passforios-gopenpgp/crypto/sign_detached.go

package crypto

import (
	"bytes"
	"errors"
	"io"
	"strings"
	"time"

	"github.com/ProtonMail/gopenpgp/internal"

	"golang.org/x/crypto/openpgp"
	errorsPGP "golang.org/x/crypto/openpgp/errors"
	"golang.org/x/crypto/openpgp/packet"
)

// SignTextDetached creates an armored detached signature of a given string.
func (kr *KeyRing) SignTextDetached(plainText string, passphrase string, trimNewlines bool) (string, error) {
	signEntity, err := kr.GetSigningEntity(passphrase)
	if err != nil {
		return "", err
	}

	config := &packet.Config{DefaultCipher: packet.CipherAES256, Time: pgp.getTimeGenerator()}

	if trimNewlines {
		plainText = internal.TrimNewlines(plainText)
	}

	att := strings.NewReader(plainText)

	var outBuf bytes.Buffer
	//SignText
	if err := openpgp.ArmoredDetachSignText(&outBuf, signEntity, att, config); err != nil {
		return "", err
	}

	return outBuf.String(), nil
}

// SignBinDetached creates an armored detached signature of binary data.
func (kr *KeyRing) SignBinDetached(plainData []byte, passphrase string) (string, error) {
	//sign with 0x00
	signEntity, err := kr.GetSigningEntity(passphrase)
	if err != nil {
		return "", err
	}

	config := &packet.Config{DefaultCipher: packet.CipherAES256, Time: pgp.getTimeGenerator()}

	att := bytes.NewReader(plainData)

	var outBuf bytes.Buffer
	//sign bin
	if err := openpgp.ArmoredDetachSign(&outBuf, signEntity, att, config); err != nil {
		return "", err
	}

	return outBuf.String(), nil
}

// VerifyTextDetachedSig verifies an armored detached signature given the plaintext as a string.
func (kr *KeyRing) VerifyTextDetachedSig(
	signature string, plainText string, verifyTime int64, trimNewlines bool,
) (bool, error) {
	if trimNewlines {
		plainText = internal.TrimNewlines(plainText)
	}
	origText := bytes.NewReader(bytes.NewBufferString(plainText).Bytes())

	return verifySignature(kr.GetEntities(), origText, signature, verifyTime)
}

// VerifyBinDetachedSig verifies an armored detached signature given the plaintext as binary data.
func (kr *KeyRing) VerifyBinDetachedSig(signature string, plainData []byte, verifyTime int64) (bool, error) {
	origText := bytes.NewReader(plainData)

	return verifySignature(kr.GetEntities(), origText, signature, verifyTime)
}

// Internal
func verifySignature(
	pubKeyEntries openpgp.EntityList, origText *bytes.Reader,
	signature string, verifyTime int64,
) (bool, error) {
	config := &packet.Config{}
	if verifyTime == 0 {
		config.Time = func() time.Time {
			return time.Unix(0, 0)
		}
	} else {
		config.Time = func() time.Time {
			return time.Unix(verifyTime+internal.CreationTimeOffset, 0)
		}
	}
	signatureReader := strings.NewReader(signature)

	signer, err := openpgp.CheckArmoredDetachedSignature(pubKeyEntries, origText, signatureReader, config)

	if err == errorsPGP.ErrSignatureExpired && signer != nil {
		if verifyTime > 0 { // if verifyTime = 0: time check disabled, everything is okay
			// Maybe the creation time offset pushed it over the edge
			// Retry with the actual verification time
			config.Time = func() time.Time {
				return time.Unix(verifyTime, 0)
			}

			_, err = signatureReader.Seek(0, io.SeekStart)
			if err != nil {
				return false, err
			}

			signer, err = openpgp.CheckArmoredDetachedSignature(pubKeyEntries, origText, signatureReader, config)
			if err != nil {
				return false, err
			}
		}
	}

