diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2018-11-26 17:20:06 +0100 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2018-11-26 19:50:41 +0100 |
commit | 557aca35bad457622642308c1d780757b174bf50 (patch) | |
tree | 57d0de8f06f1c87f7e207bb06e45d82fc883770e | |
parent | 08af6b7ec9d8ad71a8a7193cec7f3841b2ede637 (diff) |
tool: Implement verification of detached sigs.
-rw-r--r-- | tool/src/commands/mod.rs | 12 | ||||
-rw-r--r-- | tool/src/sq-usage.rs | 1 | ||||
-rw-r--r-- | tool/src/sq.rs | 17 | ||||
-rw-r--r-- | tool/src/sq_cli.rs | 2 | ||||
-rw-r--r-- | tool/tests/sq-sign.rs | 24 |
5 files changed, 35 insertions, 21 deletions
diff --git a/tool/src/commands/mod.rs b/tool/src/commands/mod.rs index 28d9b1db..8bc233ea 100644 --- a/tool/src/commands/mod.rs +++ b/tool/src/commands/mod.rs @@ -16,7 +16,7 @@ use openpgp::{Packet, TPK, KeyID, Error, Result}; use openpgp::packet::Signature; use openpgp::parse::PacketParserResult; use openpgp::parse::stream::{ - Verifier, VerificationResult, VerificationHelper, + Verifier, DetachedVerifier, VerificationResult, VerificationHelper, }; use openpgp::serialize::Serialize; use openpgp::serialize::stream::{ @@ -561,11 +561,17 @@ impl<'a> VerificationHelper for VHelper<'a> { } pub fn verify(ctx: &Context, store: &mut store::Store, - input: &mut io::Read, output: &mut io::Write, + input: &mut io::Read, + detached: Option<&mut io::Read>, + output: &mut io::Write, signatures: usize, tpks: Vec<TPK>) -> Result<()> { let helper = VHelper::new(ctx, store, signatures, tpks); - let mut verifier = Verifier::from_reader(input, helper)?; + let mut verifier = if let Some(dsig) = detached { + DetachedVerifier::from_reader(dsig, input, helper)? + } else { + Verifier::from_reader(input, helper)? + }; io::copy(&mut verifier, output) .map_err(|e| if e.get_ref().is_some() { diff --git a/tool/src/sq-usage.rs b/tool/src/sq-usage.rs index 83afb2e5..742fb224 100644 --- a/tool/src/sq-usage.rs +++ b/tool/src/sq-usage.rs @@ -120,6 +120,7 @@ //! -V, --version Prints version information //! //! OPTIONS: +//! --detached <SIG-FILE> Verifies a detached signature //! -o, --output <FILE> Sets the output file to use //! --public-key-file <TPK-FILE>... Public key to verify with, given as a file (can be given multiple times) //! -n, --signatures <N> The number of valid signatures required. Default: 0 diff --git a/tool/src/sq.rs b/tool/src/sq.rs index 8ef411e7..4b229fe6 100644 --- a/tool/src/sq.rs +++ b/tool/src/sq.rs @@ -156,13 +156,13 @@ fn real_main() -> Result<(), failure::Error> { append, notarize)?; }, ("verify", Some(m)) => { - let input = open_or_stdin(m.value_of("input"))?; - let mut input = openpgp::Reader::from_reader(input)?; + let mut input = open_or_stdin(m.value_of("input"))?; let mut output = create_or_stdout(m.value_of("output"))?; - let detached = m.is_present("detached"); - if detached { - unimplemented!("Detached signature generation not implemented"); - } + let mut detached = if let Some(f) = m.value_of("detached") { + Some(File::open(f)?) + } else { + None + }; let signatures: usize = m.value_of("signatures").unwrap_or("0").parse()?; let tpks = m.values_of("public-key-file") @@ -170,8 +170,9 @@ fn real_main() -> Result<(), failure::Error> { .unwrap_or(Ok(vec![]))?; let mut store = Store::open(&ctx, store_name) .context("Failed to open the store")?; - commands::verify(&ctx, &mut store, &mut input, &mut output, - signatures, tpks)?; + commands::verify(&ctx, &mut store, &mut input, + detached.as_mut().map(|r| r as &mut io::Read), + &mut output, signatures, tpks)?; }, ("enarmor", Some(m)) => { diff --git a/tool/src/sq_cli.rs b/tool/src/sq_cli.rs index 2acc5347..6bcf351c 100644 --- a/tool/src/sq_cli.rs +++ b/tool/src/sq_cli.rs @@ -151,13 +151,11 @@ pub fn build() -> App<'static, 'static> { .long("output") .short("o") .help("Sets the output file to use")) -/* Not yet.... .arg(Arg::with_name("detached") .long("detached") .takes_value(true) .value_name("SIG-FILE") .help("Verifies a detached signature")) -*/ .arg(Arg::with_name("signatures").value_name("N") .help("The number of valid signatures required. \ Default: 0") diff --git a/tool/tests/sq-sign.rs b/tool/tests/sq-sign.rs index 44a49f13..0089a9a8 100644 --- a/tool/tests/sq-sign.rs +++ b/tool/tests/sq-sign.rs @@ -368,10 +368,12 @@ fn sq_sign_detached() { assert!(&content[..].starts_with(b"-----BEGIN PGP SIGNATURE-----\n\n")); // Verify detached. - Assert::cargo_binary("sqv") + Assert::cargo_binary("sq") .with_args( - &["--keyring", + &["verify", + "--public-key-file", &p("keys/dennis-simon-anton.pgp"), + "--detached", &sig.to_string_lossy(), &p("messages/a-cypherpunks-manifesto.txt")]) .unwrap(); @@ -411,10 +413,12 @@ fn sq_sign_detached_append() { assert!(&content[..].starts_with(b"-----BEGIN PGP SIGNATURE-----\n\n")); // Verify detached. - Assert::cargo_binary("sqv") + Assert::cargo_binary("sq") .with_args( - &["--keyring", + &["verify", + "--public-key-file", &p("keys/dennis-simon-anton.pgp"), + "--detached", &sig.to_string_lossy(), &p("messages/a-cypherpunks-manifesto.txt")]) .unwrap(); @@ -469,17 +473,21 @@ fn sq_sign_detached_append() { assert!(&content[..].starts_with(b"-----BEGIN PGP SIGNATURE-----\n\n")); // Verify both detached signatures. - Assert::cargo_binary("sqv") + Assert::cargo_binary("sq") .with_args( - &["--keyring", + &["verify", + "--public-key-file", &p("keys/dennis-simon-anton.pgp"), + "--detached", &sig.to_string_lossy(), &p("messages/a-cypherpunks-manifesto.txt")]) .unwrap(); - Assert::cargo_binary("sqv") + Assert::cargo_binary("sq") .with_args( - &["--keyring", + &["verify", + "--public-key-file", &p("keys/erika-corinna-daniela-simone-antonia-nistp256.pgp"), + "--detached", &sig.to_string_lossy(), &p("messages/a-cypherpunks-manifesto.txt")]) .unwrap(); |