perkeep/server/go/sigserver/verify.go

/*
Copyright 2011 Google Inc.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

     http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

package main

/*

  $ gpg --no-default-keyring --keyring=/tmp/foo --import --armor test/pubkey-blobs/sha1-82e6f3494f69

  $ gpg --no-default-keyring --keyring=/tmp/foo --verify  sig.tmp  doc.tmp ; echo $?
  gpg: Signature made Mon 29 Nov 2010 10:59:52 PM PST using RSA key ID 26F5ABDA
  gpg: Good signature from "Camli Tester <camli-test@example.com>"
  gpg: WARNING: This key is not certified with a trusted signature!
  gpg:          There is no indication that the signature belongs to the owner.
         Primary key fingerprint: FBB8 9AA3 20A2 806F E497  C049 2931 A67C 26F5 ABDA0

*/

import (
	"camli/httputil"
	"camli/jsonsign"
	"http"
	)

func handleVerify(conn http.ResponseWriter, req *http.Request) {
	if !(req.Method == "POST" && req.URL.Path == "/camli/sig/verify") {
		httputil.BadRequestError(conn, "Inconfigured handler.")
		return
	}

	req.ParseForm()
	sjson := req.FormValue("sjson")
	if sjson == "" {
		httputil.BadRequestError(conn, "Missing sjson parameter.")
		return
	}

	m := make(map[string]interface{})

	vreq := jsonsign.NewVerificationRequest(sjson, pubKeyFetcher)
	if vreq.Verify() {
		m["signatureValid"] = 1
		m["verifiedData"] = vreq.PayloadMap
	} else {
		errStr := vreq.Err.String()
		m["signatureValid"] = 0
		m["errorMessage"] = errStr
	}

	conn.WriteHeader(http.StatusOK)  // no HTTP response code fun, error info in JSON
	httputil.ReturnJson(conn, m)
}
Slap on copyright headers. 2011-01-28 07:07:18 +00:00			`/*`
			`Copyright 2011 Google Inc.`

			`Licensed under the Apache License, Version 2.0 (the "License");`
			`you may not use this file except in compliance with the License.`
			`You may obtain a copy of the License at`

			`http://www.apache.org/licenses/LICENSE-2.0`

			`Unless required by applicable law or agreed to in writing, software`
			`distributed under the License is distributed on an "AS IS" BASIS,`
			`WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`See the License for the specific language governing permissions and`
			`limitations under the License.`
			`*/`

start of camsigd verify handler, notes 2010-11-30 07:22:11 +00:00			`package main`

			`/*`

More sig verify work; move blobref to a library 2010-12-03 15:34:24 +00:00			`$ gpg --no-default-keyring --keyring=/tmp/foo --import --armor test/pubkey-blobs/sha1-82e6f3494f69`
start of camsigd verify handler, notes 2010-11-30 07:22:11 +00:00
More sig verify work; move blobref to a library 2010-12-03 15:34:24 +00:00			`$ gpg --no-default-keyring --keyring=/tmp/foo --verify sig.tmp doc.tmp ; echo $?`
			`gpg: Signature made Mon 29 Nov 2010 10:59:52 PM PST using RSA key ID 26F5ABDA`
			`gpg: Good signature from "Camli Tester <camli-test@example.com>"`
			`gpg: WARNING: This key is not certified with a trusted signature!`
			`gpg: There is no indication that the signature belongs to the owner.`
			`Primary key fingerprint: FBB8 9AA3 20A2 806F E497 C049 2931 A67C 26F5 ABDA0`
start of camsigd verify handler, notes 2010-11-30 07:22:11 +00:00
			`*/`

			`import (`
rename http_util to httputil 2010-12-06 06:34:46 +00:00			`"camli/httputil"`
Move signing and verifying into a library. 2010-12-09 03:24:48 +00:00			`"camli/jsonsign"`
Verification works! and with unit tests. 2010-12-04 21:49:34 +00:00			`"http"`
More sig verify work; move blobref to a library 2010-12-03 15:34:24 +00:00			`)`

Clean up and break up verification code More testable and readable. 2010-12-04 18:12:41 +00:00			`func handleVerify(conn http.ResponseWriter, req *http.Request) {`
			`if !(req.Method == "POST" && req.URL.Path == "/camli/sig/verify") {`
rename http_util to httputil 2010-12-06 06:34:46 +00:00			`httputil.BadRequestError(conn, "Inconfigured handler.")`
more verification work 2010-12-04 03:30:08 +00:00			`return`
			`}`

Clean up and break up verification code More testable and readable. 2010-12-04 18:12:41 +00:00			`req.ParseForm()`
			`sjson := req.FormValue("sjson")`
			`if sjson == "" {`
rename http_util to httputil 2010-12-06 06:34:46 +00:00			`httputil.BadRequestError(conn, "Missing sjson parameter.")`
Clean up and break up verification code More testable and readable. 2010-12-04 18:12:41 +00:00			`return`
			`}`

Verification works! and with unit tests. 2010-12-04 21:49:34 +00:00			`m := make(map[string]interface{})`

Cleanup; make blobserver's GET path use blobref.Fether interface Also expands the Fetcher interface slightly, and cleans up some other code in the process. 2010-12-14 02:20:31 +00:00			`vreq := jsonsign.NewVerificationRequest(sjson, pubKeyFetcher)`
Verification works! and with unit tests. 2010-12-04 21:49:34 +00:00			`if vreq.Verify() {`
			`m["signatureValid"] = 1`
			`m["verifiedData"] = vreq.PayloadMap`
			`} else {`
			`errStr := vreq.Err.String()`
			`m["signatureValid"] = 0`
			`m["errorMessage"] = errStr`
more verification work 2010-12-04 03:30:08 +00:00			`}`

Verification works! and with unit tests. 2010-12-04 21:49:34 +00:00			`conn.WriteHeader(http.StatusOK) // no HTTP response code fun, error info in JSON`
rename http_util to httputil 2010-12-06 06:34:46 +00:00			`httputil.ReturnJson(conn, m)`
start of camsigd verify handler, notes 2010-11-30 07:22:11 +00:00			`}`