summaryrefslogtreecommitdiff
path: root/go/src/se.leap.bitmaskclient/pgpverify/pgpverify.go
diff options
context:
space:
mode:
authorcyBerta <cyberta@riseup.net>2020-11-09 15:37:31 +0100
committercyBerta <cyberta@riseup.net>2020-11-09 15:37:31 +0100
commitf8daccffc061e2f05f6605913c19d4aa807eaddb (patch)
treea9789cd103807debb302d838dc5aef81fc2a4bb6 /go/src/se.leap.bitmaskclient/pgpverify/pgpverify.go
parent9510a267ac90d74fc47977958a67b4e0bd0b5708 (diff)
initial auto-update implementation: introducing fatweb flavor, pgpverify go library and bitmask core library, basic update mechanism
Diffstat (limited to 'go/src/se.leap.bitmaskclient/pgpverify/pgpverify.go')
-rw-r--r--go/src/se.leap.bitmaskclient/pgpverify/pgpverify.go82
1 files changed, 82 insertions, 0 deletions
diff --git a/go/src/se.leap.bitmaskclient/pgpverify/pgpverify.go b/go/src/se.leap.bitmaskclient/pgpverify/pgpverify.go
new file mode 100644
index 00000000..653ea695
--- /dev/null
+++ b/go/src/se.leap.bitmaskclient/pgpverify/pgpverify.go
@@ -0,0 +1,82 @@
+package pgpverify
+
+import (
+ "os"
+ "strings"
+
+ "golang.org/x/crypto/openpgp"
+)
+
+// PgpVerifier - exported struct used for file verification
+type PgpVerifier struct {
+ //Signature string
+ //Target string
+ //PublicKey string
+ Logger Logger
+}
+
+// Logger - logging interface
+type Logger interface {
+ Log(msg string)
+}
+
+// Verify checks if a file was signed with the correct pgp key
+// using a PEM formatted signature and a corresponding public key
+func (pgpv *PgpVerifier) Verify(signature string, publicKey string, targetPath string) bool {
+ keyRingReader := strings.NewReader(publicKey)
+ signatureReader := strings.NewReader(signature)
+
+ verificationTarget, err := os.Open(targetPath)
+ if err != nil {
+ pgpv.Logger.Log("Open verification target: " + err.Error())
+ return false
+ }
+
+ keyring, err := openpgp.ReadArmoredKeyRing(keyRingReader)
+ if err != nil {
+ pgpv.Logger.Log("Read Armored Key Ring: " + err.Error())
+ return false
+ }
+ _, err = openpgp.CheckArmoredDetachedSignature(keyring, verificationTarget, signatureReader)
+ if err != nil {
+ pgpv.Logger.Log("Verification failed: " + err.Error())
+ return false
+ }
+ pgpv.Logger.Log("Successfully verified: entity.Identities")
+ return true
+}
+
+/*func main() {
+ keyRingReader, err := os.Open("public_leap.asc")
+ if err != nil {
+ fmt.Println(err)
+ return
+ }
+
+ signature, err := os.Open("RiseupVPN_release_1.0.5.apk.sig")
+ if err != nil {
+ fmt.Println(err)
+ return
+ }
+
+ verificationTarget, err := os.Open("RiseupVPN_release_1.0.5.apk")
+ if err != nil {
+ fmt.Println(err)
+ return
+ }
+
+ keyring, err := openpgp.ReadArmoredKeyRing(keyRingReader)
+ if err != nil {
+ fmt.Println("Read Armored Key Ring: " + err.Error())
+ return
+ }
+ entity, err := openpgp.CheckArmoredDetachedSignature(keyring, verificationTarget, signature)
+ if err != nil {
+ fmt.Println("Check Detached Signature: " + err.Error())
+ return
+ } else {
+ fmt.Println("successfully verified")
+ }
+
+ fmt.Println(entity.Identities)
+}*/