From 4a41ea9e27944fc1170ad4e10d9aca038590d348 Mon Sep 17 00:00:00 2001 From: Aron Wussler Date: Thu, 12 Sep 2019 11:33:17 +0200 Subject: [PATCH] Add wrappers for iOS --- helper/ios.go | 42 +++++++++++++++++++++++++++++++++++++ helper/ios_test.go | 52 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 94 insertions(+) create mode 100644 helper/ios.go create mode 100644 helper/ios_test.go diff --git a/helper/ios.go b/helper/ios.go new file mode 100644 index 0000000..22a433d --- /dev/null +++ b/helper/ios.go @@ -0,0 +1,42 @@ +package helper + +import ( + "github.com/ProtonMail/gopenpgp/crypto" +) + +type ExplicitVerifyMessage struct { + Message *crypto.PlainMessage + SignatureVerificationError *crypto.SignatureVerificationError +} + +// DecryptVerifyMessageArmored decrypts an armored PGP message given a private key and its passphrase +// and verifies the embedded signature. +// Returns the plain data or an error on signature verification failure. +func DecryptExplicitVerify( + pgpMessage *crypto.PGPMessage, + privateKeyRing, publicKeyRing *crypto.KeyRing, + verifyTime int64, +) (*ExplicitVerifyMessage, error) { + var explicitVerify *ExplicitVerifyMessage + + message, err := privateKeyRing.Decrypt(pgpMessage, publicKeyRing, verifyTime); + + if err != nil { + castedErr, isType := err.(crypto.SignatureVerificationError) + if !isType { + return nil, err + } + + explicitVerify = &ExplicitVerifyMessage{ + Message: message, + SignatureVerificationError: &castedErr, + } + } else { + explicitVerify = &ExplicitVerifyMessage{ + Message: message, + SignatureVerificationError: nil, + } + } + + return explicitVerify, nil +} diff --git a/helper/ios_test.go b/helper/ios_test.go new file mode 100644 index 0000000..0916755 --- /dev/null +++ b/helper/ios_test.go @@ -0,0 +1,52 @@ +package helper + +import ( + "testing" + + "github.com/ProtonMail/gopenpgp/constants" + "github.com/ProtonMail/gopenpgp/crypto" + "github.com/stretchr/testify/assert" +) + +func TestIOSSignedMessageDecryption(t *testing.T) { + testPrivateKeyRing, _ := pgp.BuildKeyRingArmored(readTestFile("keyring_privateKey", false)) + testPublicKeyRing, _ := pgp.BuildKeyRingArmored(readTestFile("mime_publicKey", false)) + + // Password defined in base_test + err := testPrivateKeyRing.UnlockWithPassphrase(testMailboxPassword) + if err != nil { + t.Fatal("Expected no error unlocking privateKey, got:", err) + } + + pgpMessage, err := crypto.NewPGPMessageFromArmored(readTestFile("message_signed", false)) + if err != nil { + t.Fatal("Expected no error when unarmoring, got:", err) + } + + decrypted, err := DecryptExplicitVerify(pgpMessage, testPrivateKeyRing, testPublicKeyRing, pgp.GetUnixTime()) + if err != nil { + t.Fatal("Expected no error when decrypting, got:", err) + } + + assert.Exactly(t, constants.SIGNATURE_NO_VERIFIER, decrypted.SignatureVerificationError.Status) + assert.Exactly(t, readTestFile("message_plaintext", true), decrypted.Message.GetString()) + + testPublicKeyRing, _ = pgp.BuildKeyRingArmored(readTestFile("keyring_publicKey", false)) + + pgpMessage, err = testPublicKeyRing.Encrypt(decrypted.Message, testPrivateKeyRing) + if err != nil { + t.Fatal("Expected no error when encrypting, got:", err) + } + + decrypted, err = DecryptExplicitVerify(pgpMessage, testPrivateKeyRing, testPublicKeyRing, pgp.GetUnixTime()) + if err != nil { + t.Fatal("Expected no error when decrypting, got:", err) + } + + assert.Nil(t, decrypted.SignatureVerificationError) + assert.Exactly(t, readTestFile("message_plaintext", true), decrypted.Message.GetString()) + + decrypted, err = DecryptExplicitVerify(pgpMessage, testPublicKeyRing, testPublicKeyRing, pgp.GetUnixTime()) + assert.NotNil(t, err) + assert.Nil(t, decrypted) +}