| # Script to verify signatures, with both signature & data given in b64 |
| # 1. data (base64 encoded) |
| # 2. signature (base64 encoded) |
| # The arg values can be taken from the debug log for SignedConfigService when verbose logging is |
| openssl dgst -sha256 -verify $(dirname $0)/${K} -signature <(echo ${S} | base64 -d) <(echo ${D} | base64 -d) |
| PROD_KEY_NAME=prod_public.pem |
| DEBUG_KEY_NAME=debug_public.pem |
| echo SIGNATURE: ${SIGNATURE} |
| if verify "${DATA}" "${SIGNATURE}" "${PROD_KEY_NAME}"; then |
| echo Verified with ${PROD_KEY_NAME} |
| if verify "${DATA}" "${SIGNATURE}" "${DEBUG_KEY_NAME}"; then |
| echo Verified with ${DEBUG_KEY_NAME} |