func openArmoredPublicKeyFile(reader io.ReadCloser) (*packet.PublicKeyPacket, os.Error) {
defer reader.Close()
var lr = io.LimitReader(reader, publicKeyMaxSize)
data, err := ioutil.ReadAll(lr)
if err != nil {
return nil, os.NewError(fmt.Sprintf("Error reading public key file: %v", err))
}
if len(data) == publicKeyMaxSize {
return nil, os.NewError(fmt.Sprintf("Public key blob is too large"))
}
block, _ := armor.Decode(data)
if block == nil {
return nil, os.NewError("Couldn't find PGP block in public key file")
}
if block.Type != "PGP PUBLIC KEY BLOCK" {
return nil, os.NewError("Invalid public key blob.")
}
buf := bytes.NewBuffer(block.Bytes)
p, err := packet.ReadPacket(buf)
if err != nil {
return nil, os.NewError(fmt.Sprintf("Invalid public key blob: %v", err))
}
pk, ok := p.(packet.PublicKeyPacket)
if !ok {
return nil, os.NewError(fmt.Sprintf("Invalid public key blob; not a public key packet"))
}
return &pk, nil
}
func (vr *VerifyRequest) VerifySignature() bool {
armorData := reArmor(vr.CamliSig)
block, _ := armor.Decode([]byte(armorData))
if block == nil {
return vr.fail("Can't parse camliSig armor")
}
buf := bytes.NewBuffer(block.Bytes)
p, err := packet.ReadPacket(buf)
if err != nil {
return vr.fail("Error reading PGP packet from camliSig")
}
sig, ok := p.(packet.SignaturePacket)
if !ok {
return vr.fail("PGP packet isn't a signature packet")
}
if sig.Hash != packet.HashFuncSHA1 {
return vr.fail("I can only verify SHA1 signatures")
}
if sig.SigType != packet.SigTypeBinary {
return vr.fail("I can only verify binary signatures")
}
hash := sha1.New()
hash.Write(vr.bp) // payload bytes
hash.Write(sig.HashSuffix)
hashBytes := hash.Sum()
if hashBytes[0] != sig.HashTag[0] || hashBytes[1] != sig.HashTag[1] {
return vr.fail("hash tag doesn't match")
}
err = rsa.VerifyPKCS1v15(&vr.PublicKeyPacket.PublicKey, rsa.HashSHA1, hashBytes, sig.Signature)
if err != nil {
return vr.fail(fmt.Sprintf("bad signature: %s", err))
}
return true
}
func readOpenPGPPacketFromArmoredFileOrDie(fileName string, armorType string) (p packet.Packet) {
data, err := ioutil.ReadFile(fileName)
if err != nil {
log.Exit("Cannot open '%s': %s", fileName, err)
}
block, _ := armor.Decode(data)
if block == nil {
log.Exit("cannot parse armor")
}
if block.Type != armorType {
log.Exitf("bad type in '%s' (got: %s, want: %s)", fileName, block.Type, armorType)
}
buf := bytes.NewBuffer(block.Bytes)
p, err = packet.ReadPacket(buf)
if err != nil {
log.Exitf("failed to parse packet from '%s': %s", fileName, err)
}
return
}