Go 验证文件时未知实体所做的签名
我正在尝试验证运行此函数的文件:Go 验证文件时未知实体所做的签名,go,pgp,openpgp,Go,Pgp,Openpgp,我正在尝试验证运行此函数的文件: func VerifyGPGSig(target, signature, signingKey string) error { keyRingReader, err := os.Open(signingKey) if err != nil { return fmt.Errorf("failed to open %s: %v", signingKey, err) } sig, err := os
func VerifyGPGSig(target, signature, signingKey string) error {
keyRingReader, err := os.Open(signingKey)
if err != nil {
return fmt.Errorf("failed to open %s: %v", signingKey, err)
}
sig, err := os.Open(signature)
if err != nil {
return fmt.Errorf("failed to open %s: %v", signature, err)
}
t, err := os.Open(target)
if err != nil {
return fmt.Errorf("failed to open %s: %v", target, err)
}
keyring, err := openpgp.ReadArmoredKeyRing(keyRingReader)
if err != nil {
return fmt.Errorf("failed to read signing key: %v", err)
}
_, err = openpgp.CheckArmoredDetachedSignature(keyring, t, sig)
if err != nil && err == io.EOF {
// When the signature is binary instead of armored, the error is io.EOF.
// Let's try with binary signatures as well
_, err := openpgp.CheckDetachedSignature(keyring, t, sig)
if err != nil && err == io.EOF {
return fmt.Errorf("failed to find valid signatures in the signature file: %v", err)
}
return fmt.Errorf("failed to check signature: %v", err)
}
if err != nil {
return fmt.Errorf("failed to check signature: %v", err)
}
return nil
}
failed to check signature: openpgp: signature made by unknown entity