2011-01-28 07:07:18 +00:00
|
|
|
/*
|
|
|
|
|
Copyright 2011 Google Inc.
|
|
|
|
|
|
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
|
you may not use this file except in compliance with the License.
|
|
|
|
|
You may obtain a copy of the License at
|
|
|
|
|
|
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
|
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
|
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
|
See the License for the specific language governing permissions and
|
|
|
|
|
limitations under the License.
|
|
|
|
|
*/
|
|
|
|
|
|
2010-12-09 03:24:48 +00:00
|
|
|
package jsonsign
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"bytes"
|
2011-02-02 20:29:51 +00:00
|
|
|
"crypto"
|
Update from r60 to [almost] Go 1.
A lot is still broken, but most stuff at least compiles now.
The directory tree has been rearranged now too. Go libraries are now
under "pkg". Fully qualified, they are e.g. "camlistore.org/pkg/jsonsign".
The go tool cannot yet fetch from arbitrary domains, but discussion is
happening now on which mechanism to use to allow that.
For now, put the camlistore root under $GOPATH/src. Typically $GOPATH
is $HOME, so Camlistore should be at $HOME/src/camlistore.org.
Then you can:
$ go build ./server/camlistored
... etc
The build.pl script is currently disabled. It'll be resurrected at
some point, but with a very different role (helping create a fake
GOPATH and running the go build command, if things are installed at
the wrong place, and/or running fileembed generators).
Many things are certainly broken.
Many things are disabled. (MySQL, all indexing, etc).
Many things need to be moved into
camlistore.org/third_party/{code.google.com,github.com} and updated
from their r60 to Go 1 versions, where applicable.
The GoMySQL stuff should be updated to use database/sql and the ziutek
library implementing database/sql/driver.
Help wanted.
Change-Id: If71217dc5c8f0e70dbe46e9504ca5131c6eeacde
2012-02-19 05:53:06 +00:00
|
|
|
"encoding/json"
|
|
|
|
|
"errors"
|
2010-12-09 03:24:48 +00:00
|
|
|
"fmt"
|
|
|
|
|
"log"
|
|
|
|
|
"strings"
|
2011-05-16 16:01:35 +00:00
|
|
|
|
Update from r60 to [almost] Go 1.
A lot is still broken, but most stuff at least compiles now.
The directory tree has been rearranged now too. Go libraries are now
under "pkg". Fully qualified, they are e.g. "camlistore.org/pkg/jsonsign".
The go tool cannot yet fetch from arbitrary domains, but discussion is
happening now on which mechanism to use to allow that.
For now, put the camlistore root under $GOPATH/src. Typically $GOPATH
is $HOME, so Camlistore should be at $HOME/src/camlistore.org.
Then you can:
$ go build ./server/camlistored
... etc
The build.pl script is currently disabled. It'll be resurrected at
some point, but with a very different role (helping create a fake
GOPATH and running the go build command, if things are installed at
the wrong place, and/or running fileembed generators).
Many things are certainly broken.
Many things are disabled. (MySQL, all indexing, etc).
Many things need to be moved into
camlistore.org/third_party/{code.google.com,github.com} and updated
from their r60 to Go 1 versions, where applicable.
The GoMySQL stuff should be updated to use database/sql and the ziutek
library implementing database/sql/driver.
Help wanted.
