2017-06-17 09:52:30 -05:00
|
|
|
package discovery
|
|
|
|
|
|
|
|
import (
|
|
|
|
"bytes"
|
|
|
|
"strings"
|
|
|
|
|
|
|
|
"golang.org/x/crypto/openpgp"
|
|
|
|
)
|
|
|
|
|
|
|
|
// Verify the data using the provided openpgp detached signature and the
|
|
|
|
// embedded hashicorp public key.
|
2018-11-14 13:52:46 -06:00
|
|
|
func verifySig(data, sig []byte, armor string) (*openpgp.Entity, error) {
|
|
|
|
el, err := openpgp.ReadArmoredKeyRing(strings.NewReader(armor))
|
2017-06-17 09:52:30 -05:00
|
|
|
if err != nil {
|
2019-03-21 11:17:15 -05:00
|
|
|
return nil, err
|
2017-06-17 09:52:30 -05:00
|
|
|
}
|
|
|
|
|
2018-11-14 13:52:46 -06:00
|
|
|
return openpgp.CheckDetachedSignature(el, bytes.NewReader(data), bytes.NewReader(sig))
|
2017-06-17 09:52:30 -05:00
|
|
|
}
|