Improve error handling, fix linter (#92)
* Improve error handling, fix linter
This commit is contained in:
wussler
GitHub
parent
6b2ac0b11c
commit
53a85837e0
23 changed files with 194 additions and 186 deletions
|
|
@ -8,6 +8,7 @@ import (
|
|||
"sync"
|
||||
"time"
|
||||
|
||||
"github.com/pkg/errors"
|
||||
"golang.org/x/crypto/openpgp"
|
||||
"golang.org/x/crypto/openpgp/packet"
|
||||
)
|
||||
|
|
@ -36,11 +37,11 @@ func (ap *AttachmentProcessor) Finish() (*PGPSplitMessage, error) {
|
|||
return nil, ap.err
|
||||
}
|
||||
if err := (*ap.w).Close(); err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopengpp: unable to close writer")
|
||||
}
|
||||
|
||||
if err := (*ap.pipe).Close(); err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopengpp: unable to close pipe")
|
||||
}
|
||||
|
||||
ap.done.Wait()
|
||||
|
|
@ -88,7 +89,7 @@ func (keyRing *KeyRing) newAttachmentProcessor(
|
|||
var encryptErr error
|
||||
ew, encryptErr = openpgp.Encrypt(writer, keyRing.entities, nil, hints, config)
|
||||
if encryptErr != nil {
|
||||
return nil, encryptErr
|
||||
return nil, errors.Wrap(encryptErr, "gopengpp: unable to encrypt attachment")
|
||||
}
|
||||
attachmentProc.w = &ew
|
||||
attachmentProc.pipe = writer
|
||||
|
|
@ -148,13 +149,13 @@ func (keyRing *KeyRing) DecryptAttachment(message *PGPSplitMessage) (*PlainMessa
|
|||
|
||||
md, err := openpgp.ReadMessage(encryptedReader, privKeyEntries, nil, config)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopengpp: unable to read attachment")
|
||||
}
|
||||
|
||||
decrypted := md.UnverifiedBody
|
||||
b, err := ioutil.ReadAll(decrypted)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopengpp: unable to read attachment body")
|
||||
}
|
||||
|
||||
return &PlainMessage{
|
||||
|
|
|
|||
|
|
@ -186,7 +186,11 @@ func (key *Key) Serialize() ([]byte, error) {
|
|||
err = key.entity.SerializePrivateWithoutSigning(&buffer, nil)
|
||||
}
|
||||
|
||||
return buffer.Bytes(), err
|
||||
if err != nil {
|
||||
return nil, errors.Wrap(err, "gopenpgp: error in serializing key")
|
||||
}
|
||||
|
||||
return buffer.Bytes(), nil
|
||||
}
|
||||
|
||||
// Armor returns the armored key as a string with default gopenpgp headers.
|
||||
|
|
@ -235,7 +239,7 @@ func (key *Key) GetArmoredPublicKeyWithCustomHeaders(comment, version string) (s
|
|||
func (key *Key) GetPublicKey() (b []byte, err error) {
|
||||
var outBuf bytes.Buffer
|
||||
if err = key.entity.Serialize(&outBuf); err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopenpgp: error in serializing public key")
|
||||
}
|
||||
|
||||
return outBuf.Bytes(), nil
|
||||
|
|
@ -397,7 +401,7 @@ func (key *Key) readFrom(r io.Reader, armored bool) error {
|
|||
entities, err = openpgp.ReadKeyRing(r)
|
||||
}
|
||||
if err != nil {
|
||||
return err
|
||||
return errors.Wrap(err, "gopenpgp: error in reading key ring")
|
||||
}
|
||||
|
||||
if len(entities) > 1 {
|
||||
|
|
@ -456,7 +460,7 @@ func generateKey(
|
|||
|
||||
newEntity, err := openpgp.NewEntity(name, comments, email, cfg)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopengpp: error in encoding new entity")
|
||||
}
|
||||
|
||||
if newEntity.PrivateKey == nil {
|
||||
|
|
|
|||
|
|
@ -82,8 +82,7 @@ func (keyRing *KeyRing) getSigningEntity() (*openpgp.Entity, error) {
|
|||
}
|
||||
}
|
||||
if signEntity == nil {
|
||||
err := errors.New("gopenpgp: cannot sign message, unable to unlock signer key")
|
||||
return signEntity, err
