예제 #1
0
func TestVerify(t *testing.T) {
	data := bytes.NewReader([]byte("this is a string to sign"))
	err := signature.Verify(pubKey, exampleSig, data)
	if err != nil {
		t.Fatal(err)
	}

	data = bytes.NewReader([]byte("thus is a string to sign"))
	err = signature.Verify(pubKey, exampleSig, data)
	if err == nil {
		t.Fatal("signature should not match")
	}
}
예제 #2
0
func verifyUpgrade(tempName string, sig []byte) error {
	if tempName == "" {
		return fmt.Errorf("no upgrade found")
	}
	if sig == nil {
		return fmt.Errorf("no signature found")
	}

	if debug {
		l.Debugf("checking signature\n%s", sig)
	}

	fd, err := os.Open(tempName)
	if err != nil {
		return err
	}
	err = signature.Verify(SigningKey, sig, fd)
	fd.Close()

	if err != nil {
		os.Remove(tempName)
		return err
	}

	return nil
}
예제 #3
0
파일: main.go 프로젝트: wmwwmv/syncthing
func verifyWithKey(signame, dataname string, pubkey []byte) {
	sig, err := ioutil.ReadFile(signame)
	if err != nil {
		log.Fatal(err)
	}

	fd, err := os.Open(dataname)
	if err != nil {
		log.Fatal(err)
	}
	defer fd.Close()

	err = signature.Verify(pubkey, sig, fd)
	if err != nil {
		log.Fatal(err)
	}

	log.Println("correct signature")
}
예제 #4
0
파일: main.go 프로젝트: burkemw3/syncthing
func verify(keyname, signame, dataname string) {
	pubkey, err := ioutil.ReadFile(keyname)
	if err != nil {
		log.Fatal(err)
	}

	sig, err := ioutil.ReadFile(signame)
	if err != nil {
		log.Fatal(err)
	}

	fd, err := os.Open(dataname)
	if err != nil {
		log.Fatal(err)
	}
	defer fd.Close()

	err = signature.Verify(pubkey, sig, fd)
	if err != nil {
		log.Fatal(err)
	}
}
예제 #5
0
func verifyUpgrade(archiveName, tempName string, sig []byte) error {
	if tempName == "" {
		return fmt.Errorf("no upgrade found")
	}
	if sig == nil {
		return fmt.Errorf("no signature found")
	}

	l.Debugf("checking signature\n%s", sig)

	fd, err := os.Open(tempName)
	if err != nil {
		return err
	}

	// Create a new reader that will serve reads from, in order:
	//
	// - the archive name ("syncthing-linux-amd64-v0.13.0-beta.4.tar.gz")
	//   followed by a newline
	//
	// - the temp file contents
	//
	// We then verify the release signature against the contents of this
	// multireader. This ensures that it is not only a bonafide syncthing
	// binary, but it it also of exactly the platform and version we expect.

	mr := io.MultiReader(bytes.NewBufferString(archiveName+"\n"), fd)
	err = signature.Verify(SigningKey, sig, mr)
	fd.Close()

	if err != nil {
		os.Remove(tempName)
		return err
	}

	return nil
}