diff options
| author | Gibheer <gibheer+git@zero-knowledge.org> | 2016-10-01 21:56:29 +0200 |
|---|---|---|
| committer | Gibheer <gibheer+git@zero-knowledge.org> | 2016-10-01 21:56:29 +0200 |
| commit | d01892150eed9d58210eb40b7c005d5fa8e93238 (patch) | |
| tree | f9d37f3d5b4f0d9afd01755801826713f47d83c3 /verify_input.go | |
| parent | faaf7d8859895767b5e64d32c14d561d6fdb5a14 (diff) | |
rework program flow
This commit is a complete rebuild of pkictl. Before everything was all
over the place and adding new commands was kind of a hassle.
Now each command has its own file and can be adjusted on a command
basis. Options are still used by the same name, but can now use
different descriptions.
Diffstat (limited to 'verify_input.go')
| -rw-r--r-- | verify_input.go | 76 |
1 files changed, 76 insertions, 0 deletions
diff --git a/verify_input.go b/verify_input.go new file mode 100644 index 0000000..2fd14b3 --- /dev/null +++ b/verify_input.go @@ -0,0 +1,76 @@ +package main + +import ( + "crypto" + "encoding/base64" + "flag" + "fmt" + "io/ioutil" + + "github.com/gibheer/pki" +) + +func VerifyInput(args []string) error { + fs := flag.NewFlagSet("pkictl verify-input", flag.ExitOnError) + flagPublic := fs.String("public-key", "", "path to the public key or read from stdin") + flagInput := fs.String("input", "stdin", "path to the message or stdin") + flagSignature := fs.String("signature", "", "the signature to check the message against") + fs.Parse(args) + + sig, err := base64.StdEncoding.DecodeString(*flagSignature) + if err != nil { + return err + } + + in, err := openInput(*flagInput) + if err != nil { + return err + } + defer in.Close() + msg, err := ioutil.ReadAll(in) + if err != nil { + return err + } + + pub_raw, err := openInput(*flagPublic) + if err != nil { + return err + } + defer pub_raw.Close() + pem, err := parseFile(pub_raw) + if err != nil { + return err + } + if len(pem) > 1 { + return fmt.Errorf("too many objects in public key file") + } + if len(pem[pki.PemLabelPublic]) > 1 { + return fmt.Errorf("too many public keys found") + } + + public, err := loadPublicKey(pem[pki.PemLabelPublic][0]) + if err != nil { + return err + } + + valid, err := public.Verify(msg, sig, crypto.SHA256) + if valid { + fmt.Println("valid") + return nil + } + fmt.Println("invalid") + return err +} + +func loadPublicKey(raw_pu []byte) (pki.PublicKey, error) { + if public, err := pki.LoadPublicKeyEd25519(raw_pu); err != nil { + return public, nil + } + if public, err := pki.LoadPublicKeyEcdsa(raw_pu); err == nil { + return public, nil + } + if public, err := pki.LoadPublicKeyRsa(raw_pu); err == nil { + return public, nil + } + return nil, fmt.Errorf("no valid public key found") +} |