passforios-gopenpgp/crypto/signature_collector.go

package crypto

import (
	"bytes"
	"io"
	"io/ioutil"
	"mime"
	"net/textproto"

	"github.com/ProtonMail/go-crypto/openpgp"
	"github.com/ProtonMail/go-crypto/openpgp/packet"
	gomime "github.com/ProtonMail/go-mime"
	"github.com/pkg/errors"
)

// SignatureCollector structure.
type SignatureCollector struct {
	config    *packet.Config
	keyring   openpgp.KeyRing
	target    gomime.VisitAcceptor
	signature string
	verified  error
}

func newSignatureCollector(
	targetAcceptor gomime.VisitAcceptor, keyring openpgp.KeyRing, config *packet.Config,
) *SignatureCollector {
	return &SignatureCollector{
		target:  targetAcceptor,
		config:  config,
		keyring: keyring,
	}
}

// Accept collects the signature.
func (sc *SignatureCollector) Accept(
	part io.Reader, header textproto.MIMEHeader,
	hasPlainSibling, isFirst, isLast bool,
) (err error) {
	parentMediaType, params, _ := mime.ParseMediaType(header.Get("Content-Type"))

	if parentMediaType != "multipart/signed" {
		return sc.target.Accept(part, header, hasPlainSibling, isFirst, isLast)
	}

	newPart, rawBody := gomime.GetRawMimePart(part, "--"+params["boundary"])
	multiparts, multipartHeaders, err := gomime.GetMultipartParts(newPart, params)
	if err != nil {
		return
	}

	hasPlainChild := false
	for _, header := range multipartHeaders {
		mediaType, _, _ := mime.ParseMediaType(header.Get("Content-Type"))
		hasPlainChild = (mediaType == "text/plain")
	}
	if len(multiparts) != 2 {
		sc.verified = newSignatureNotSigned()
		// Invalid multipart/signed format just pass along
		if _, err = ioutil.ReadAll(rawBody); err != nil {
			return errors.Wrap(err, "gopenpgp: error in reading raw message body")
		}

		for i, p := range multiparts {
			if err = sc.target.Accept(p, multipartHeaders[i], hasPlainChild, true, true); err != nil {
				return
			}
		}
		return
	}

	// actual multipart/signed format
	err = sc.target.Accept(multiparts[0], multipartHeaders[0], hasPlainChild, true, true)
	if err != nil {
		return errors.Wrap(err, "gopenpgp: error in parsing body")
	}

	partData, err := ioutil.ReadAll(multiparts[1])
	if err != nil {
		return errors.Wrap(err, "gopenpgp: error in ready part data")
	}

	decodedPart := gomime.DecodeContentEncoding(
		bytes.NewReader(partData),
		multipartHeaders[1].Get("Content-Transfer-Encoding"))

	buffer, err := ioutil.ReadAll(decodedPart)
	if err != nil {
		return errors.Wrap(err, "gopenpgp: error in reading decoded data")
	}
	mediaType, _, _ := mime.ParseMediaType(header.Get("Content-Type"))
	buffer, err = gomime.DecodeCharset(buffer, mediaType, params)
	if err != nil {
		return errors.Wrap(err, "gopenpgp: error in decoding charset")
	}
	sc.signature = string(buffer)
	str, _ := ioutil.ReadAll(rawBody)
	rawBody = bytes.NewReader(str)
	if sc.keyring != nil {
		_, err = openpgp.CheckArmoredDetachedSignature(sc.keyring, rawBody, bytes.NewReader(buffer), sc.config)

		if err != nil {
			sc.verified = newSignatureFailed()
		} else {
			sc.verified = nil
		}
	} else {
		sc.verified = newSignatureNoVerifier()
	}

