package main import ( "flag" "fmt" "io/ioutil" "os" "dim13.org/signify/file" "dim13.org/signify/key" ) // Usage: signify -V [-eqz] [-p pubkey] [-t keytype] [-x sigfile] -m message func verify() error { args := flag.NewFlagSet("verify", flag.ExitOnError) var ( embedded = args.Bool("e", false, "Embed message") quiet = args.Bool("q", false, "Quiet mode") zip = args.Bool("z", false, "Verify gzip archive") pubFile = args.String("p", "", "Public key file") keyType = args.String("t", "", "Key type") // TODO sigFile = args.String("x", "", "Signature file") msgFile = args.String("m", "", "Message file (required)") ) args.Parse(os.Args[2:]) if *embedded && *zip { return ErrEZ } if *msgFile == "" { args.Usage() return nil } _, _, _ = embedded, keyType, sigFile pubKey, err := OpenPub(*pubFile) if err != nil { return err } sig, body, err := OpenSig(*msgFile) if err != nil { return err } if err := pubKey.Verify(body, sig); err != nil { return err } if !*quiet { fmt.Println("Signature Verfied") } return nil } func OpenPub(fname string) (*key.Pub, error) { block, err := file.DecodeFile(fname) if err != nil { return nil, err } pubKey := new(key.Pub) if err := key.Unmarshal(block.Bytes, pubKey); err != nil { return nil, err } if err := pubKey.Check(); err != nil { return nil, err } return pubKey, nil } func OpenSig(fname string) (*key.Sig, []byte, error) { block, err := file.DecodeFile(fname + ".sig") if err != nil { return nil, nil, err } sig := new(key.Sig) if err := key.Unmarshal(block.Bytes, sig); err != nil { return nil, nil, err } if err := sig.Check(); err != nil { return nil, nil, err } if len(block.Message) > 0 { return sig, block.Message, nil } msg, err := ioutil.ReadFile(fname) if err != nil { return nil, nil, err } return sig, msg, nil }