|
||||
return nil, errors.New("gopenpgp: cannot sign message, unable to unlock signer key")
|
||||
}
|
||||
|
||||
return signEntity, nil
|
||||
|
|
|
|||
|
|
@ -6,6 +6,7 @@ import (
|
|||
"io"
|
||||
"io/ioutil"
|
||||
|
||||
"github.com/pkg/errors"
|
||||
"golang.org/x/crypto/openpgp"
|
||||
"golang.org/x/crypto/openpgp/packet"
|
||||
)
|
||||
|
|
@ -47,7 +48,7 @@ func (keyRing *KeyRing) SignDetached(message *PlainMessage) (*PGPSignature, erro
|
|||
var outBuf bytes.Buffer
|
||||
// sign bin
|
||||
if err := openpgp.DetachSign(&outBuf, signEntity, message.NewReader(), config); err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopenpgp: error in signing")
|
||||
}
|
||||
|
||||
return NewPGPSignature(outBuf.Bytes()), nil
|
||||
|
|
@ -95,17 +96,17 @@ func asymmetricEncrypt(plainMessage *PlainMessage, publicKey, privateKey *KeyRin
|
|||
encryptWriter, err = openpgp.EncryptText(&outBuf, publicKey.entities, signEntity, hints, config)
|
||||
}
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopenpgp: error in encrypting asymmetrically")
|
||||
}
|
||||
|
||||
_, err = encryptWriter.Write(plainMessage.GetBinary())
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopenpgp: error in writing to message")
|
||||
}
|
||||
|
||||
err = encryptWriter.Close()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopenpgp: error in closing message")
|
||||
}
|
||||
|
||||
return outBuf.Bytes(), nil
|
||||
|
|
@ -130,12 +131,12 @@ func asymmetricDecrypt(
|
|||
|
||||
messageDetails, err := openpgp.ReadMessage(encryptedIO, privKeyEntries, nil, config)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopenpgp: error in reading message")
|
||||
}
|
||||
|
||||
body, err := ioutil.ReadAll(messageDetails.UnverifiedBody)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopenpgp: error in reading message body")
|
||||
}
|
||||
|
||||
if verifyKey != nil {
|
||||
|
|
|
|||
|
|
@ -2,7 +2,6 @@ package crypto
|
|||
|
||||
import (
|
||||
"bytes"
|
||||
"fmt"
|
||||
"strconv"
|
||||
|
||||
"github.com/pkg/errors"
|
||||
|
|
@ -18,7 +17,7 @@ func (keyRing *KeyRing) DecryptSessionKey(keyPacket []byte) (*SessionKey, error)
|
|||
var p packet.Packet
|
||||
var err error
|
||||
if p, err = packets.Next(); err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopenpgp: error in reading packets")
|
||||
}
|
||||
|
||||
ek := p.(*packet.EncryptedKey)
|
||||
|
|
@ -35,7 +34,7 @@ func (keyRing *KeyRing) DecryptSessionKey(keyPacket []byte) (*SessionKey, error)
|
|||
}
|
||||
|
||||
if decryptErr != nil {
|
||||
return nil, decryptErr
|
||||
return nil, errors.Wrap(decryptErr, "gopenpgp: error in decrypting")
|
||||
}
|
||||
|
||||
if ek == nil {
|
||||
|
|
@ -68,8 +67,7 @@ func (keyRing *KeyRing) EncryptSessionKey(sk *SessionKey) ([]byte, error) {
|
|||
|
||||
for _, pub := range pubKeys {
|
||||
if err := packet.SerializeEncryptedKey(outbuf, pub, cf, sk.Key, nil); err != nil {
|
||||
err = fmt.Errorf("gopenpgp: cannot set key: %v", err)
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopenpgp: cannot set key")
|
||||
}
|
||||
}
|
||||
return outbuf.Bytes(), nil
|
||||
|
|
|
|||
|
|
@ -3,8 +3,7 @@ package crypto
|
|||
import (
|
||||
"bytes"
|
||||
"encoding/base64"
|
||||
"errors"
|
||||
"fmt"
|
||||
goerrors "errors"
|
||||
"io"
|
||||
"io/ioutil"
|
||||
"regexp"
|
||||
|
|
@ -15,7 +14,7 @@ import (
|
|||
"github.com/ProtonMail/gopenpgp/v2/armor"
|
||||
"github.com/ProtonMail/gopenpgp/v2/constants"