Change-Id: If71217dc5c8f0e70dbe46e9504ca5131c6eeacde
2012-02-19 05:53:06 +00:00
|
|
|
"camlistore.org/pkg/blobref"
|
|
|
|
|
"camlistore.org/third_party/code.google.com/p/go.crypto/openpgp/armor"
|
|
|
|
|
"camlistore.org/third_party/code.google.com/p/go.crypto/openpgp/packet"
|
2011-03-16 01:01:04 +00:00
|
|
|
)
|
2010-12-09 03:24:48 +00:00
|
|
|
|
2011-05-16 16:01:35 +00:00
|
|
|
var _ = log.Printf
|
2010-12-09 03:24:48 +00:00
|
|
|
|
|
|
|
|
const sigSeparator = `,"camliSig":"`
|
|
|
|
|
|
|
|
|
|
// reArmor takes a camliSig (single line armor) and turns it back into an PGP-style
|
|
|
|
|
// multi-line armored string
|
|
|
|
|
func reArmor(line string) string {
|
|
|
|
|
lastEq := strings.LastIndex(line, "=")
|
|
|
|
|
if lastEq == -1 {
|
|
|
|
|
return ""
|
|
|
|
|
}
|
2011-03-16 00:37:52 +00:00
|
|
|
buf := new(bytes.Buffer)
|
|
|
|
|
fmt.Fprintf(buf, "-----BEGIN PGP SIGNATURE-----\n\n")
|
|
|
|
|
payload := line[0:lastEq]
|
|
|
|
|
crc := line[lastEq:]
|
|
|
|
|
for len(payload) > 0 {
|
|
|
|
|
chunkLen := len(payload)
|
|
|
|
|
if chunkLen > 60 {
|
|
|
|
|
chunkLen = 60
|
|
|
|
|
}
|
|
|
|
|
fmt.Fprintf(buf, "%s\n", payload[0:chunkLen])
|
|
|
|
|
payload = payload[chunkLen:]
|
|
|
|
|
}
|
|
|
|
|
fmt.Fprintf(buf, "%s\n-----BEGIN PGP SIGNATURE-----\n", crc)
|
|
|
|
|
return buf.String()
|
2010-12-09 03:24:48 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// See doc/json-signing/* for background and details
|
|
|
|
|
// on these variable names.
|
|
|
|
|
type VerifyRequest struct {
|
2011-05-06 04:45:24 +00:00
|
|
|
fetcher blobref.StreamingFetcher // fetcher used to find public key blob
|
2010-12-09 03:24:48 +00:00
|
|
|
|
2011-03-16 01:01:04 +00:00
|
|
|
ba []byte // "bytes all"
|
|
|
|
|
bp []byte // "bytes payload" (the part that is signed)
|
|
|
|
|
bpj []byte // "bytes payload, JSON" (BP + "}")
|
|
|
|
|
bs []byte // "bytes signature", "{" + separator + camliSig, valid JSON
|
2010-12-09 03:24:48 +00:00
|
|
|
|
2011-03-16 01:01:04 +00:00
|
|
|
CamliSigner *blobref.BlobRef
|
|
|
|
|
CamliSig string
|
2011-03-15 05:51:36 +00:00
|
|
|
PublicKeyPacket *packet.PublicKey
|
2010-12-09 03:24:48 +00:00
|
|
|
|
2011-03-16 01:01:04 +00:00
|
|
|
// set if Verify() returns true:
|
|
|
|
|
PayloadMap map[string]interface{} // The JSON values from BPJ
|
2011-07-02 16:09:50 +00:00
|
|
|
SignerKeyId string // e.g. "2931A67C26F5ABDA"
|
2011-03-16 01:01:04 +00:00
|
|
|
|
Update from r60 to [almost] Go 1.
A lot is still broken, but most stuff at least compiles now.
The directory tree has been rearranged now too. Go libraries are now
under "pkg". Fully qualified, they are e.g. "camlistore.org/pkg/jsonsign".
The go tool cannot yet fetch from arbitrary domains, but discussion is
happening now on which mechanism to use to allow that.
For now, put the camlistore root under $GOPATH/src. Typically $GOPATH
is $HOME, so Camlistore should be at $HOME/src/camlistore.org.
Then you can:
$ go build ./server/camlistored
... etc
The build.pl script is currently disabled. It'll be resurrected at
some point, but with a very different role (helping create a fake
GOPATH and running the go build command, if things are installed at
the wrong place, and/or running fileembed generators).
Many things are certainly broken.
Many things are disabled. (MySQL, all indexing, etc).
Many things need to be moved into
camlistore.org/third_party/{code.google.com,github.com} and updated
from their r60 to Go 1 versions, where applicable.
