package main import ( "errors" "flag" "fmt" "io/ioutil" "os" "dim13.org/signify/file" "dim13.org/signify/key" ) // Usage: signify -V [-eqz] [-p pubkey] [-t keytype] [-x sigfile] -m message func verify() error { args := flag.NewFlagSet("verify", flag.ExitOnError) var ( embedded = args.Bool("e", false, "Embed message") quiet = args.Bool("q", false, "Quiet mode") zip = args.Bool("z", false, "Verify gzip archive") pubFile = args.String("p", "", "Public key file") keyType = args.String("t", "", "Key type") // TODO sigFile = args.String("x", "", "Signature file") msgFile = args.String("m", "", "Message file (required)") ) args.Parse(os.Args[2:]) if *embedded && *zip { return errors.New("can't combine -e and -z options") } if *msgFile == "" { args.Usage() return nil } if *sigFile == "" { *sigFile = file.SigName(*msgFile) } _ = keyType // TODO sig, msg, verifyWith, err := OpenSig(*sigFile) if err != nil { return err } if *pubFile == "" { *pubFile = verifyWith } pubKey, err := OpenPub(*pubFile) if err != nil { return err } if !*embedded { msg, err = ioutil.ReadFile(*msgFile) if err != nil { return err } } if err := pubKey.Verify(msg, sig); err != nil { return err } if !*quiet { fmt.Println("Signature Verified") } return nil } func OpenPub(fname string) (*key.Pub, error) { block, err := file.DecodeFile(fname) if err != nil { return nil, err } pubKey := new(key.Pub) if err := key.Unmarshal(block.Bytes, pubKey); err != nil { return nil, err } if err := pubKey.Check(); err != nil { return nil, err } return pubKey, nil } func OpenSig(fname string) (*key.Sig, []byte, string, error) { block, err := file.DecodeFile(fname) if err != nil { return nil, nil, "", err } sig := new(key.Sig) if err := key.Unmarshal(block.Bytes, sig); err != nil { return nil, nil, "", err } if err := sig.Check(); err != nil { return nil, nil, "", err } pubKey, _ := file.PubFile(block.Comment) return sig, block.Message, pubKey, nil }