	if signer == nil {
		return false, errors.New("gopenpgp: signer is empty")
	}
	// if signer.PrimaryKey.KeyId != signed.PrimaryKey.KeyId {
	// 	// t.Errorf("wrong signer got:%x want:%x", signer.PrimaryKey.KeyId, 0)
	// 	return false, errors.New("signer is nil")
	// }
	return true, nil
}
Add decryptMime and refactor package structure 2018-09-11 11:09:28 +02:00			`package crypto`
wrapper for mobile 2018-06-04 16:05:14 -07:00
			`import (`
			`"bytes"`
			`"errors"`
go vet and lint * Naming * If this is not some OpenPGP standard I follow rule that `DES` should be upper case as it is abreviation and `Triple` should be camel-case as it is normal word hence `TripleDES` * rename `errors2` -> `errorsPGP` * long lines * https://github.com/golang/go/wiki/CodeReviewComments#line-length * I bit improved long lines based on my folding * reuse type in definition if possible i.e. `a string, b string, c string` -> `a,b,c string` * `if long_statetent(); err!=nil {` -> `long_statement;↵ if err!=nil {` * spaces around operators (e.g. `a + b` -> `a+b`) * removing empty lines on start and end of scope * comments * on all exported functions * start with function name * import: * order in alphabet * separate native, golang.org/x/ and our libs 2019-05-14 14:42:38 +00:00			`"io"`
wrapper for mobile 2018-06-04 16:05:14 -07:00			`"strings"`
			`"time"`

Rename package to gopenpgp 2019-05-13 14:07:18 +02:00			`"github.com/ProtonMail/gopenpgp/internal"`
go vet and lint * Naming * If this is not some OpenPGP standard I follow rule that `DES` should be upper case as it is abreviation and `Triple` should be camel-case as it is normal word hence `TripleDES` * rename `errors2` -> `errorsPGP` * long lines * https://github.com/golang/go/wiki/CodeReviewComments#line-length * I bit improved long lines based on my folding * reuse type in definition if possible i.e. `a string, b string, c string` -> `a,b,c string` * `if long_statetent(); err!=nil {` -> `long_statement;↵ if err!=nil {` * spaces around operators (e.g. `a + b` -> `a+b`) * removing empty lines on start and end of scope * comments * on all exported functions * start with function name * import: * order in alphabet * separate native, golang.org/x/ and our libs 2019-05-14 14:42:38 +00:00
wrapper for mobile 2018-06-04 16:05:14 -07:00			`"golang.org/x/crypto/openpgp"`
go vet and lint * Naming * If this is not some OpenPGP standard I follow rule that `DES` should be upper case as it is abreviation and `Triple` should be camel-case as it is normal word hence `TripleDES` * rename `errors2` -> `errorsPGP` * long lines * https://github.com/golang/go/wiki/CodeReviewComments#line-length * I bit improved long lines based on my folding * reuse type in definition if possible i.e. `a string, b string, c string` -> `a,b,c string` * `if long_statetent(); err!=nil {` -> `long_statement;↵ if err!=nil {` * spaces around operators (e.g. `a + b` -> `a+b`) * removing empty lines on start and end of scope * comments * on all exported functions * start with function name * import: * order in alphabet * separate native, golang.org/x/ and our libs 2019-05-14 14:42:38 +00:00			`errorsPGP "golang.org/x/crypto/openpgp/errors"`
Refactor: Moved relevant parts of Key and KeyRing objs from go-pmapi 2018-09-20 15:20:45 +02:00			`"golang.org/x/crypto/openpgp/packet"`
wrapper for mobile 2018-06-04 16:05:14 -07:00			`)`

Improve docs for keyrings (#2) 2019-05-15 14:36:04 +02:00			`// SignTextDetached creates an armored detached signature of a given string.`
Add tests, remove duplicate signing functions (#1) 2019-05-15 13:48:47 +02:00			`func (kr *KeyRing) SignTextDetached(plainText string, passphrase string, trimNewlines bool) (string, error) {`
			`signEntity, err := kr.GetSigningEntity(passphrase)`
go vet and lint * Naming * If this is not some OpenPGP standard I follow rule that `DES` should be upper case as it is abreviation and `Triple` should be camel-case as it is normal word hence `TripleDES` * rename `errors2` -> `errorsPGP` * long lines * https://github.com/golang/go/wiki/CodeReviewComments#line-length * I bit improved long lines based on my folding * reuse type in definition if possible i.e. `a string, b string, c string` -> `a,b,c string` * `if long_statetent(); err!=nil {` -> `long_statement;↵ if err!=nil {` * spaces around operators (e.g. `a + b` -> `a+b`) * removing empty lines on start and end of scope * comments * on all exported functions * start with function name * import: * order in alphabet * separate native, golang.org/x/ and our libs 2019-05-14 14:42:38 +00:00			`if err != nil {`
			`return "", err`
wrapper for mobile 2018-06-04 16:05:14 -07:00			`}`