The GoMySQL stuff should be updated to use database/sql and the ziutek
library implementing database/sql/driver.
Help wanted.
Change-Id: If71217dc5c8f0e70dbe46e9504ca5131c6eeacde
2012-02-19 05:53:06 +00:00
|
|
|
Err error // last error encountered
|
2010-12-09 03:24:48 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (vr *VerifyRequest) fail(msg string) bool {
|
Update from r60 to [almost] Go 1.
A lot is still broken, but most stuff at least compiles now.
The directory tree has been rearranged now too. Go libraries are now
under "pkg". Fully qualified, they are e.g. "camlistore.org/pkg/jsonsign".
The go tool cannot yet fetch from arbitrary domains, but discussion is
happening now on which mechanism to use to allow that.
For now, put the camlistore root under $GOPATH/src. Typically $GOPATH
is $HOME, so Camlistore should be at $HOME/src/camlistore.org.
Then you can:
$ go build ./server/camlistored
... etc
The build.pl script is currently disabled. It'll be resurrected at
some point, but with a very different role (helping create a fake
GOPATH and running the go build command, if things are installed at
the wrong place, and/or running fileembed generators).
Many things are certainly broken.
Many things are disabled. (MySQL, all indexing, etc).
Many things need to be moved into
camlistore.org/third_party/{code.google.com,github.com} and updated
from their r60 to Go 1 versions, where applicable.
The GoMySQL stuff should be updated to use database/sql and the ziutek
library implementing database/sql/driver.
Help wanted.
Change-Id: If71217dc5c8f0e70dbe46e9504ca5131c6eeacde
2012-02-19 05:53:06 +00:00
|
|
|
vr.Err = errors.New("jsonsign: " + msg)
|
2010-12-09 03:24:48 +00:00
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (vr *VerifyRequest) ParseSigMap() bool {
|
|
|
|
|
sigMap := make(map[string]interface{})
|
|
|
|
|
if err := json.Unmarshal(vr.bs, &sigMap); err != nil {
|
2011-03-16 00:37:52 +00:00
|
|
|
return vr.fail("invalid JSON in signature")
|
2010-12-09 03:24:48 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if len(sigMap) != 1 {
|
|
|
|
|
return vr.fail("signature JSON didn't have exactly 1 key")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sigVal, hasCamliSig := sigMap["camliSig"]
|
|
|
|
|
if !hasCamliSig {
|
|
|
|
|
return vr.fail("no 'camliSig' key in signature")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var ok bool
|
|
|
|
|
vr.CamliSig, ok = sigVal.(string)
|
|
|
|
|
if !ok {
|
|
|
|
|
return vr.fail("camliSig not a string")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return true
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (vr *VerifyRequest) ParsePayloadMap() bool {
|
|
|
|
|
vr.PayloadMap = make(map[string]interface{})
|
|
|
|
|
pm := vr.PayloadMap
|
|
|
|
|
|
|
|
|
|
if err := json.Unmarshal(vr.bpj, &pm); err != nil {
|
|
|
|
|
return vr.fail("parse error; payload JSON is invalid")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if _, hasVersion := pm["camliVersion"]; !hasVersion {
|
2011-03-16 00:37:52 +00:00
|
|
|
return vr.fail("missing 'camliVersion' in the JSON payload")
|
2010-12-09 03:24:48 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
signer, hasSigner := pm["camliSigner"]
|
|
|
|
|
if !hasSigner {
|
2011-03-16 00:37:52 +00:00
|
|
|
return vr.fail("missing 'camliSigner' in the JSON payload")
|
2010-12-09 03:24:48 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if _, ok := signer.(string); !ok {
|
2011-03-16 00:37:52 +00:00
|
|
|
return vr.fail("invalid 'camliSigner' in the JSON payload")
