From d01892150eed9d58210eb40b7c005d5fa8e93238 Mon Sep 17 00:00:00 2001
From: Gibheer <gibheer+git@zero-knowledge.org>
Date: Sat, 1 Oct 2016 21:56:29 +0200
Subject: rework program flow

This commit is a complete rebuild of pkictl. Before everything was all
over the place and adding new commands was kind of a hassle.

Now each command has its own file and can be adjusted on a command
basis. Options are still used by the same name, but can now use
different descriptions.
---
 verify_input.go | 76 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 76 insertions(+)
 create mode 100644 verify_input.go

(limited to 'verify_input.go')

diff --git a/verify_input.go b/verify_input.go
new file mode 100644
index 0000000..2fd14b3
--- /dev/null
+++ b/verify_input.go
@@ -0,0 +1,76 @@
+package main
+
+import (
+	"crypto"
+	"encoding/base64"
+	"flag"
+	"fmt"
+	"io/ioutil"
+
+	"github.com/gibheer/pki"
+)
+
+func VerifyInput(args []string) error {
+	fs := flag.NewFlagSet("pkictl verify-input", flag.ExitOnError)
+	flagPublic := fs.String("public-key", "", "path to the public key or read from stdin")
+	flagInput := fs.String("input", "stdin", "path to the message or stdin")
+	flagSignature := fs.String("signature", "", "the signature to check the message against")
+	fs.Parse(args)
+
+	sig, err := base64.StdEncoding.DecodeString(*flagSignature)
+	if err != nil {
+		return err
+	}
+
+	in, err := openInput(*flagInput)
+	if err != nil {
+		return err
+	}
+	defer in.Close()
+	msg, err := ioutil.ReadAll(in)
+	if err != nil {
+		return err
+	}
+
+	pub_raw, err := openInput(*flagPublic)
+	if err != nil {
+		return err
+	}
+	defer pub_raw.Close()
+	pem, err := parseFile(pub_raw)
+	if err != nil {
+		return err
+	}
+	if len(pem) > 1 {
+		return fmt.Errorf("too many objects in public key file")
+	}
+	if len(pem[pki.PemLabelPublic]) > 1 {
+		return fmt.Errorf("too many public keys found")
+	}
+
+	public, err := loadPublicKey(pem[pki.PemLabelPublic][0])
+	if err != nil {
+		return err
+	}
+
+	valid, err := public.Verify(msg, sig, crypto.SHA256)
+	if valid {
+		fmt.Println("valid")
+		return nil
+	}
+	fmt.Println("invalid")
+	return err
+}
+
+func loadPublicKey(raw_pu []byte) (pki.PublicKey, error) {
+	if public, err := pki.LoadPublicKeyEd25519(raw_pu); err != nil {
+		return public, nil
+	}
+	if public, err := pki.LoadPublicKeyEcdsa(raw_pu); err == nil {
+		return public, nil
+	}
+	if public, err := pki.LoadPublicKeyRsa(raw_pu); err == nil {
+		return public, nil
+	}
+	return nil, fmt.Errorf("no valid public key found")
+}
-- 
cgit v1.2.3-70-g09d2