summaryrefslogtreecommitdiff
path: root/appl/cmd/spki/verify.b
blob: 9eab6b4141a5e7cdd8504943ee53b5b2291c90d3 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107

implement Verify;

#
# Copyright © 2004 Vita Nuova Holdings Limited
#

# work in progress

include "sys.m";
	sys: Sys;

include "draw.m";

include "keyring.m";
	kr: Keyring;
	IPint: import kr;

include "bufio.m";
	bufio: Bufio;
	Iobuf: import bufio;

include "sexprs.m";
	sexprs: Sexprs;
	Sexp: import sexprs;

include "spki.m";
	spki: SPKI;
	Hash, Key, Cert, Name, Subject, Signature, Seqel, Toplev, Valid: import spki;
	dump: import spki;

	verifier: Verifier;
	Speaksfor: import verifier;

include "encoding.m";
	base64: Encoding;

Verify: module
{
	init:	fn(nil: ref Draw->Context, nil: list of string);
};

debug := 0;

init(nil: ref Draw->Context, args: list of string)
{
	sys = load Sys Sys->PATH;
	kr = load Keyring Keyring->PATH;
	bufio = load Bufio Bufio->PATH;
	sexprs = load Sexprs Sexprs->PATH;
	spki = load SPKI SPKI->PATH;
	verifier = load Verifier Verifier->PATH;
	base64 = load Encoding Encoding->BASE64PATH;

	sexprs->init();
	spki->init();
	verifier->init();

	f := bufio->fopen(sys->fildes(0), Sys->OREAD);
	for(;;){
		(e, err) := Sexp.read(f);
		if(e == nil && err == nil)
			break;
		if(err != nil)
			error(sys->sprint("invalid s-expression: %s", err));
		(top, diag) := spki->parse(e);
		if(diag != nil)
			error(sys->sprint("invalid SPKI structure: %s", diag));
		pick t := top {
		C =>
			if(debug)
				sys->print("cert: %s\n", t.v.text());
			a := spki->hashexp(e, "md5");
		Sig =>
			sys->print("got signature %q\n", t.v.text());
		K =>
			sys->print("got key %q\n", t.v.text());
		Seq =>
			els := t.v;
			if(debug){
				sys->print("(sequence");
				for(; els != nil; els = tl els)
					sys->print(" %s", (hd els).text());
				sys->print(")");
			}
			(claim, rem, whynot) := verifier->verify(t.v);
			if(whynot != nil){
				if(rem == nil)
					s := "end of sequence";
				else
					s = (hd rem).text();
				sys->fprint(sys->fildes(2), "verify: failed to verify at %#q: %s\n", s, whynot);
			}else{
				if(claim.regarding != nil)
					scope := sys->sprint(" regarding %q", claim.regarding.text());
				sys->print("verified: %q speaks for %q%s\n", claim.subject.text(), claim.name.text(), scope);
			}
		* =>
			sys->print("unexpected SPKI type: %q\n", e.text());
		}
	}
}

error(s: string)
{
	sys->fprint(sys->fildes(2), "verify: %s\n", s);
	raise "fail:error";
}
generated by cgit v1.2.3 (git 2.46.0) at 2025-12-11 12:50:02 +0000