|
2010-12-09 03:24:48 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
vr.CamliSigner = blobref.Parse(signer.(string))
|
|
|
|
|
if vr.CamliSigner == nil {
|
2011-03-16 00:37:52 +00:00
|
|
|
return vr.fail("malformed 'camliSigner' blobref in the JSON payload")
|
2010-12-09 03:24:48 +00:00
|
|
|
}
|
|
|
|
|
return true
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (vr *VerifyRequest) FindAndParsePublicKeyBlob() bool {
|
2011-05-06 04:45:24 +00:00
|
|
|
reader, _, err := vr.fetcher.FetchStreaming(vr.CamliSigner)
|
2010-12-09 03:24:48 +00:00
|
|
|
if err != nil {
|
2011-03-16 00:37:52 +00:00
|
|
|
return vr.fail(fmt.Sprintf("error fetching public key blob: %v", err))
|
2010-12-09 03:24:48 +00:00
|
|
|
}
|
2011-05-06 04:45:24 +00:00
|
|
|
defer reader.Close()
|
2010-12-09 03:24:48 +00:00
|
|
|
pk, err := openArmoredPublicKeyFile(reader)
|
|
|
|
|
if err != nil {
|
2011-03-16 00:37:52 +00:00
|
|
|
return vr.fail(fmt.Sprintf("error opening public key file: %v", err))
|
2010-12-09 03:24:48 +00:00
|
|
|
}
|
|
|
|
|
vr.PublicKeyPacket = pk
|
2011-03-16 01:01:04 +00:00
|
|
|
return true
|
2010-12-09 03:24:48 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (vr *VerifyRequest) VerifySignature() bool {
|
|
|
|
|
armorData := reArmor(vr.CamliSig)
|
2011-03-15 05:51:36 +00:00
|
|
|
block, _ := armor.Decode(bytes.NewBufferString(armorData))
|
2010-12-09 03:24:48 +00:00
|
|
|
if block == nil {
|
2011-03-16 00:37:52 +00:00
|
|
|
return vr.fail("can't parse camliSig armor")
|
2010-12-09 03:24:48 +00:00
|
|
|
}
|
2011-03-15 05:51:36 +00:00
|
|
|
var p packet.Packet
|
Update from r60 to [almost] Go 1.
A lot is still broken, but most stuff at least compiles now.
The directory tree has been rearranged now too. Go libraries are now
under "pkg". Fully qualified, they are e.g. "camlistore.org/pkg/jsonsign".
The go tool cannot yet fetch from arbitrary domains, but discussion is
happening now on which mechanism to use to allow that.
For now, put the camlistore root under $GOPATH/src. Typically $GOPATH
is $HOME, so Camlistore should be at $HOME/src/camlistore.org.
Then you can:
$ go build ./server/camlistored
... etc
The build.pl script is currently disabled. It'll be resurrected at
some point, but with a very different role (helping create a fake
GOPATH and running the go build command, if things are installed at
the wrong place, and/or running fileembed generators).
Many things are certainly broken.
Many things are disabled. (MySQL, all indexing, etc).
Many things need to be moved into
camlistore.org/third_party/{code.google.com,github.com} and updated
from their r60 to Go 1 versions, where applicable.
The GoMySQL stuff should be updated to use database/sql and the ziutek
library implementing database/sql/driver.
Help wanted.
Change-Id: If71217dc5c8f0e70dbe46e9504ca5131c6eeacde
2012-02-19 05:53:06 +00:00
|
|
|
var err error
|
2011-03-15 05:51:36 +00:00
|
|
|
p, err = packet.Read(block.Body)
|
2010-12-09 03:24:48 +00:00
|
|
|
if err != nil {
|
Update from r60 to [almost] Go 1.
A lot is still broken, but most stuff at least compiles now.
The directory tree has been rearranged now too. Go libraries are now
under "pkg". Fully qualified, they are e.g. "camlistore.org/pkg/jsonsign".
The go tool cannot yet fetch from arbitrary domains, but discussion is
happening now on which mechanism to use to allow that.
For now, put the camlistore root under $GOPATH/src. Typically $GOPATH
is $HOME, so Camlistore should be at $HOME/src/camlistore.org.
