omemo-signatures/verify.py

#! /usr/bin/env python3
# Run without arguments for help message

def help():
    print("Ensure good signatures are validated and garbage are discarded")
    print("  verify.py OMEMO.db \"MESSAGE\" \"SIGNATURE\"")

import sys

# Gajim plugins have garbage debug output, remove it
prev_output = sys.stderr
sys.stderr = open("/dev/null", 'w')

# omemo module is copied from gajim-plugins, assuming axolotl is already installed on system
from omemo.backend.liteaxolotlstore import LiteAxolotlStore, _convert_identity_key as convert
from axolotl.ecc.curve import Curve

# Reestablish STDERR output so we don't eat errors
sys.stderr = prev_output

# Feed me a private key
def sign(key, message):
    return Curve.calculateSignature(key, bytes(message, "utf-8")).hex()

# Feed me a public key
def verify(key, message, sig):
    return Curve.verifySignature(key, bytes(message, "utf-8"), bytes.fromhex(sig))

args = len(sys.argv)
if args == 1:
    help()
    exit(0)
elif args < 4:
    help()
    exit(2)

try:
    db = LiteAxolotlStore(sys.argv[1], None)
except:
    print("Failed to load database from " + sys.argv[1])
    exit(1)
keypair = db.getIdentityKeyPair()

# Now let's check message from CLI args and sign it
mymessage = sys.argv[2]
mysig = sys.argv[3]

try:
    ok = verify(keypair.getPublicKey().getPublicKey(), mymessage, mysig)
except:
    print("Failed to run verification of message with OMEMO key!")
    exit(3)

if ok:
    print("Signature OK")
    exit(0)
else:
    print("Signature not OK")
    exit(42)