Commit ccbb4eae authored by owlo's avatar owlo

authorization is done via key!

parent 6f1047ae
No preview for this file type
......@@ -11,6 +11,7 @@ import (
"os"
"os/exec"
"strconv"
"strings"
"time"
"golang.org/x/crypto/openpgp"
......@@ -18,6 +19,46 @@ import (
"localtoast.net/localtoast/Ogopogo/libs"
)
func validateSig(signature string) bool {
const prefix = "/home/twotonne/"
const secretKeyring = prefix + "go/src/localtoast.net/localtoast/skey"
const publicKeyring = prefix + "go/src/localtoast.net/localtoast/keys"
const superSecretKeys = prefix + "go/src/localtoast.net/localtoast/sskey"
secRingBuf, err := os.Open(secretKeyring)
defer secRingBuf.Close()
pubRingBuf, err := os.Open(publicKeyring)
defer pubRingBuf.Close()
sskeyRingBuf, err := os.Open(superSecretKeys)
defer sskeyRingBuf.Close()
if err != nil {
fmt.Println("Error grabbing public/private keyring, have you generated keys yet?")
}
entitiesPrivate, err := openpgp.ReadArmoredKeyRing(secRingBuf)
entities, err := openpgp.ReadArmoredKeyRing(pubRingBuf)
sskey, err := openpgp.ReadArmoredKeyRing(sskeyRingBuf)
for i := range entities {
entitiesPrivate = append(entitiesPrivate, entities[i])
}
for i := range sskey {
entitiesPrivate = append(entitiesPrivate, sskey[i])
}
fmt.Println(entitiesPrivate)
signer, err := openpgp.CheckArmoredDetachedSignature(entitiesPrivate, strings.NewReader(signature), strings.NewReader(signature))
if signer != nil {
fmt.Println("Unknown signer!")
fmt.Println(err)
} else {
fmt.Println("Known signer.")
fmt.Println(signer)
fmt.Println(err)
return true
}
return false
}
func validate(signature string, file []byte) bool {
if signature == "guarddoggo:bork" {
......@@ -391,12 +432,15 @@ func main() {
fmt.Println("I HEAR BORK")
//userPass := req.Header.Get("Authorization")
signed := req.Header.Get("Signature")
ok := validate(signed, []byte(signed))
sigBuffer := make([]byte, 1024)
req.Body.Read(sigBuffer)
ok := validateSig(string(sigBuffer))
// ok := validate(signed, []byte(signed))
if ok {
w.Header().Set("Authorization", "ok")
w.WriteHeader(http.StatusOK)
fmt.Println(signed + "LOGGED THE HECK IN")
w.Write([]byte("bop"))
} else {
w.Header().Set("Authorization", "Not authorized")
......
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment