Add verify command

square · May 8, 2015 · 42c0a7c · 42c0a7c
1 parent 25fb53f
commit 42c0a7c
Showing 1 changed file with 34 additions and 1 deletion.
diff --git a/jose-util/main.go b/jose-util/main.go
@@ -92,7 +92,7 @@ func main() {
 		},
 		{
 			Name:  "decrypt",
-			Usage: "decrypt a plaintext",
+			Usage: "decrypt a ciphertext",
 			Flags: []cli.Flag{
 				cli.StringFlag{
 					Name:  "key, k",
@@ -173,6 +173,39 @@ func main() {
 				writeOutput(c.String("output"), []byte(msg))
 			},
 		},
+		{
+			Name:  "verify",
+			Usage: "verify a signature",
+			Flags: []cli.Flag{
+				cli.StringFlag{
+					Name:  "key, k",
+					Usage: "Path to key file (PEM/DER)",
+				},
+				cli.StringFlag{
+					Name:  "input, in",
+					Usage: "Path to input file (stdin if missing)",
+				},
+				cli.StringFlag{
+					Name:  "output, out",
+					Usage: "Path to output file (stdout if missing)",
+				},
+			},
+			Action: func(c *cli.Context) {
+				keyBytes, err := ioutil.ReadFile(requiredFlag(c, "key"))
+				exitOnError(err, "unable to read key file")
+
+				verificationKey, err := jose.LoadPublicKey(keyBytes)
+				exitOnError(err, "unable to read private key")
+
+				obj, err := jose.ParseSigned(string(readInput(c.String("input"))))
+				exitOnError(err, "unable to parse message")
+
+				plaintext, err := obj.Verify(verificationKey)
+				exitOnError(err, "invalid signature")
+
+				writeOutput(c.String("output"), plaintext)
+			},
+		},
 		{
 			Name:  "expand",
 			Usage: "expand compact message to full format",