Rename PmCrypto to GopenPGP 2019-05-14 18:05:01 +02:00			`config := &packet.Config{DefaultCipher: packet.CipherAES256, Time: pgp.getTimeGenerator()}`
wrapper for mobile 2018-06-04 16:05:14 -07:00
Add tests, remove duplicate signing functions (#1) 2019-05-15 13:48:47 +02:00			`if trimNewlines {`
			`plainText = internal.TrimNewlines(plainText)`
			`}`

wrapper for mobile 2018-06-04 16:05:14 -07:00			`att := strings.NewReader(plainText)`

			`var outBuf bytes.Buffer`
			`//SignText`
Android-side KeyRing reuse refactoring support 2018-11-09 13:03:46 +01:00			`if err := openpgp.ArmoredDetachSignText(&outBuf, signEntity, att, config); err != nil {`
wrapper for mobile 2018-06-04 16:05:14 -07:00			`return "", err`
			`}`

			`return outBuf.String(), nil`
			`}`

Improve docs for keyrings (#2) 2019-05-15 14:36:04 +02:00			`// SignBinDetached creates an armored detached signature of binary data.`
Add tests, remove duplicate signing functions (#1) 2019-05-15 13:48:47 +02:00			`func (kr *KeyRing) SignBinDetached(plainData []byte, passphrase string) (string, error) {`
wrapper for mobile 2018-06-04 16:05:14 -07:00			`//sign with 0x00`
Add tests, remove duplicate signing functions (#1) 2019-05-15 13:48:47 +02:00			`signEntity, err := kr.GetSigningEntity(passphrase)`
go vet and lint * Naming * If this is not some OpenPGP standard I follow rule that `DES` should be upper case as it is abreviation and `Triple` should be camel-case as it is normal word hence `TripleDES` * rename `errors2` -> `errorsPGP` * long lines * https://github.com/golang/go/wiki/CodeReviewComments#line-length * I bit improved long lines based on my folding * reuse type in definition if possible i.e. `a string, b string, c string` -> `a,b,c string` * `if long_statetent(); err!=nil {` -> `long_statement;↵ if err!=nil {` * spaces around operators (e.g. `a + b` -> `a+b`) * removing empty lines on start and end of scope * comments * on all exported functions * start with function name * import: * order in alphabet * separate native, golang.org/x/ and our libs 2019-05-14 14:42:38 +00:00			`if err != nil {`
			`return "", err`
wrapper for mobile 2018-06-04 16:05:14 -07:00			`}`

Rename PmCrypto to GopenPGP 2019-05-14 18:05:01 +02:00			`config := &packet.Config{DefaultCipher: packet.CipherAES256, Time: pgp.getTimeGenerator()}`
wrapper for mobile 2018-06-04 16:05:14 -07:00
			`att := bytes.NewReader(plainData)`

			`var outBuf bytes.Buffer`
			`//sign bin`
Android-side KeyRing reuse refactoring support 2018-11-09 13:03:46 +01:00			`if err := openpgp.ArmoredDetachSign(&outBuf, signEntity, att, config); err != nil {`
wrapper for mobile 2018-06-04 16:05:14 -07:00			`return "", err`
			`}`