	return nil
}

// GetSignature collected by Accept.
func (sc SignatureCollector) GetSignature() string {
	return sc.signature
}
Add decryptMime and refactor package structure 2018-09-11 11:09:28 +02:00			`package crypto`
Bugfixes 2018-09-05 14:56:06 +02:00
			`import (`
Refactor: Reused pm-mime method 2018-09-19 12:51:44 +02:00			`"bytes"`
			`"io"`
Bugfixes 2018-09-05 14:56:06 +02:00			`"io/ioutil"`
			`"mime"`
Refactor: Reused pm-mime method 2018-09-19 12:51:44 +02:00			`"net/textproto"`
fix crash on missing keyring 2019-03-07 17:39:34 +01:00
Update x/crypto fork to github.com/ProtonMail/go-crypto (#106) 2020-12-08 18:34:39 +01:00			`"github.com/ProtonMail/go-crypto/openpgp"`
			`"github.com/ProtonMail/go-crypto/openpgp/packet"`
Improve documentation and naming - Rename pmmime to gomime - Rename pmKeyObject to pgpKeyObject 2019-05-15 13:40:19 +02:00			`gomime "github.com/ProtonMail/go-mime"`
Improve error handling, fix linter (#92) * Improve error handling, fix linter 2020-10-29 12:42:32 +01:00			`"github.com/pkg/errors"`
Refactor: Reused pm-mime method 2018-09-19 12:51:44 +02:00			`)`
Bugfixes 2018-09-05 14:56:06 +02:00
Update lint (#44) * Reduce complexity of SignatureCollector.Accept * Add stylecheck linter, and lint accordingly * Rephrase some comments * godot - Top level comments should end with a dot. * nestif - Reduce nested complexity of code * Review changes Co-authored-by: Aron Wussler <aron@wussler.it> 2020-04-28 13:55:36 +02:00			`// SignatureCollector structure.`
Bugfixes 2018-09-05 14:56:06 +02:00			`type SignatureCollector struct {`
			`config *packet.Config`
			`keyring openpgp.KeyRing`
Improve documentation and naming - Rename pmmime to gomime - Rename pmKeyObject to pgpKeyObject 2019-05-15 13:40:19 +02:00			`target gomime.VisitAcceptor`
Bugfixes 2018-09-05 14:56:06 +02:00			`signature string`
Fix compilation for gomobile iOS (#17) * Move signature verification to errors * Move cleartext messages to ClearTextMessage struct * Fix documentation 2019-07-02 07:36:02 -07:00			`verified error`
Bugfixes 2018-09-05 14:56:06 +02:00			`}`

go vet and lint * Naming * If this is not some OpenPGP standard I follow rule that `DES` should be upper case as it is abreviation and `Triple` should be camel-case as it is normal word hence `TripleDES` * rename `errors2` -> `errorsPGP` * long lines * https://github.com/golang/go/wiki/CodeReviewComments#line-length * I bit improved long lines based on my folding * reuse type in definition if possible i.e. `a string, b string, c string` -> `a,b,c string` * `if long_statetent(); err!=nil {` -> `long_statement;↵ if err!=nil {` * spaces around operators (e.g. `a + b` -> `a+b`) * removing empty lines on start and end of scope * comments * on all exported functions * start with function name * import: * order in alphabet * separate native, golang.org/x/ and our libs 2019-05-14 14:42:38 +00:00			`func newSignatureCollector(`
Improve documentation and naming - Rename pmmime to gomime - Rename pmKeyObject to pgpKeyObject 2019-05-15 13:40:19 +02:00			`targetAcceptor gomime.VisitAcceptor, keyring openpgp.KeyRing, config *packet.Config,`
go vet and lint * Naming * If this is not some OpenPGP standard I follow rule that `DES` should be upper case as it is abreviation and `Triple` should be camel-case as it is normal word hence `TripleDES` * rename `errors2` -> `errorsPGP` * long lines * https://github.com/golang/go/wiki/CodeReviewComments#line-length * I bit improved long lines based on my folding * reuse type in definition if possible i.e. `a string, b string, c string` -> `a,b,c string` * `if long_statetent(); err!=nil {` -> `long_statement;↵ if err!=nil {` * spaces around operators (e.g. `a + b` -> `a+b`) * removing empty lines on start and end of scope * comments * on all exported functions * start with function name * import: * order in alphabet * separate native, golang.org/x/ and our libs 2019-05-14 14:42:38 +00:00			`) *SignatureCollector {`
Bugfixes 2018-09-05 14:56:06 +02:00			`return &SignatureCollector{`
fix typo / improve documentatation 2019-05-13 12:33:01 +00:00			`target: targetAcceptor,`
Refactor: Reused pm-mime method 2018-09-19 12:51:44 +02:00			`config: config,`
Bugfixes 2018-09-05 14:56:06 +02:00			`keyring: keyring,`
			`}`
			`}`

