diff options
| author | axtloss <axtlos@getcryst.al> | 2024-02-04 13:35:03 +0100 |
|---|---|---|
| committer | axtloss <axtlos@getcryst.al> | 2024-02-04 13:35:03 +0100 |
| commit | 71cc54810fdb51e428b83a37ff89d54a6cc3d8c8 (patch) | |
| tree | 04d13d72b6afedaaa06478d9d86fb74a62534f88 /core/verification.go | |
| parent | 09f7f5fe7b55a6ab2e2326aa7ff27cf7f7bc05ba (diff) | |
| download | fsverify-71cc54810fdb51e428b83a37ff89d54a6cc3d8c8.tar.gz fsverify-71cc54810fdb51e428b83a37ff89d54a6cc3d8c8.tar.bz2 | |
add minisign signature verification
Diffstat (limited to 'core/verification.go')
| -rw-r--r-- | core/verification.go | 108 |
1 files changed, 108 insertions, 0 deletions
diff --git a/core/verification.go b/core/verification.go index 5023d06..b48c0b7 100644 --- a/core/verification.go +++ b/core/verification.go @@ -3,9 +3,93 @@ package core import ( "bufio" "fmt" + "os" "strings" + + "github.com/axtloss/fsverify/config" + "github.com/jedisct1/go-minisign" + "github.com/tarm/serial" ) +func fileReadKey() (string, error) { + if _, err := os.Stat(config.KeyLocation); os.IsNotExist(err) { + return "", fmt.Errorf("Key location %s does not exist", config.KeyLocation) + } + file, err := os.Open(config.KeyLocation) + if err != nil { + return "", err + } + defer file.Close() + key := make([]byte, 56) + reader := bufio.NewReader(file) + n, err := reader.Read(key) + if n != 56 { + return "", fmt.Errorf("Error: Key does not match expected key size. expected 56, got %d", n) + } + if err != nil { + return "", err + } + return string(key), nil +} + +func serialReadKey() (string, error) { + if _, err := os.Stat(config.KeyLocation); !os.IsNotExist(err) { + fmt.Println("Reconnect arduino now") + for true { + if _, err := os.Stat(config.KeyLocation); os.IsNotExist(err) { + break + } + } + } else { + fmt.Println("Connect arduino now") + } + for true { + if _, err := os.Stat(config.KeyLocation); !os.IsNotExist(err) { + break + } + } + fmt.Println("Arduino connected") + c := &serial.Config{Name: config.KeyLocation, Baud: 9600} + s, err := serial.OpenPort(c) + if err != nil { + return "", err + } + + key := "" + for true { + buf := make([]byte, 128) + n, err := s.Read(buf) + if err != nil { + return "", err + } + defer s.Close() + key = key + fmt.Sprintf("%q", buf[:n]) + if strings.Count(key, "\\t") == 2 { + break + } + } + key = strings.ReplaceAll(key, "\\t", "") + key = strings.ReplaceAll(key, "\"", "") + if len(key) != 56 { + return "", fmt.Errorf("Error: Key does not match expected key size. expected 56, got %d", len(key)) + } + return key, nil +} + +func ReadKey() (string, error) { + switch config.KeyStore { + case 0: + return fileReadKey() + case 1: + return fileReadKey() + case 2: + return "", nil + case 3: + return serialReadKey() + } + return "", nil +} + func ReadBlock(node Node, part *bufio.Reader) ([]byte, error) { block := make([]byte, node.BlockEnd-node.BlockStart) blockSize := node.BlockEnd - node.BlockStart @@ -17,6 +101,30 @@ func ReadBlock(node Node, part *bufio.Reader) ([]byte, error) { return block, err } +func VerifySignature(key string, signature string, database string) error { + pk, err := minisign.NewPublicKey(key) + if err != nil { + return err + } + + sig, err := minisign.DecodeSignature(signature) + if err != nil { + return err + } + + data, err := os.ReadFile(database) + if err != nil { + return err + } + + verified, err := pk.Verify(data, sig) + if err != nil || !verified { + return err + } + + return nil +} + func VerifyBlock(block []byte, node Node) error { calculatedBlockHash, err := CalculateBlockHash(block) if err != nil { |