			`return outBuf.String(), nil`
			`}`

Improve docs for keyrings (#2) 2019-05-15 14:36:04 +02:00			`// VerifyTextDetachedSig verifies an armored detached signature given the plaintext as a string.`
Add tests, remove duplicate signing functions (#1) 2019-05-15 13:48:47 +02:00			`func (kr *KeyRing) VerifyTextDetachedSig(`
			`signature string, plainText string, verifyTime int64, trimNewlines bool,`
go vet and lint * Naming * If this is not some OpenPGP standard I follow rule that `DES` should be upper case as it is abreviation and `Triple` should be camel-case as it is normal word hence `TripleDES` * rename `errors2` -> `errorsPGP` * long lines * https://github.com/golang/go/wiki/CodeReviewComments#line-length * I bit improved long lines based on my folding * reuse type in definition if possible i.e. `a string, b string, c string` -> `a,b,c string` * `if long_statetent(); err!=nil {` -> `long_statement;↵ if err!=nil {` * spaces around operators (e.g. `a + b` -> `a+b`) * removing empty lines on start and end of scope * comments * on all exported functions * start with function name * import: * order in alphabet * separate native, golang.org/x/ and our libs 2019-05-14 14:42:38 +00:00			`) (bool, error) {`
Add tests, remove duplicate signing functions (#1) 2019-05-15 13:48:47 +02:00			`if trimNewlines {`
			`plainText = internal.TrimNewlines(plainText)`
			`}`
wrapper for mobile 2018-06-04 16:05:14 -07:00			`origText := bytes.NewReader(bytes.NewBufferString(plainText).Bytes())`
Add a 2 day offset for signature creation time checking 2018-07-31 01:00:45 +02:00
Add tests, remove duplicate signing functions (#1) 2019-05-15 13:48:47 +02:00			`return verifySignature(kr.GetEntities(), origText, signature, verifyTime)`
Add a 2 day offset for signature creation time checking 2018-07-31 01:00:45 +02:00			`}`

Improve docs for keyrings (#2) 2019-05-15 14:36:04 +02:00			`// VerifyBinDetachedSig verifies an armored detached signature given the plaintext as binary data.`
Add tests, remove duplicate signing functions (#1) 2019-05-15 13:48:47 +02:00			`func (kr *KeyRing) VerifyBinDetachedSig(signature string, plainData []byte, verifyTime int64) (bool, error) {`
			`origText := bytes.NewReader(plainData)`

			`return verifySignature(kr.GetEntities(), origText, signature, verifyTime)`
			`}`

			`// Internal`
go vet and lint * Naming * If this is not some OpenPGP standard I follow rule that `DES` should be upper case as it is abreviation and `Triple` should be camel-case as it is normal word hence `TripleDES` * rename `errors2` -> `errorsPGP` * long lines * https://github.com/golang/go/wiki/CodeReviewComments#line-length * I bit improved long lines based on my folding * reuse type in definition if possible i.e. `a string, b string, c string` -> `a,b,c string` * `if long_statetent(); err!=nil {` -> `long_statement;↵ if err!=nil {` * spaces around operators (e.g. `a + b` -> `a+b`) * removing empty lines on start and end of scope * comments * on all exported functions * start with function name * import: * order in alphabet * separate native, golang.org/x/ and our libs 2019-05-14 14:42:38 +00:00			`func verifySignature(`
			`pubKeyEntries openpgp.EntityList, origText *bytes.Reader,`
			`signature string, verifyTime int64,`
			`) (bool, error) {`
Add a 2 day offset for signature creation time checking 2018-07-31 01:00:45 +02:00			`config := &packet.Config{}`
			`if verifyTime == 0 {`
			`config.Time = func() time.Time {`
			`return time.Unix(0, 0)`
			`}`
			`} else {`
wrapper for mobile 2018-06-04 16:05:14 -07:00			`config.Time = func() time.Time {`
refactor functions and merge in keyring 2019-05-14 08:07:49 +00:00			`return time.Unix(verifyTime+internal.CreationTimeOffset, 0)`
wrapper for mobile 2018-06-04 16:05:14 -07:00			`}`
			`}`
Add a 2 day offset for signature creation time checking 2018-07-31 01:00:45 +02:00			`signatureReader := strings.NewReader(signature)`

