Adds pm keyring verify <file> <sig>
This commit is contained in:
parent
ff137c7036
commit
2a69f39e4b
@ -23,6 +23,7 @@ subcommands:
|
||||
import (i) -- import a public key from stdin
|
||||
list (ls) -- list configured key info
|
||||
sign (s) -- sign a file
|
||||
verify (v) -- verify a detached signature
|
||||
`
|
||||
|
||||
func main() {
|
||||
@ -91,6 +92,24 @@ func main() {
|
||||
if err := keyring.Sign(root, signID, os.Stdin, os.Stdout); err != nil {
|
||||
fatalf("signing: %v\n", err)
|
||||
}
|
||||
case "verify", "v":
|
||||
if len(args) != 2 {
|
||||
fatalf("usage: pm key verify <file> <sig>\n")
|
||||
}
|
||||
fn, sn := args[0], args[1]
|
||||
ff, err := os.Open(fn)
|
||||
if err != nil {
|
||||
fatalf("opening %q: %v\n", fn, err)
|
||||
}
|
||||
defer ff.Close()
|
||||
sf, err := os.Open(sn)
|
||||
if err != nil {
|
||||
fatalf("opening %q: %v\n", fn, err)
|
||||
}
|
||||
defer sf.Close()
|
||||
if err := keyring.Verify(root, ff, sf); err != nil {
|
||||
fatalf("detached sig verify: %v\n", err)
|
||||
}
|
||||
case "i", "import":
|
||||
if err := keyring.Import(root, os.Stdin); err != nil {
|
||||
fatalf("importing key: %v\n", err)
|
||||
|
@ -204,6 +204,22 @@ func Sign(root, id string, in io.Reader, sig io.Writer) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// Verify verifies a file's deatched signature.
|
||||
func Verify(root string, file, sig io.Reader) error {
|
||||
if err := ensureDir(root); err != nil {
|
||||
return errors.Wrap(err, "can't find or create pgp dir")
|
||||
}
|
||||
srn, prn := getNames(root)
|
||||
_, pubs, err := getELs(srn, prn)
|
||||
if err != nil {
|
||||
return errors.Wrap(err, "getting existing keyrings")
|
||||
}
|
||||
if _, err = openpgp.CheckArmoredDetachedSignature(pubs, file, sig); err != nil {
|
||||
return errors.Wrap(err, "check sig")
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func pGPDir(root string) string {
|
||||
return filepath.Join(root, "var", "lib", "pm", "pgp")
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user