예제 #1
0
func (vr *VerifyRequest) VerifySignature() bool {
	armorData := reArmor(vr.CamliSig)
	block, _ := armor.Decode(bytes.NewBufferString(armorData))
	if block == nil {
		return vr.fail("can't parse camliSig armor")
	}
	var p packet.Packet
	var err error
	p, err = packet.Read(block.Body)
	if err != nil {
		return vr.fail("error reading PGP packet from camliSig: " + err.Error())
	}
	sig, ok := p.(*packet.Signature)
	if !ok {
		return vr.fail("PGP packet isn't a signature packet")
	}
	if sig.Hash != crypto.SHA1 && sig.Hash != crypto.SHA256 {
		return vr.fail("I can only verify SHA1 or SHA256 signatures")
	}
	if sig.SigType != packet.SigTypeBinary {
		return vr.fail("I can only verify binary signatures")
	}
	hash := sig.Hash.New()
	hash.Write(vr.bp) // payload bytes
	err = vr.PublicKeyPacket.VerifySignature(hash, sig)
	if err != nil {
		return vr.fail(fmt.Sprintf("bad signature: %s", err))
	}
	vr.SignerKeyId = vr.PublicKeyPacket.KeyIdString()
	return true
}
예제 #2
0
파일: userid.go 프로젝트: cmars/hockeypuck
func (uid *UserId) Read() (err error) {
	buf := bytes.NewBuffer(uid.Packet)
	var p packet.Packet
	if p, err = packet.Read(buf); err != nil {
		return
	}
	return uid.setPacket(p)
}
예제 #3
0
func (uat *UserAttribute) Read() (err error) {
	buf := bytes.NewBuffer(uat.Packet)
	var p packet.Packet
	if p, err = packet.Read(buf); err != nil {
		return err
	}
	return uat.setPacket(p)
}
예제 #4
0
파일: subkey.go 프로젝트: cmars/hockeypuck
func (subkey *Subkey) Read() (err error) {
	buf := bytes.NewBuffer(subkey.Packet)
	var p packet.Packet
	if p, err = packet.Read(buf); err != nil {
		return err
	}
	return subkey.setPacket(p)
}
예제 #5
0
func (sig *Signature) Read() (err error) {
	buf := bytes.NewBuffer(sig.Packet)
	var p packet.Packet
	if p, err = packet.Read(buf); err != nil {
		return
	}
	return sig.setPacket(p)
}
예제 #6
0
파일: read.go 프로젝트: jamesjacko/dewis
// CheckDetachedSignature takes a signed file and a detached signature and
// returns the signer if the signature is valid. If the signer isn't known,
// ErrUnknownIssuer is returned.
func CheckDetachedSignature(keyring KeyRing, signed, signature io.Reader) (signer *Entity, err error) {
	p, err := packet.Read(signature)
	if err != nil {
		return
	}

	var issuerKeyId uint64
	var hashFunc crypto.Hash
	var sigType packet.SignatureType

	switch sig := p.(type) {
	case *packet.Signature:
		if sig.IssuerKeyId == nil {
			return nil, errors.StructuralError("signature doesn't have an issuer")
		}
		issuerKeyId = *sig.IssuerKeyId
		hashFunc = sig.Hash
		sigType = sig.SigType
	case *packet.SignatureV3:
		issuerKeyId = sig.IssuerKeyId
		hashFunc = sig.Hash
		sigType = sig.SigType
	default:
		return nil, errors.StructuralError("non signature packet found")
	}

	h, wrappedHash, err := hashForSignature(hashFunc, sigType)
	if err != nil {
		return
	}

	_, err = io.Copy(wrappedHash, signed)
	if err != nil && err != io.EOF {
		return
	}

	keys := keyring.KeysByIdUsage(issuerKeyId, packet.KeyFlagSign)
	if len(keys) == 0 {
		return nil, errors.ErrUnknownIssuer
	}

	for _, key := range keys {
		switch sig := p.(type) {
		case *packet.Signature:
			err = key.PublicKey.VerifySignature(h, sig)
		case *packet.SignatureV3:
			err = key.PublicKey.VerifySignatureV3(h, sig)
		}
		if err == nil {
			return key.Entity, nil
		}
	}