Then you can:
$ go build ./server/camlistored
... etc
The build.pl script is currently disabled. It'll be resurrected at
some point, but with a very different role (helping create a fake
GOPATH and running the go build command, if things are installed at
the wrong place, and/or running fileembed generators).
Many things are certainly broken.
Many things are disabled. (MySQL, all indexing, etc).
Many things need to be moved into
camlistore.org/third_party/{code.google.com,github.com} and updated
from their r60 to Go 1 versions, where applicable.
The GoMySQL stuff should be updated to use database/sql and the ziutek
library implementing database/sql/driver.
Help wanted.
Change-Id: If71217dc5c8f0e70dbe46e9504ca5131c6eeacde
2012-02-19 05:53:06 +00:00
|
|
|
return vr.fail("error reading PGP packet from camliSig: " + err.Error())
|
2010-12-09 03:24:48 +00:00
|
|
|
}
|
2011-03-15 05:51:36 +00:00
|
|
|
sig, ok := p.(*packet.Signature)
|
2010-12-09 03:24:48 +00:00
|
|
|
if !ok {
|
|
|
|
|
return vr.fail("PGP packet isn't a signature packet")
|
|
|
|
|
}
|
2011-05-16 16:01:35 +00:00
|
|
|
if sig.Hash != crypto.SHA1 && sig.Hash != crypto.SHA256 {
|
|
|
|
|
return vr.fail("I can only verify SHA1 or SHA256 signatures")
|
2010-12-09 03:24:48 +00:00
|
|
|
}
|
|
|
|
|
if sig.SigType != packet.SigTypeBinary {
|
|
|
|
|
return vr.fail("I can only verify binary signatures")
|
|
|
|
|
}
|
2011-05-16 16:01:35 +00:00
|
|
|
hash := sig.Hash.New()
|
2011-03-16 01:01:04 +00:00
|
|
|
hash.Write(vr.bp) // payload bytes
|
2011-03-15 05:51:36 +00:00
|
|
|
err = vr.PublicKeyPacket.VerifySignature(hash, sig)
|
2010-12-09 03:24:48 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return vr.fail(fmt.Sprintf("bad signature: %s", err))
|
|
|
|
|
}
|
2011-03-16 01:01:04 +00:00
|
|
|
vr.SignerKeyId = vr.PublicKeyPacket.KeyIdString()
|
2010-12-09 03:24:48 +00:00
|
|
|
return true
|
|
|
|
|
}
|
|
|
|
|
|
2011-05-06 04:45:24 +00:00
|
|
|
func NewVerificationRequest(sjson string, fetcher blobref.StreamingFetcher) (vr *VerifyRequest) {
|
2012-03-26 20:57:53 +00:00
|
|
|
if fetcher == nil {
|
|
|
|
|
panic("NewVerificationRequest fetcher is nil")
|
|
|
|
|
}
|
2010-12-09 03:24:48 +00:00
|
|
|
vr = new(VerifyRequest)
|
|
|
|
|
vr.ba = []byte(sjson)
|
|
|
|
|
vr.fetcher = fetcher
|
2011-03-16 01:01:04 +00:00
|
|
|
|
2010-12-09 03:24:48 +00:00
|
|
|
sigIndex := bytes.LastIndex(vr.ba, []byte(sigSeparator))
|
|
|
|
|
if sigIndex == -1 {
|
Update from r60 to [almost] Go 1.
A lot is still broken, but most stuff at least compiles now.
The directory tree has been rearranged now too. Go libraries are now
under "pkg". Fully qualified, they are e.g. "camlistore.org/pkg/jsonsign".
The go tool cannot yet fetch from arbitrary domains, but discussion is
happening now on which mechanism to use to allow that.
For now, put the camlistore root under $GOPATH/src. Typically $GOPATH
is $HOME, so Camlistore should be at $HOME/src/camlistore.org.
Then you can:
$ go build ./server/camlistored
... etc
The build.pl script is currently disabled. It'll be resurrected at
some point, but with a very different role (helping create a fake
GOPATH and running the go build command, if things are installed at
the wrong place, and/or running fileembed generators).
