implement verify

xtaci · Aug 14, 2024 · 9b50d05 · 9b50d05
1 parent 720a128
commit 9b50d05
Show file tree

Hide file tree

Showing 3 changed files with 107 additions and 12 deletions.
diff --git a/cmd/hppktool/cmd/encrypt.go b/cmd/hppktool/cmd/encrypt.go
@@ -20,7 +20,7 @@ import (
 var encryptCmd = &cobra.Command{
 	Use:   "encrypt",
 	Short: "encrypts a message from standard input",
-	Long:  `the message will first be SHA256 hashed and then encrypted using AES256 unless -raw is specified`,
+	Long:  `the message will first be SHA256 hashed and then encrypted using HPPK, unless -raw is specified`,
 	Run: func(cmd *cobra.Command, args []string) {
 		silent, err := cmd.Flags().GetBool("silent")
 		if err != nil {
@@ -53,7 +53,7 @@ var encryptCmd = &cobra.Command{
 			return
 		}
 
-		// read from standard input and hash it
+		// read the message from stdin
 		var message []byte
 		if paramRaw {
 			message = make([]byte, 256)

diff --git a/cmd/hppktool/cmd/sign.go b/cmd/hppktool/cmd/sign.go
@@ -20,7 +20,7 @@ import (
 var signCmd = &cobra.Command{
 	Use:   "sign",
 	Short: "sign a message from standard input",
-	Long:  `the message will first be SHA256 hashed and then encrypted using AES256 unless -raw is specified`,
+	Long:  `the message will first be SHA256 hashed and then encrypted using HPPK, unless -raw is specified`,
 	Run: func(cmd *cobra.Command, args []string) {
 		silent, err := cmd.Flags().GetBool("silent")
 		if err != nil {
@@ -53,7 +53,7 @@ var signCmd = &cobra.Command{
 			return
 		}
 
-		// read from standard input and hash it
+		// read the message from stdin
 		var message []byte
 		if paramRaw {
 			message = make([]byte, 256)

diff --git a/cmd/hppktool/cmd/verify.go b/cmd/hppktool/cmd/verify.go
@@ -4,23 +4,115 @@ Copyright © 2024 xtaci <[email protected]>
 package cmd
 
 import (
+	"crypto/sha256"
+	"encoding/hex"
+	"encoding/json"
 	"fmt"
+	"io"
+	"os"
 
 	"github.com/spf13/cobra"
+	"github.com/xtaci/hppk"
 )
 
 // verifyCmd represents the verify command
 var verifyCmd = &cobra.Command{
 	Use:   "verify",
-	Short: "A brief description of your command",
-	Long: `A longer description that spans multiple lines and likely contains examples
-and usage of using your command. For example:
-
-Cobra is a CLI library for Go that empowers applications.
-This application is a tool to generate the needed files
-to quickly create a Cobra application.`,
+	Short: "verify a message from standard input",
+	Long:  `the message will first be SHA256 hashed and then be verified against using HPPK,unless -raw is specified`,
 	Run: func(cmd *cobra.Command, args []string) {
-		fmt.Println("verify called")
+		silent, err := cmd.Flags().GetBool("silent")
+		if err != nil {
+			panic("cann't get param -> silent")
+		}
+
+		paramPub, err := cmd.Flags().GetString("pubkey")
+		if err != nil {
+			panic("cannot get param -> pubkey")
+		}
+
+		paramSigFile, err := cmd.Flags().GetString("sigfile")
+		if err != nil {
+			panic("cannot get param -> signature")
+		}
+
+		paramRaw, err := cmd.Flags().GetBool("raw")
+		if err != nil {
+			panic("cannot get param -> raw")
+		}
+
+		// open the public key file
+		fPub, err := os.Open(paramPub)
+		if err != nil {
+			fmt.Println(err)
+			return
+		}
+		defer fPub.Close()
+
+		// open the signature
+		fSignature, err := os.Open(paramSigFile)
+		if err != nil {
+			fmt.Println(err)
+			return
+		}
+		defer fSignature.Close()
+
+		// read the public key
+		pub := &hppk.PublicKey{}
+		err = json.NewDecoder(fPub).Decode(pub)
+		if err != nil {
+			fmt.Println(err)
+			return
+		}
+
+		// read the signature
+		sig := &hppk.Signature{}
+		err = json.NewDecoder(fSignature).Decode(sig)
+		if err != nil {
+			fmt.Println(err)
+			return
+		}
+
+		// read the message from stdin
+		var message []byte
+		if paramRaw {
+			message = make([]byte, 256)
+			count := 0
+			lr := io.LimitReader(os.Stdin, 256)
+			for {
+				n, err := lr.Read(message[count:])
+				count += n
+				if err == io.EOF {
+					break
+				}
+
+				if err != nil {
+					fmt.Println(err)
+					return
+				}
+			}
+			message = message[:count]
+			if !silent {
+				fmt.Printf("RAW(hex):%v\n", hex.EncodeToString(message))
+			}
+		} else {
+			h := sha256.New()
+			if _, err := io.Copy(h, os.Stdin); err != nil {
+				fmt.Println(err)
+				return
+			}
+			message = h.Sum(nil)
+			if !silent {
+				fmt.Printf("SHA256(hex):%v\n", hex.EncodeToString(message))
+			}
+		}
+
+		// verify the signature
+		if hppk.VerifySignature(sig, message, pub) {
+			fmt.Println("\nSignature Verified.")
+		} else {
+			fmt.Println("\nSignature NOT verfied.")
+		}
 	},
 }
 
@@ -36,4 +128,7 @@ func init() {
 	// Cobra supports local flags which will only run when this command
 	// is called directly, e.g.:
 	// verifyCmd.Flags().BoolP("toggle", "t", false, "Help message for toggle")
+	verifyCmd.Flags().StringP("pubkey", "p", "./id_hppk.pub", "the hppk public key file")
+	verifyCmd.Flags().String("sigfile", "./sigfile", "the signed signature file")
+	verifyCmd.Flags().Bool("raw", false, "encrypt the raw message, the message length must not exceed 256 bytes")
 }