Update lint (#44) * Reduce complexity of SignatureCollector.Accept * Add stylecheck linter, and lint accordingly * Rephrase some comments * godot - Top level comments should end with a dot. * nestif - Reduce nested complexity of code * Review changes Co-authored-by: Aron Wussler <aron@wussler.it> 2020-04-28 13:55:36 +02:00			`// Accept collects the signature.`
go vet and lint * Naming * If this is not some OpenPGP standard I follow rule that `DES` should be upper case as it is abreviation and `Triple` should be camel-case as it is normal word hence `TripleDES` * rename `errors2` -> `errorsPGP` * long lines * https://github.com/golang/go/wiki/CodeReviewComments#line-length * I bit improved long lines based on my folding * reuse type in definition if possible i.e. `a string, b string, c string` -> `a,b,c string` * `if long_statetent(); err!=nil {` -> `long_statement;↵ if err!=nil {` * spaces around operators (e.g. `a + b` -> `a+b`) * removing empty lines on start and end of scope * comments * on all exported functions * start with function name * import: * order in alphabet * separate native, golang.org/x/ and our libs 2019-05-14 14:42:38 +00:00			`func (sc *SignatureCollector) Accept(`
			`part io.Reader, header textproto.MIMEHeader,`
			`hasPlainSibling, isFirst, isLast bool,`
			`) (err error) {`
Bugfixes 2018-09-05 14:56:06 +02:00			`parentMediaType, params, _ := mime.ParseMediaType(header.Get("Content-Type"))`