Many things are certainly broken.
Many things are disabled. (MySQL, all indexing, etc).
Many things need to be moved into
camlistore.org/third_party/{code.google.com,github.com} and updated
from their r60 to Go 1 versions, where applicable.
The GoMySQL stuff should be updated to use database/sql and the ziutek
library implementing database/sql/driver.
Help wanted.
Change-Id: If71217dc5c8f0e70dbe46e9504ca5131c6eeacde
2012-02-19 05:53:06 +00:00
|
|
|
vr.Err = errors.New("jsonsign: no 13-byte camliSig separator found in sjson")
|
2010-12-09 03:24:48 +00:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// "Bytes Payload"
|
2011-03-16 01:01:04 +00:00
|
|
|
vr.bp = vr.ba[:sigIndex]
|
2010-12-09 03:24:48 +00:00
|
|
|
|
|
|
|
|
// "Bytes Payload JSON". Note we re-use the memory (the ",")
|
|
|
|
|
// from BA in BPJ, so we can't re-use that "," byte for
|
|
|
|
|
// the opening "{" in "BS".
|
2011-03-16 01:01:04 +00:00
|
|
|
vr.bpj = vr.ba[:sigIndex+1]
|
2010-12-09 03:24:48 +00:00
|
|
|
vr.bpj[sigIndex] = '}'
|
|
|
|
|
vr.bs = []byte("{" + sjson[sigIndex+1:])
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2011-06-23 01:04:20 +00:00
|
|
|
// TODO: turn this into (bool, os.Error) return, probably, or *Details, os.Error.
|
2010-12-09 03:24:48 +00:00
|
|
|
func (vr *VerifyRequest) Verify() bool {
|
|
|
|
|
if vr.Err != nil {
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if vr.ParseSigMap() &&
|
|
|
|
|
vr.ParsePayloadMap() &&
|
|
|
|
|
vr.FindAndParsePublicKeyBlob() &&
|
|
|
|
|
vr.VerifySignature() {
|
2011-03-16 01:01:04 +00:00
|
|
|
return true
|
2010-12-09 03:24:48 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Don't allow dumbs callers to accidentally check this
|
|
|
|
|
// if it's not valid.
|
|
|
|
|
vr.PayloadMap = nil
|
|
|
|
|
if vr.Err == nil {
|
2011-03-16 00:37:52 +00:00
|
|
|
// The other functions should have filled this in
|
|
|
|
|
// already, but just in case:
|
Update from r60 to [almost] Go 1.
A lot is still broken, but most stuff at least compiles now.
The directory tree has been rearranged now too. Go libraries are now
under "pkg". Fully qualified, they are e.g. "camlistore.org/pkg/jsonsign".
The go tool cannot yet fetch from arbitrary domains, but discussion is
happening now on which mechanism to use to allow that.
For now, put the camlistore root under $GOPATH/src. Typically $GOPATH
is $HOME, so Camlistore should be at $HOME/src/camlistore.org.
Then you can:
$ go build ./server/camlistored
... etc
The build.pl script is currently disabled. It'll be resurrected at
some point, but with a very different role (helping create a fake
GOPATH and running the go build command, if things are installed at
the wrong place, and/or running fileembed generators).
Many things are certainly broken.
Many things are disabled. (MySQL, all indexing, etc).
Many things need to be moved into
camlistore.org/third_party/{code.google.com,github.com} and updated
from their r60 to Go 1 versions, where applicable.
The GoMySQL stuff should be updated to use database/sql and the ziutek
library implementing database/sql/driver.
Help wanted.
Change-Id: If71217dc5c8f0e70dbe46e9504ca5131c6eeacde
2012-02-19 05:53:06 +00:00
|
|
|
vr.Err = errors.New("jsonsign: verification failed")
|
2010-12-09 03:24:48 +00:00
|
|
|
}
|
|
|
|
|
return false
|
|
|
|
|
}
|