	if err == nil {
		err = errors.ErrUnknownIssuer
	}
	return nil, err
}
예제 #7
0
파일: pubkey.go 프로젝트: kisom/hockeypuck
func (pubkey *Pubkey) Read() (err error) {
	buf := bytes.NewBuffer(pubkey.Packet)
	var p packet.Packet
	if p, err = packet.Read(buf); err != nil {
		if pubkey.State&PacketStateUnsuppPubkey != 0 {
			return nil
		}
		return err
	}
	err = pubkey.setPacket(p)
	return
}
예제 #8
0
파일: verify.go 프로젝트: nymsio/pgpmail
func getIssuerFromSignature(sigReader io.Reader) (uint64, error) {
	p, err := packet.Read(sigReader)
	if err != nil {
		return 0, err
	}
	switch sig := p.(type) {
	case *packet.Signature:
		if sig.IssuerKeyId == nil {
			return 0, errors.New("signature doesn't have an issuer")
		}
		return *sig.IssuerKeyId, nil
	case *packet.SignatureV3:
		return sig.IssuerKeyId, nil
	default:
		return 0, errors.New("non signature packet found")
	}
}
예제 #9
0
파일: read.go 프로젝트: Bobberino/musings
// CheckDetachedSignature takes a signed file and a detached signature and
// returns the signer if the signature is valid. If the signer isn't known,
// ErrUnknownIssuer is returned.
func CheckDetachedSignature(keyring KeyRing, signed, signature io.Reader) (signer *Entity, err error) {
	p, err := packet.Read(signature)
	if err != nil {
		return
	}

	sig, ok := p.(*packet.Signature)
	if !ok {
		return nil, errors.StructuralError("non signature packet found")
	}

	if sig.IssuerKeyId == nil {
		return nil, errors.StructuralError("signature doesn't have an issuer")
	}

	keys := keyring.KeysById(*sig.IssuerKeyId)
	if len(keys) == 0 {
		return nil, errors.ErrUnknownIssuer
	}

	h, wrappedHash, err := hashForSignature(sig.Hash, sig.SigType)
	if err != nil {
		return
	}

	_, err = io.Copy(wrappedHash, signed)
	if err != nil && err != io.EOF {
		return
	}

	for _, key := range keys {
		if key.SelfSignature.FlagsValid && !key.SelfSignature.FlagSign {
			continue
		}
		err = key.PublicKey.VerifySignature(h, sig)
		if err == nil {
			return key.Entity, nil
		}
	}

	if err != nil {
		return
	}

	return nil, errors.ErrUnknownIssuer
}
예제 #10
0
func TestUatRtt(t *testing.T) {
	f := MustInput(t, "uat.asc")
	defer f.Close()
	block, err := armor.Decode(f)
	if err != nil {
		t.Fatal(err)
	}
	var p packet.Packet
	for {
		p, err = packet.Read(block.Body)
		if err != nil {
			break
		}
		if uat, is := p.(*packet.UserAttribute); is {
			var buf bytes.Buffer
			uat.Serialize(&buf)
			or := packet.NewOpaqueReader(bytes.NewBuffer(buf.Bytes()))
			op, _ := or.Next()
			assert.Equal(t, buf.Bytes()[3:], op.Contents)
		}
	}
}
예제 #11
0
func openArmoredPublicKeyFile(reader io.ReadCloser) (*packet.PublicKey, error) {
	defer reader.Close()

	var lr = io.LimitReader(reader, publicKeyMaxSize)
	block, _ := armor.Decode(lr)
	if block == nil {
		return nil, errors.New("Couldn't find PGP block in public key file")
	}
	if block.Type != "PGP PUBLIC KEY BLOCK" {
		return nil, errors.New("Invalid public key blob.")
	}
	p, err := packet.Read(block.Body)
	if err != nil {
		return nil, fmt.Errorf("Invalid public key blob: %v", err)
	}

	pk, ok := p.(*packet.PublicKey)
	if !ok {
		return nil, fmt.Errorf("Invalid public key blob; not a public key packet")
	}
	return pk, nil
}
예제 #12
0
func (sig *Signature) GetSignature() (packet.Packet, error) {
	buf := bytes.NewBuffer(sig.Packet)
	return packet.Read(buf)
}