lysann/passforios-gopenpgp
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add API to add contexts to detached signatures.

Browse source 
Using the notation data packets of signatures, we add a way to
set a context to detached signatures.
We also add a way to enforce that signatures have the right context
during verification.
This commit is contained in:
M. Thiercelin 2023-03-02 15:33:12 +01:00
parent 3152e50f92
commit 1ec90e34ea
No known key found for this signature in database
GPG key ID: 29581E7E24EBEC0A
10 changed files with 614 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

21
crypto/keyring_streaming.go
View file

@ -329,6 +329,27 @@ func (keyRing *KeyRing) VerifyDetachedStream(
message,
signature.GetBinary(),
verifyTime,
nil,
)
return err
}
// VerifyDetachedStreamWithContext verifies a message reader with a detached PGPSignature
// and returns a SignatureVerificationError if fails.
// If a context is provided, it verifies that the signature is valid in the given context, using
// the signature notations.
func (keyRing *KeyRing) VerifyDetachedStreamWithContext(
message Reader,
signature *PGPSignature,
verifyTime int64,
verificationContext *VerificationContext,
) error {
_, err := verifySignature(
keyRing.entities,
message,
signature.GetBinary(),
verifyTime,
verificationContext,
)
return err
}