| 157 | } |
| 158 | |
| 159 | func (vr *VerifyRequest) VerifySignature() bool { |
| 160 | armorData := reArmor(vr.CamliSig) |
| 161 | block, _ := armor.Decode(bytes.NewBufferString(armorData)) |
| 162 | if block == nil { |
| 163 | return vr.fail("can't parse camliSig armor") |
| 164 | } |
| 165 | var p packet.Packet |
| 166 | var err error |
| 167 | p, err = packet.Read(block.Body) |
| 168 | if err != nil { |
| 169 | return vr.fail("error reading PGP packet from camliSig: " + err.Error()) |
| 170 | } |
| 171 | sig, ok := p.(*packet.Signature) |
| 172 | if !ok { |
| 173 | return vr.fail("PGP packet isn't a signature packet") |
| 174 | } |
| 175 | if sig.Hash != crypto.SHA1 && sig.Hash != crypto.SHA256 { |
| 176 | return vr.fail("I can only verify SHA1 or SHA256 signatures") |
| 177 | } |
| 178 | if sig.SigType != packet.SigTypeBinary { |
| 179 | return vr.fail("I can only verify binary signatures") |
| 180 | } |
| 181 | hash := sig.Hash.New() |
| 182 | hash.Write(vr.bp) // payload bytes |
| 183 | err = vr.PublicKeyPacket.VerifySignature(hash, sig) |
| 184 | if err != nil { |
| 185 | return vr.fail(fmt.Sprintf("bad signature: %s", err)) |
| 186 | } |
| 187 | vr.SignerKeyId = vr.PublicKeyPacket.KeyIdString() |
| 188 | return true |
| 189 | } |
| 190 | |
| 191 | func NewVerificationRequest(sjson string, fetcher blob.Fetcher) (vr *VerifyRequest) { |
| 192 | if fetcher == nil { |