|
||||
"github.com/ProtonMail/gopenpgp/v2/internal"
|
||||
|
||||
"github.com/pkg/errors"
|
||||
"golang.org/x/crypto/openpgp/clearsign"
|
||||
"golang.org/x/crypto/openpgp/packet"
|
||||
)
|
||||
|
|
@ -68,6 +67,7 @@ func NewPlainMessage(data []byte) *PlainMessage {
|
|||
return &PlainMessage{
|
||||
Data: clone(data),
|
||||
TextType: false,
|
||||
Filename: "",
|
||||
Time: uint32(GetUnixTime()),
|
||||
}
|
||||
}
|
||||
|
|
@ -90,6 +90,7 @@ func NewPlainMessageFromString(text string) *PlainMessage {
|
|||
return &PlainMessage{
|
||||
Data: []byte(strings.ReplaceAll(strings.ReplaceAll(text, "\r\n", "\n"), "\n", "\r\n")),
|
||||
TextType: true,
|
||||
Filename: "",
|
||||
Time: uint32(GetUnixTime()),
|
||||
}
|
||||
}
|
||||
|
|
@ -105,12 +106,12 @@ func NewPGPMessage(data []byte) *PGPMessage {
|
|||
func NewPGPMessageFromArmored(armored string) (*PGPMessage, error) {
|
||||
encryptedIO, err := internal.Unarmor(armored)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopenpgp: error in unarmoring message")
|
||||
}
|
||||
|
||||
message, err := ioutil.ReadAll(encryptedIO.Body)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopenpgp: error in reading armored message")
|
||||
}
|
||||
|
||||
return &PGPMessage{
|
||||
|
|
@ -150,12 +151,12 @@ func NewPGPSignature(data []byte) *PGPSignature {
|
|||
func NewPGPSignatureFromArmored(armored string) (*PGPSignature, error) {
|
||||
encryptedIO, err := internal.Unarmor(armored)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopenpgp: error in unarmoring signature")
|
||||
}
|
||||
|
||||
signature, err := ioutil.ReadAll(encryptedIO.Body)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopenpgp: error in reading armored signature")
|
||||
}
|
||||
|
||||
return &PGPSignature{
|
||||
|
|
@ -182,7 +183,7 @@ func NewClearTextMessageFromArmored(signedMessage string) (*ClearTextMessage, er
|
|||
|
||||
signature, err := ioutil.ReadAll(modulusBlock.ArmoredSignature.Body)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopenpgp: error in reading cleartext message")
|
||||
}
|
||||
|
||||
return NewClearTextMessage(modulusBlock.Bytes, signature), nil
|
||||
|
|
@ -257,7 +258,7 @@ func (msg *PGPMessage) GetEncryptionKeyIDs() ([]uint64, bool) {
|
|||
Loop:
|
||||
for {
|
||||
var p packet.Packet
|
||||
if p, err = packets.Next(); err == io.EOF {
|
||||
if p, err = packets.Next(); goerrors.Is(err, io.EOF) {
|
||||
break
|
||||
}
|
||||
switch p := p.(type) {
|
||||
|
|
@ -333,7 +334,7 @@ func (msg *PGPMessage) SeparateKeyAndData(estimatedLength, garbageCollector int)
|
|||
var encryptedKey *packet.EncryptedKey
|
||||
for {
|
||||
var p packet.Packet
|
||||
if p, err = packets.Next(); err == io.EOF {
|
||||
if p, err = packets.Next(); goerrors.Is(err, io.EOF) {
|
||||
err = nil
|
||||
break
|
||||
}
|
||||
|
|
@ -354,22 +355,22 @@ func (msg *PGPMessage) SeparateKeyAndData(estimatedLength, garbageCollector int)
|
|||
b.Grow(1<<16 + estimatedLength)
|
||||
// empty encoded length + start byte
|
||||
if _, err := b.Write(make([]byte, 6)); err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopenpgp: error in writing data packet header")
|
||||
}
|
||||
|
||||
if err := b.WriteByte(byte(1)); err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopenpgp: error in writing data packet header")
|
||||
}
|
||||
|
||||
actualLength := 1
|
||||
block := make([]byte, 128)
|
||||
for {
|
||||
n, err := p.Contents.Read(block)
|
||||
if err == io.EOF {
