move verifyCommandLine to utilities package

Author: umbynos

conn.go

@@ -19,14 +19,7 @@ package main
 
 import (
 	"bytes"
-	"crypto"
-	"crypto/rsa"
-	"crypto/sha256"
-	"crypto/x509"
-	"encoding/hex"
 	"encoding/json"
-	"encoding/pem"
-	"errors"
 	"fmt"
 	"net/http"
 	"os"
@@ -114,7 +107,7 @@ func uploadHandler(c *gin.Context) {
 			return
 		}
 
-		err := verifyCommandLine(data.Commandline, data.Signature)
+		err := utilities.VerifyInput(data.Commandline, data.Signature)
 
 		if err != nil {
 			c.String(http.StatusBadRequest, "signature is invalid")
@@ -219,23 +212,6 @@ func send(args map[string]string) {
 	h.broadcastSys <- mapB
 }
 
-func verifyCommandLine(input string, signature string) error {
-	sign, _ := hex.DecodeString(signature)
-	block, _ := pem.Decode([]byte(*signatureKey))
-	if block == nil {
-		return errors.New("invalid key")
-	}
-	key, err := x509.ParsePKIXPublicKey(block.Bytes)
-	if err != nil {
-		return err
-	}
-	rsaKey := key.(*rsa.PublicKey)
-	h := sha256.New()
-	h.Write([]byte(input))
-	d := h.Sum(nil)
-	return rsa.VerifyPKCS1v15(rsaKey, crypto.SHA256, d, sign)
-}
-
 func wsHandler() *WsServer {
 	server, err := socketio.NewServer(nil)
 	if err != nil {

utilities/utilities.go

@@ -18,6 +18,12 @@ package utilities
 import (
 	"archive/zip"
 	"bytes"
+	"crypto"
+	"crypto/rsa"
+	"crypto/sha256"
+	"crypto/x509"
+	"encoding/hex"
+	"encoding/pem"
 	"errors"
 	"fmt"
 	"io"
@@ -26,6 +32,8 @@ import (
 	"path"
 	"path/filepath"
 	"strings"
+
+	"github.com/arduino/arduino-create-agent/globals"
 )
 
 // SaveFileonTempDir creates a temp directory and saves the file data as the
@@ -162,3 +170,22 @@ func SafeJoin(parent, subdir string) (string, error) {
 	}
 	return res, nil
 }
+
+// VerifyInput will verify an input against a signature
+// A valid signature is indicated by returning a nil error.
+func VerifyInput(input string, signature string) error {
+	sign, _ := hex.DecodeString(signature)
+	block, _ := pem.Decode([]byte(globals.SignatureKey))
+	if block == nil {
+		return errors.New("invalid key")
+	}
+	key, err := x509.ParsePKIXPublicKey(block.Bytes)
+	if err != nil {
+		return err
+	}
+	rsaKey := key.(*rsa.PublicKey)
+	h := sha256.New()
+	h.Write([]byte(input))
+	d := h.Sum(nil)
+	return rsa.VerifyPKCS1v15(rsaKey, crypto.SHA256, d, sign)
+}