Update lint (#44) * Reduce complexity of SignatureCollector.Accept * Add stylecheck linter, and lint accordingly * Rephrase some comments * godot - Top level comments should end with a dot. * nestif - Reduce nested complexity of code * Review changes Co-authored-by: Aron Wussler <aron@wussler.it> 2020-04-28 13:55:36 +02:00			`if parentMediaType != "multipart/signed" {`
			`return sc.target.Accept(part, header, hasPlainSibling, isFirst, isLast)`
			`}`
go vet and lint * Naming * If this is not some OpenPGP standard I follow rule that `DES` should be upper case as it is abreviation and `Triple` should be camel-case as it is normal word hence `TripleDES` * rename `errors2` -> `errorsPGP` * long lines * https://github.com/golang/go/wiki/CodeReviewComments#line-length * I bit improved long lines based on my folding * reuse type in definition if possible i.e. `a string, b string, c string` -> `a,b,c string` * `if long_statetent(); err!=nil {` -> `long_statement;↵ if err!=nil {` * spaces around operators (e.g. `a + b` -> `a+b`) * removing empty lines on start and end of scope * comments * on all exported functions * start with function name * import: * order in alphabet * separate native, golang.org/x/ and our libs 2019-05-14 14:42:38 +00:00
Update lint (#44) * Reduce complexity of SignatureCollector.Accept * Add stylecheck linter, and lint accordingly * Rephrase some comments * godot - Top level comments should end with a dot. * nestif - Reduce nested complexity of code * Review changes Co-authored-by: Aron Wussler <aron@wussler.it> 2020-04-28 13:55:36 +02:00			`newPart, rawBody := gomime.GetRawMimePart(part, "--"+params["boundary"])`
			`multiparts, multipartHeaders, err := gomime.GetMultipartParts(newPart, params)`
			`if err != nil {`
			`return`
			`}`
fix typo / improve documentatation 2019-05-13 12:33:01 +00:00
Update lint (#44) * Reduce complexity of SignatureCollector.Accept * Add stylecheck linter, and lint accordingly * Rephrase some comments * godot - Top level comments should end with a dot. * nestif - Reduce nested complexity of code * Review changes Co-authored-by: Aron Wussler <aron@wussler.it> 2020-04-28 13:55:36 +02:00			`hasPlainChild := false`
			`for _, header := range multipartHeaders {`
			`mediaType, _, _ := mime.ParseMediaType(header.Get("Content-Type"))`
			`hasPlainChild = (mediaType == "text/plain")`
			`}`
			`if len(multiparts) != 2 {`
			`sc.verified = newSignatureNotSigned()`
			`// Invalid multipart/signed format just pass along`
			`if _, err = ioutil.ReadAll(rawBody); err != nil {`
Improve error handling, fix linter (#92) * Improve error handling, fix linter 2020-10-29 12:42:32 +01:00			`return errors.Wrap(err, "gopenpgp: error in reading raw message body")`
Update lint (#44) * Reduce complexity of SignatureCollector.Accept * Add stylecheck linter, and lint accordingly * Rephrase some comments * godot - Top level comments should end with a dot. * nestif - Reduce nested complexity of code * Review changes Co-authored-by: Aron Wussler <aron@wussler.it> 2020-04-28 13:55:36 +02:00			`}`
go vet and lint * Naming * If this is not some OpenPGP standard I follow rule that `DES` should be upper case as it is abreviation and `Triple` should be camel-case as it is normal word hence `TripleDES` * rename `errors2` -> `errorsPGP` * long lines * https://github.com/golang/go/wiki/CodeReviewComments#line-length * I bit improved long lines based on my folding * reuse type in definition if possible i.e. `a string, b string, c string` -> `a,b,c string` * `if long_statetent(); err!=nil {` -> `long_statement;↵ if err!=nil {` * spaces around operators (e.g. `a + b` -> `a+b`) * removing empty lines on start and end of scope * comments * on all exported functions * start with function name * import: * order in alphabet * separate native, golang.org/x/ and our libs 2019-05-14 14:42:38 +00:00
Update lint (#44) * Reduce complexity of SignatureCollector.Accept * Add stylecheck linter, and lint accordingly * Rephrase some comments * godot - Top level comments should end with a dot. * nestif - Reduce nested complexity of code * Review changes Co-authored-by: Aron Wussler <aron@wussler.it> 2020-04-28 13:55:36 +02:00			`for i, p := range multiparts {`
			`if err = sc.target.Accept(p, multipartHeaders[i], hasPlainChild, true, true); err != nil {`
			`return`
Bugfixes 2018-09-05 14:56:06 +02:00			`}`
			`}`
			`return`
			`}`
Update lint (#44) * Reduce complexity of SignatureCollector.Accept * Add stylecheck linter, and lint accordingly * Rephrase some comments * godot - Top level comments should end with a dot. * nestif - Reduce nested complexity of code * Review changes Co-authored-by: Aron Wussler <aron@wussler.it> 2020-04-28 13:55:36 +02:00
			`// actual multipart/signed format`
			`err = sc.target.Accept(multiparts[0], multipartHeaders[0], hasPlainChild, true, true)`
go vet and lint * Naming * If this is not some OpenPGP standard I follow rule that `DES` should be upper case as it is abreviation and `Triple` should be camel-case as it is normal word hence `TripleDES` * rename `errors2` -> `errorsPGP` * long lines * https://github.com/golang/go/wiki/CodeReviewComments#line-length * I bit improved long lines based on my folding * reuse type in definition if possible i.e. `a string, b string, c string` -> `a,b,c string` * `if long_statetent(); err!=nil {` -> `long_statement;↵ if err!=nil {` * spaces around operators (e.g. `a + b` -> `a+b`) * removing empty lines on start and end of scope * comments * on all exported functions * start with function name * import: * order in alphabet * separate native, golang.org/x/ and our libs 2019-05-14 14:42:38 +00:00			`if err != nil {`
Improve error handling, fix linter (#92) * Improve error handling, fix linter 2020-10-29 12:42:32 +01:00			`return errors.Wrap(err, "gopenpgp: error in parsing body")`
go vet and lint * Naming * If this is not some OpenPGP standard I follow rule that `DES` should be upper case as it is abreviation and `Triple` should be camel-case as it is normal word hence `TripleDES` * rename `errors2` -> `errorsPGP` * long lines * https://github.com/golang/go/wiki/CodeReviewComments#line-length * I bit improved long lines based on my folding * reuse type in definition if possible i.e. `a string, b string, c string` -> `a,b,c string` * `if long_statetent(); err!=nil {` -> `long_statement;↵ if err!=nil {` * spaces around operators (e.g. `a + b` -> `a+b`) * removing empty lines on start and end of scope * comments * on all exported functions * start with function name * import: * order in alphabet * separate native, golang.org/x/ and our libs 2019-05-14 14:42:38 +00:00			`}`