|
||||
if goerrors.Is(err, io.EOF) {
|
||||
break
|
||||
}
|
||||
if _, err := b.Write(block[:n]); err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopenpgp: error in writing data packet body")
|
||||
}
|
||||
actualLength += n
|
||||
gcCounter += n
|
||||
|
|
@ -409,7 +410,7 @@ func (msg *PGPMessage) SeparateKeyAndData(estimatedLength, garbageCollector int)
|
|||
|
||||
var buf bytes.Buffer
|
||||
if err := encryptedKey.Serialize(&buf); err != nil {
|
||||
return nil, fmt.Errorf("gopenpgp: cannot serialize encrypted key: %v", err)
|
||||
return nil, errors.Wrap(err, "gopenpgp: cannot serialize encrypted key")
|
||||
}
|
||||
outSplit.KeyPacket = buf.Bytes()
|
||||
|
||||
|
|
@ -456,7 +457,7 @@ func (msg *ClearTextMessage) GetBinarySignature() []byte {
|
|||
func (msg *ClearTextMessage) GetArmored() (string, error) {
|
||||
armSignature, err := armor.ArmorWithType(msg.GetBinarySignature(), constants.PGPSignatureHeader)
|
||||
if err != nil {
|
||||
return "", err
|
||||
return "", errors.Wrap(err, "gopenpgp: error in armoring cleartext message")
|
||||
}
|
||||
|
||||
str := "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA512\r\n\r\n"
|
||||
|
|
@ -486,7 +487,7 @@ func getSignatureKeyIDs(data []byte) ([]uint64, bool) {
|
|||
Loop:
|
||||
for {
|
||||
var p packet.Packet
|
||||
if p, err = packets.Next(); err == io.EOF {
|
||||
if p, err = packets.Next(); goerrors.Is(err, io.EOF) {
|
||||
break
|
||||
}
|
||||
switch p := p.(type) {
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@ package crypto
|
|||
import (
|
||||
"bytes"
|
||||
"encoding/base64"
|
||||
"errors"
|
||||
"io"
|
||||
"testing"
|
||||
"time"
|
||||
|
|
@ -24,7 +25,7 @@ func TestTextMessageEncryptionWithPassword(t *testing.T) {
|
|||
for {
|
||||
var p packet.Packet
|
||||
var errEOF error
|
||||
if p, errEOF = packets.Next(); errEOF == io.EOF {
|
||||
if p, errEOF = packets.Next(); errors.Is(errEOF, io.EOF) {
|
||||
break
|
||||
}
|
||||
sessionKey, ok := p.(*packet.SymmetricKeyEncrypted)
|
||||
|
|
@ -138,7 +139,7 @@ func TestIssue11(t *testing.T) {
|
|||
|
||||
issue11Keyring, err := NewKeyRing(issue11Key)
|
||||
if err != nil {
|
||||
t.Fatal("Expected no error while bulding private keyring, got:", err)
|
||||
t.Fatal("Expected no error while building private keyring, got:", err)
|
||||
}
|
||||
|
||||
senderKey, err := NewKeyFromArmored(readTestFile("issue11_publickey", false))
|
||||
|
|
@ -154,7 +155,7 @@ func TestIssue11(t *testing.T) {
|
|||
|
||||
pgpMessage, err := NewPGPMessageFromArmored(readTestFile("issue11_message", false))
|
||||
if err != nil {
|
||||
t.Fatal("Expected no error while unlocking private keyring, got:", err)
|
||||
t.Fatal("Expected no error while reading ciphertext, got:", err)
|
||||
}
|
||||
|
||||
plainMessage, err := issue11Keyring.Decrypt(pgpMessage, senderKeyring, 0)
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ import (
|
|||
"strings"
|
||||
|
||||
gomime "github.com/ProtonMail/go-mime"
|
||||
|
||||
"github.com/pkg/errors"
|
||||
"golang.org/x/crypto/openpgp"
|
||||
"golang.org/x/crypto/openpgp/packet"
|
||||
)
|
||||
|
|
@ -53,14 +53,14 @@ func parseMIME(
|
|||
) (*gomime.BodyCollector, []string, []string, error) {
|
||||
mm, err := mail.ReadMessage(strings.NewReader(mimeBody))
|
||||
if err != nil {
|
||||
return nil, nil, nil, err
|
||||
return nil, nil, nil, errors.Wrap(err, "gopenpgp: error in reading message")
|
||||
}
|
||||
