Skip to content

Commit 846e769

Browse files
umbynosumbynos
committed
move verifyCommandLine to utilities package
1 parent 287cdbf commit 846e769

File tree

2 files changed

+28
-25
lines changed

2 files changed

+28
-25
lines changed

conn.go

Lines changed: 1 addition & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -19,14 +19,7 @@ package main
1919

2020
import (
2121
"bytes"
22-
"crypto"
23-
"crypto/rsa"
24-
"crypto/sha256"
25-
"crypto/x509"
26-
"encoding/hex"
2722
"encoding/json"
28-
"encoding/pem"
29-
"errors"
3023
"fmt"
3124
"net/http"
3225
"os"
@@ -114,7 +107,7 @@ func uploadHandler(c *gin.Context) {
114107
return
115108
}
116109

117-
err := verifyCommandLine(data.Commandline, data.Signature)
110+
err := utilities.VerifyInput(data.Commandline, data.Signature)
118111

119112
if err != nil {
120113
c.String(http.StatusBadRequest, "signature is invalid")
@@ -215,23 +208,6 @@ func send(args map[string]string) {
215208
h.broadcastSys <- mapB
216209
}
217210

218-
func verifyCommandLine(input string, signature string) error {
219-
sign, _ := hex.DecodeString(signature)
220-
block, _ := pem.Decode([]byte(*signatureKey))
221-
if block == nil {
222-
return errors.New("invalid key")
223-
}
224-
key, err := x509.ParsePKIXPublicKey(block.Bytes)
225-
if err != nil {
226-
return err
227-
}
228-
rsaKey := key.(*rsa.PublicKey)
229-
h := sha256.New()
230-
h.Write([]byte(input))
231-
d := h.Sum(nil)
232-
return rsa.VerifyPKCS1v15(rsaKey, crypto.SHA256, d, sign)
233-
}
234-
235211
func wsHandler() *WsServer {
236212
server, err := socketio.NewServer(nil)
237213
if err != nil {

utilities/utilities.go

Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,12 +18,20 @@ package utilities
1818
import (
1919
"archive/zip"
2020
"bytes"
21+
"crypto"
22+
"crypto/rsa"
23+
"crypto/sha256"
24+
"crypto/x509"
25+
"encoding/hex"
26+
"encoding/pem"
2127
"errors"
2228
"io"
2329
"os"
2430
"os/exec"
2531
"path"
2632
"path/filepath"
33+
34+
"github.com/arduino/arduino-create-agent/globals"
2735
)
2836

2937
// SaveFileonTempDir creates a temp directory and saves the file data as the
@@ -141,3 +149,22 @@ func Unzip(zippath string, destination string) (err error) {
141149
}
142150
return
143151
}
152+
153+
// VerifyInput will verify an input against a signature
154+
// A valid signature is indicated by returning a nil error.
155+
func VerifyInput(input string, signature string) error {
156+
sign, _ := hex.DecodeString(signature)
157+
block, _ := pem.Decode([]byte(globals.SignatureKey))
158+
if block == nil {
159+
return errors.New("invalid key")
160+
}
161+
key, err := x509.ParsePKIXPublicKey(block.Bytes)
162+
if err != nil {
163+
return err
164+
}
165+
rsaKey := key.(*rsa.PublicKey)
166+
h := sha256.New()
167+
h.Write([]byte(input))
168+
d := h.Sum(nil)
169+
return rsa.VerifyPKCS1v15(rsaKey, crypto.SHA256, d, sign)
170+
}

0 commit comments

Comments
 (0)