Update lint (#44) * Reduce complexity of SignatureCollector.Accept * Add stylecheck linter, and lint accordingly * Rephrase some comments * godot - Top level comments should end with a dot. * nestif - Reduce nested complexity of code * Review changes Co-authored-by: Aron Wussler <aron@wussler.it> 2020-04-28 13:55:36 +02:00			`partData, err := ioutil.ReadAll(multiparts[1])`
			`if err != nil {`
Improve error handling, fix linter (#92) * Improve error handling, fix linter 2020-10-29 12:42:32 +01:00			`return errors.Wrap(err, "gopenpgp: error in ready part data")`
Update lint (#44) * Reduce complexity of SignatureCollector.Accept * Add stylecheck linter, and lint accordingly * Rephrase some comments * godot - Top level comments should end with a dot. * nestif - Reduce nested complexity of code * Review changes Co-authored-by: Aron Wussler <aron@wussler.it> 2020-04-28 13:55:36 +02:00			`}`

			`decodedPart := gomime.DecodeContentEncoding(`
			`bytes.NewReader(partData),`
			`multipartHeaders[1].Get("Content-Transfer-Encoding"))`

			`buffer, err := ioutil.ReadAll(decodedPart)`
			`if err != nil {`
Improve error handling, fix linter (#92) * Improve error handling, fix linter 2020-10-29 12:42:32 +01:00			`return errors.Wrap(err, "gopenpgp: error in reading decoded data")`
Update lint (#44) * Reduce complexity of SignatureCollector.Accept * Add stylecheck linter, and lint accordingly * Rephrase some comments * godot - Top level comments should end with a dot. * nestif - Reduce nested complexity of code * Review changes Co-authored-by: Aron Wussler <aron@wussler.it> 2020-04-28 13:55:36 +02:00			`}`
			`mediaType, _, _ := mime.ParseMediaType(header.Get("Content-Type"))`
			`buffer, err = gomime.DecodeCharset(buffer, mediaType, params)`
			`if err != nil {`
Improve error handling, fix linter (#92) * Improve error handling, fix linter 2020-10-29 12:42:32 +01:00			`return errors.Wrap(err, "gopenpgp: error in decoding charset")`
Update lint (#44) * Reduce complexity of SignatureCollector.Accept * Add stylecheck linter, and lint accordingly * Rephrase some comments * godot - Top level comments should end with a dot. * nestif - Reduce nested complexity of code * Review changes Co-authored-by: Aron Wussler <aron@wussler.it> 2020-04-28 13:55:36 +02:00			`}`
			`sc.signature = string(buffer)`
			`str, _ := ioutil.ReadAll(rawBody)`
			`rawBody = bytes.NewReader(str)`
			`if sc.keyring != nil {`
			`_, err = openpgp.CheckArmoredDetachedSignature(sc.keyring, rawBody, bytes.NewReader(buffer), sc.config)`

			`if err != nil {`
			`sc.verified = newSignatureFailed()`
			`} else {`
			`sc.verified = nil`
			`}`
			`} else {`
			`sc.verified = newSignatureNoVerifier()`
			`}`
Improve error handling, fix linter (#92) * Improve error handling, fix linter 2020-10-29 12:42:32 +01:00
			`return nil`
Bugfixes 2018-09-05 14:56:06 +02:00			`}`

Update lint (#44) * Reduce complexity of SignatureCollector.Accept * Add stylecheck linter, and lint accordingly * Rephrase some comments * godot - Top level comments should end with a dot. * nestif - Reduce nested complexity of code * Review changes Co-authored-by: Aron Wussler <aron@wussler.it> 2020-04-28 13:55:36 +02:00			`// GetSignature collected by Accept.`
fix typo / improve documentatation 2019-05-13 12:33:01 +00:00			`func (sc SignatureCollector) GetSignature() string {`
			`return sc.signature`
Bugfixes 2018-09-05 14:56:06 +02:00			`}`