wrapper for mobile 2018-06-04 16:05:14 -07:00			`signer, err := openpgp.CheckArmoredDetachedSignature(pubKeyEntries, origText, signatureReader, config)`
Add a 2 day offset for signature creation time checking 2018-07-31 01:00:45 +02:00
go vet and lint * Naming * If this is not some OpenPGP standard I follow rule that `DES` should be upper case as it is abreviation and `Triple` should be camel-case as it is normal word hence `TripleDES` * rename `errors2` -> `errorsPGP` * long lines * https://github.com/golang/go/wiki/CodeReviewComments#line-length * I bit improved long lines based on my folding * reuse type in definition if possible i.e. `a string, b string, c string` -> `a,b,c string` * `if long_statetent(); err!=nil {` -> `long_statement;↵ if err!=nil {` * spaces around operators (e.g. `a + b` -> `a+b`) * removing empty lines on start and end of scope * comments * on all exported functions * start with function name * import: * order in alphabet * separate native, golang.org/x/ and our libs 2019-05-14 14:42:38 +00:00			`if err == errorsPGP.ErrSignatureExpired && signer != nil {`
			`if verifyTime > 0 { // if verifyTime = 0: time check disabled, everything is okay`
Add a 2 day offset for signature creation time checking 2018-07-31 01:00:45 +02:00			`// Maybe the creation time offset pushed it over the edge`
			`// Retry with the actual verification time`
			`config.Time = func() time.Time {`
			`return time.Unix(verifyTime, 0)`
			`}`
bugfix 2018-07-31 01:13:00 +02:00
go vet and lint * Naming * If this is not some OpenPGP standard I follow rule that `DES` should be upper case as it is abreviation and `Triple` should be camel-case as it is normal word hence `TripleDES` * rename `errors2` -> `errorsPGP` * long lines * https://github.com/golang/go/wiki/CodeReviewComments#line-length * I bit improved long lines based on my folding * reuse type in definition if possible i.e. `a string, b string, c string` -> `a,b,c string` * `if long_statetent(); err!=nil {` -> `long_statement;↵ if err!=nil {` * spaces around operators (e.g. `a + b` -> `a+b`) * removing empty lines on start and end of scope * comments * on all exported functions * start with function name * import: * order in alphabet * separate native, golang.org/x/ and our libs 2019-05-14 14:42:38 +00:00			`_, err = signatureReader.Seek(0, io.SeekStart)`
			`if err != nil {`
			`return false, err`
			`}`

Add a 2 day offset for signature creation time checking 2018-07-31 01:00:45 +02:00			`signer, err = openpgp.CheckArmoredDetachedSignature(pubKeyEntries, origText, signatureReader, config)`
go vet and lint * Naming * If this is not some OpenPGP standard I follow rule that `DES` should be upper case as it is abreviation and `Triple` should be camel-case as it is normal word hence `TripleDES` * rename `errors2` -> `errorsPGP` * long lines * https://github.com/golang/go/wiki/CodeReviewComments#line-length * I bit improved long lines based on my folding * reuse type in definition if possible i.e. `a string, b string, c string` -> `a,b,c string` * `if long_statetent(); err!=nil {` -> `long_statement;↵ if err!=nil {` * spaces around operators (e.g. `a + b` -> `a+b`) * removing empty lines on start and end of scope * comments * on all exported functions * start with function name * import: * order in alphabet * separate native, golang.org/x/ and our libs 2019-05-14 14:42:38 +00:00			`if err != nil {`
			`return false, err`
			`}`
Add a 2 day offset for signature creation time checking 2018-07-31 01:00:45 +02:00			`}`
			`}`
go vet and lint * Naming * If this is not some OpenPGP standard I follow rule that `DES` should be upper case as it is abreviation and `Triple` should be camel-case as it is normal word hence `TripleDES` * rename `errors2` -> `errorsPGP` * long lines * https://github.com/golang/go/wiki/CodeReviewComments#line-length * I bit improved long lines based on my folding * reuse type in definition if possible i.e. `a string, b string, c string` -> `a,b,c string` * `if long_statetent(); err!=nil {` -> `long_statement;↵ if err!=nil {` * spaces around operators (e.g. `a + b` -> `a+b`) * removing empty lines on start and end of scope * comments * on all exported functions * start with function name * import: * order in alphabet * separate native, golang.org/x/ and our libs 2019-05-14 14:42:38 +00:00
wrapper for mobile 2018-06-04 16:05:14 -07:00			`if signer == nil {`
Rename PmCrypto to GopenPGP 2019-05-14 18:05:01 +02:00			`return false, errors.New("gopenpgp: signer is empty")`
wrapper for mobile 2018-06-04 16:05:14 -07:00			`}`
			`// if signer.PrimaryKey.KeyId != signed.PrimaryKey.KeyId {`
			`// // t.Errorf("wrong signer got:%x want:%x", signer.PrimaryKey.KeyId, 0)`
			`// return false, errors.New("signer is nil")`
			`// }`
			`return true, nil`
			`}`