func checkSignature(ks *Keystore, prefix string, signed, signature io.ReadSeeker) (*openpgp.Entity, error) {
acidentifier, err := types.NewACIdentifier(prefix)
if err != nil {
return nil, err
}
keyring, err := ks.loadKeyring(acidentifier.String())
if err != nil {
return nil, fmt.Errorf("keystore: error loading keyring %v", err)
}
entities, err := openpgp.CheckArmoredDetachedSignature(keyring, signed, signature)
if err == io.EOF {
// When the signature is binary instead of armored, the error is io.EOF.
// Let's try with binary signatures as well
if _, err := signed.Seek(0, 0); err != nil {
return nil, fmt.Errorf("error seeking ACI file: %v", err)
}
if _, err := signature.Seek(0, 0); err != nil {
return nil, fmt.Errorf("error seeking signature file: %v", err)
}
entities, err = openpgp.CheckDetachedSignature(keyring, signed, signature)
}
if err == io.EOF {
// otherwise, the client failure is just "EOF", which is not helpful
return nil, fmt.Errorf("keystore: no valid signatures found in signature file")
}
return entities, err
}
func checkSignature(ks *Keystore, prefix string, signed, signature io.Reader) (*openpgp.Entity, error) {
acname, err := types.NewACName(prefix)
if err != nil {
return nil, err
}
keyring, err := ks.loadKeyring(acname.String())
if err != nil {
return nil, fmt.Errorf("keystore: error loading keyring %v", err)
}
entities, err := openpgp.CheckArmoredDetachedSignature(keyring, signed, signature)
if err == io.EOF {
// otherwise, the client failure is just "EOF", which is not helpful
return nil, fmt.Errorf("keystore: no signatures found")
}
return entities, err
}
