github.com/slspeek/camlistore_namedsearch@v0.0.0-20140519202248-ed6f70f7721a/server/sigserver/verify.go

github.com/slspeek/camlistore_namedsearch@v0.0.0-20140519202248-ed6f70f7721a/server/sigserver/verify.go (about)

     1  /*
     2  Copyright 2011 Google Inc.
     3  
     4  Licensed under the Apache License, Version 2.0 (the "License");
     5  you may not use this file except in compliance with the License.
     6  You may obtain a copy of the License at
     7  
     8       http://www.apache.org/licenses/LICENSE-2.0
     9  
    10  Unless required by applicable law or agreed to in writing, software
    11  distributed under the License is distributed on an "AS IS" BASIS,
    12  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  See the License for the specific language governing permissions and
    14  limitations under the License.
    15  */
    16  
    17  package main
    18  
    19  /*
    20  
    21    $ gpg --no-default-keyring --keyring=/tmp/foo --import --armor test/pubkey-blobs/sha1-82e6f3494f69
    22  
    23    $ gpg --no-default-keyring --keyring=/tmp/foo --verify  sig.tmp  doc.tmp ; echo $?
    24    gpg: Signature made Mon 29 Nov 2010 10:59:52 PM PST using RSA key ID 26F5ABDA
    25    gpg: Good signature from "Camli Tester <camli-test@example.com>"
    26    gpg: WARNING: This key is not certified with a trusted signature!
    27    gpg:          There is no indication that the signature belongs to the owner.
    28           Primary key fingerprint: FBB8 9AA3 20A2 806F E497  C049 2931 A67C 26F5 ABDA0
    29  
    30  */
    31  
    32  import (
    33  	"camlistore.org/pkg/httputil"
    34  	"camlistore.org/pkg/jsonsign"
    35  	"net/http"
    36  )
    37  
    38  func handleVerify(conn http.ResponseWriter, req *http.Request) {
    39  	if !(req.Method == "POST" && req.URL.Path == "/camli/sig/verify") {
    40  		httputil.BadRequestError(conn, "Inconfigured handler.")
    41  		return
    42  	}
    43  
    44  	req.ParseForm()
    45  	sjson := req.FormValue("sjson")
    46  	if sjson == "" {
    47  		httputil.BadRequestError(conn, "Missing sjson parameter.")
    48  		return
    49  	}
    50  
    51  	m := make(map[string]interface{})
    52  
    53  	vreq := jsonsign.NewVerificationRequest(sjson, pubKeyFetcher)
    54  	if vreq.Verify() {
    55  		m["signatureValid"] = 1
    56  		m["verifiedData"] = vreq.PayloadMap
    57  	} else {
    58  		m["signatureValid"] = 0
    59  		m["errorMessage"] = vreq.Err.Error()
    60  	}
    61  
    62  	conn.WriteHeader(http.StatusOK) // no HTTP response code fun, error info in JSON
    63  	httputil.ReturnJSON(conn, m)
    64  }