config := &packet.Config{DefaultCipher: packet.CipherAES256, Time: getTimeGenerator()}
|
||||
|
||||
h := textproto.MIMEHeader(mm.Header)
|
||||
mmBodyData, err := ioutil.ReadAll(mm.Body)
|
||||
if err != nil {
|
||||
return nil, nil, nil, err
|
||||
return nil, nil, nil, errors.Wrap(err, "gopenpgp: error in reading message body data")
|
||||
}
|
||||
|
||||
printAccepter := gomime.NewMIMEPrinter()
|
||||
|
|
|
|||
|
|
@ -119,16 +119,16 @@ func passwordEncrypt(message *PlainMessage, password []byte) ([]byte, error) {
|
|||
|
||||
encryptWriter, err := openpgp.SymmetricallyEncrypt(&outBuf, password, hints, config)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopenpgp: error in encrypting message symmetrically")
|
||||
}
|
||||
_, err = encryptWriter.Write(message.GetBinary())
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopenpgp: error in writing data to message")
|
||||
}
|
||||
|
||||
err = encryptWriter.Close()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopenpgp: error in closing writer")
|
||||
}
|
||||
|
||||
return outBuf.Bytes(), nil
|
||||
|
|
@ -151,13 +151,13 @@ func passwordDecrypt(encryptedIO io.Reader, password []byte) (*PlainMessage, err
|
|||
var emptyKeyRing openpgp.EntityList
|
||||
md, err := openpgp.ReadMessage(encryptedIO, emptyKeyRing, prompt, config)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopenpgp: error in reading password protected message")
|
||||
}
|
||||
|
||||
messageBuf := bytes.NewBuffer(nil)
|
||||
_, err = io.Copy(messageBuf, md.UnverifiedBody)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopenpgp: error in reading password protected message body")
|
||||
}
|
||||
|
||||
return &PlainMessage{
|
||||
|
|
|
|||
|
|
@ -50,7 +50,7 @@ func RandomToken(size int) ([]byte, error) {
|
|||
config := &packet.Config{DefaultCipher: packet.CipherAES256}
|
||||
symKey := make([]byte, size)
|
||||
if _, err := io.ReadFull(config.Random(), symKey); err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopenpgp: error in generating random token")
|
||||
}
|
||||
return symKey, nil
|
||||
}
|
||||
|
|
@ -152,12 +152,12 @@ func (sk *SessionKey) Encrypt(message *PlainMessage) ([]byte, error) {
|
|||
|
||||
_, err = encryptWriter.Write(message.GetBinary())
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopenpgp: error in writing message")
|
||||
}
|
||||
|
||||
err = encryptWriter.Close()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopenpgp: error in closing message")
|
||||
}
|
||||
|
||||
return encBuf.Bytes(), nil
|
||||
|
|
@ -213,7 +213,7 @@ func (sk *SessionKey) Decrypt(dataPacket []byte) (*PlainMessage, error) {
|
|||
messageBuf := new(bytes.Buffer)
|
||||
_, err = messageBuf.ReadFrom(md.UnverifiedBody)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, errors.Wrap(err, "gopenpgp: error in reading message body")
|
||||
}
|
||||
|
||||
return &PlainMessage{
|
||||
|
|
@ -221,7 +221,7 @@ func (sk *SessionKey) Decrypt(dataPacket []byte) (*PlainMessage, error) {
|
|||
TextType: !md.LiteralData.IsBinary,
|
||||
Filename: md.LiteralData.FileName,
|
||||
Time: md.LiteralData.Time,
|
||||
}, err
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (sk *SessionKey) checkSize() error {
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@ package crypto
|
|||
import (
|
||||
"bytes"
|
||||
"crypto"
|
||||
"errors"
|
||||
"fmt"
|
||||
"io"
|
||||
"math"
|
||||
|
|
@ -43,8 +44,8 @@ func (e SignatureVerificationError) Error() string {
|
|||
// SignatureFailed.
