forked from Consensys/quorum
/
verifier.go
45 lines (38 loc) · 1.12 KB
/
verifier.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
package plugin
import (
"fmt"
"path"
"github.com/ethereum/go-ethereum/log"
)
// Plugin Integrity Verifier.
// Verifier works on the assumption an attacker can not compromise the integrity of geth running process.
type Verifier interface {
// verify plugin signature using checksum & pgp public key
VerifySignature(definition *PluginDefinition, checksum string) error
}
type NonVerifier struct {
}
func (*NonVerifier) VerifySignature(definition *PluginDefinition, checksum string) error {
return nil
}
func NewNonVerifier() *NonVerifier {
return &NonVerifier{}
}
func NewVerifier(pm *PluginManager, localVerify bool, publicKey string) (Verifier, error) {
log.Debug("using verifier", "local", localVerify)
pluginBaseDir := pm.pluginBaseDir
centralClient := pm.centralClient
// resolve public key
if publicKey == "" {
publicKey = fmt.Sprintf("file://%s", path.Join(pluginBaseDir, DefaultPublicKeyFile))
}
publicKeyPath, err := resolveFilePath(publicKey)
if err != nil {
return nil, err
}
if localVerify {
return NewLocalVerifier(publicKeyPath, pluginBaseDir)
} else {
return NewOnlineVerifier(centralClient), nil
}
}