Adds pm keyring verify <file> <sig>

This commit is contained in:
Stephen McQuay 2018-02-25 19:56:04 -08:00
parent ff137c7036
commit 2a69f39e4b
Signed by untrusted user: sm
GPG Key ID: 4E4B72F479BA3CE5
2 changed files with 35 additions and 0 deletions

View File

@ -23,6 +23,7 @@ subcommands:
import (i) -- import a public key from stdin
list (ls) -- list configured key info
sign (s) -- sign a file
verify (v) -- verify a detached signature
`
func main() {
@ -91,6 +92,24 @@ func main() {
if err := keyring.Sign(root, signID, os.Stdin, os.Stdout); err != nil {
fatalf("signing: %v\n", err)
}
case "verify", "v":
if len(args) != 2 {
fatalf("usage: pm key verify <file> <sig>\n")
}
fn, sn := args[0], args[1]
ff, err := os.Open(fn)
if err != nil {
fatalf("opening %q: %v\n", fn, err)
}
defer ff.Close()
sf, err := os.Open(sn)
if err != nil {
fatalf("opening %q: %v\n", fn, err)
}
defer sf.Close()
if err := keyring.Verify(root, ff, sf); err != nil {
fatalf("detached sig verify: %v\n", err)
}
case "i", "import":
if err := keyring.Import(root, os.Stdin); err != nil {
fatalf("importing key: %v\n", err)

View File

@ -204,6 +204,22 @@ func Sign(root, id string, in io.Reader, sig io.Writer) error {
return nil
}
// Verify verifies a file's deatched signature.
func Verify(root string, file, sig io.Reader) error {
if err := ensureDir(root); err != nil {
return errors.Wrap(err, "can't find or create pgp dir")
}
srn, prn := getNames(root)
_, pubs, err := getELs(srn, prn)
if err != nil {
return errors.Wrap(err, "getting existing keyrings")
}
if _, err = openpgp.CheckArmoredDetachedSignature(pubs, file, sig); err != nil {
return errors.Wrap(err, "check sig")
}
return nil
}
func pGPDir(root string) string {
return filepath.Join(root, "var", "lib", "pm", "pgp")
}