Beispiel #1
0
func (ast *AuthorizedState) VerifyState(asciiPubKey string) (err error) {
	var stateString string
	stateString, err = ast.GetStateString()
	if err != nil {
		return
	}
	//fmt.Println("verify:StateString :", stateString)
	var sigBuf bytes.Buffer
	sigBuf.WriteString(ast.AsciiSigOfState)
	var stateStrBuf bytes.Buffer
	stateStrBuf.WriteString(stateString)

	//func CheckArmoredDetachedSignature(keyring KeyRing, signed, signature io.Reader)
	// (signer *Entity, err error)
	//KeyRing is an interface:=>EntityList implements KeyRing hence pass Entity List
	_, pubEnt, errGetPub := PrcIdSigner.GetPub(asciiPubKey)
	if errGetPub != nil {
		err = errGetPub
		return
	}
	pubEntList := &openpgp.EntityList{&pubEnt}
	var signer *openpgp.Entity
	signer, err = openpgp.CheckArmoredDetachedSignature(pubEntList, &stateStrBuf, &sigBuf)

	if err == nil {
		//fmt.Println("Verify:Signer Id = ", signer.Identities)
	} else {
		fmt.Println("VerifyState:Signer Id = ", signer.Identities, "Error = ", err.Error())
	}
	return
}
Beispiel #2
0
func GetAuthsForDomFromStates(remoteStatesInJSON string) (authsForDomains []AuthForDomain, err error) {
	//1.GetAuths from Remote States
	//2.Get Domains
	//3.Verify Auths from dns TXT records for domain
	//4.If verified add to authorities
	allStates, err1 := GetStatesFromJSON(remoteStatesInJSON)
	if err1 != nil {
		err = err1
		return
	}
	for _, state := range allStates {
		claimedAuth := state.FromAuthority
		for _, domain := range claimedAuth.DomainsUnderAuth {
			pksTxtAuth, err2 := GetPksAuthTXTRecord(domain)
			if err2 != nil {
				log.Println(err2)
				continue
			}

			pubKey, _, err3 := PrcIdSigner.GetPub(claimedAuth.AsciiPubKeyOfAuth)
			if err3 != nil {
				log.Println(err3)
				continue
			}
			pubFP := fmt.Sprintf("%X", pubKey.Fingerprint[:])
			pubFP = strings.ToUpper(pubFP)
			txtFP := strings.ToUpper(pksTxtAuth.keyFingerPrint)
			if txtFP != pubFP {
				fmt.Println(txtFP + " != " + pubFP)
				log.Println("Key FingerPrint differ in DNS Text Record of " + domain)
				continue
			}
			err = state.VerifyState(claimedAuth.AsciiPubKeyOfAuth)
			if err != nil {
				log.Println(err)
				continue
			}
			authsForDomains = append(authsForDomains, AuthForDomain{domain: domain, authority: claimedAuth})
		}
	}
	return
}