add signature verification wrapper

Signed-off-by: John Crispin <john@phrozen.org>

command/cmd.uc

@@ -1,4 +1,5 @@
 #!/usr/bin/ucode
+push(REQUIRE_SEARCH_PATH, '/usr/share/ucentral/*.uc');
 let fs = require("fs");
 let uci = require("uci");
 let ubus = require("ubus");

command/cmd_script.uc

@@ -1,15 +1,9 @@
-function validate_signature() {
-	if (!args.signature)
-		return false;
-
-	return true;
-}
-
 let uloop = require('uloop');
 let fs = require('fs');
 let result;
 let abort;
 let decoded = b64dec(args.script);
+let signature = require('signature');
 
 if (!decoded) {
 	result_json({
@@ -24,7 +18,7 @@ script.write(decoded);
 script.close();
 fs.chmod("/tmp/script.cmd", 700);
 
-if (restrict.commands && !validate_signature()) {
+if (restrict.commands && !signature.verify("/tmp/script.cmd", args.signature)) {
 	result_json({
 		"error": 3,
 		"result": "invalid signature"

command/cmd_upgrade.uc

@@ -33,13 +33,9 @@ else if (!validation_result.valid) {
 	return;
 }
 
-function verify_signature(file, signature) {
-
-	return true;
-}
-
 if (restrict.sysupgrade) {
-	if (!verify_signature(image_path, args.signature)) {
+	let signature = require('signature');
+	if (!signature.verify(image_path, args.signature)) {
 		result_json({
 			"error": 2,
 			"text": "Invalid signature",

renderer/signature.uc

@@ -0,0 +1,19 @@
+let key_info = {
+	'dummy_static': function(file, signature) {
+		return signature == 'aaaaaaaaaa';
+	},
+};
+
+return {
+
+verify: function(file, signature) {
+	let func = key_info[restrict?.key_info?.vendor + '_' + restrict?.key_info?.algo];
+
+	if (!func)
+		return false;
+
+	return func(file, signature);
+},
+
+}
+