } + + if zhead.Alg != "SHA512/256" { + return errors.New("whatever alg") + } + + sumch := zsig.Sum(z, zhead.BlockSize, sha512.New512_256()) + for _, sum := range zhead.Sums { + s := <-sumch + if !bytes.Equal(sum, s) { + return errors.New("don't match") + } + } + return nil } -- cgit v1.2.3