|
||||
func newSignatureFailed() SignatureVerificationError {
|
||||
return SignatureVerificationError{
|
||||
constants.SIGNATURE_FAILED,
|
||||
"Invalid signature",
|
||||
Status: constants.SIGNATURE_FAILED,
|
||||
Message: "Invalid signature",
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -52,8 +53,8 @@ func newSignatureFailed() SignatureVerificationError {
|
|||
// SignatureFailed, with a message describing the signature as insecure.
|
||||
func newSignatureInsecure() SignatureVerificationError {
|
||||
return SignatureVerificationError{
|
||||
constants.SIGNATURE_FAILED,
|
||||
"Insecure signature",
|
||||
Status: constants.SIGNATURE_FAILED,
|
||||
Message: "Insecure signature",
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -61,8 +62,8 @@ func newSignatureInsecure() SignatureVerificationError {
|
|||
// SignatureNotSigned.
|
||||
func newSignatureNotSigned() SignatureVerificationError {
|
||||
return SignatureVerificationError{
|
||||
constants.SIGNATURE_NOT_SIGNED,
|
||||
"Missing signature",
|
||||
Status: constants.SIGNATURE_NOT_SIGNED,
|
||||
Message: "Missing signature",
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -70,15 +71,15 @@ func newSignatureNotSigned() SignatureVerificationError {
|
|||
// SignatureNoVerifier.
|
||||
func newSignatureNoVerifier() SignatureVerificationError {
|
||||
return SignatureVerificationError{
|
||||
constants.SIGNATURE_NO_VERIFIER,
|
||||
"No matching signature",
|
||||
Status: constants.SIGNATURE_NO_VERIFIER,
|
||||
Message: "No matching signature",
|
||||
}
|
||||
}
|
||||
|
||||
// processSignatureExpiration handles signature time verification manually, so
|
||||
// we can add a margin to the creationTime check.
|
||||
func processSignatureExpiration(md *openpgp.MessageDetails, verifyTime int64) {
|
||||
if md.SignatureError != pgpErrors.ErrSignatureExpired {
|
||||
if !errors.Is(md.SignatureError, pgpErrors.ErrSignatureExpired) {
|
||||
return
|
||||
}
|
||||
if verifyTime == 0 {
|
||||
|
|
@ -131,7 +132,7 @@ func verifySignature(pubKeyEntries openpgp.EntityList, origText io.Reader, signa
|
|||
|
||||
signer, err := openpgp.CheckDetachedSignatureAndHash(pubKeyEntries, origText, signatureReader, allowedHashes, config)
|
||||
|
||||
if err == pgpErrors.ErrSignatureExpired && signer != nil && verifyTime > 0 {
|
||||
if errors.Is(err, pgpErrors.ErrSignatureExpired) && signer != nil && verifyTime > 0 {
|
||||
// if verifyTime = 0: time check disabled, everything is okay
|
||||
// Maybe the creation time offset pushed it over the edge
|
||||
// Retry with the actual verification time
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ import (
|
|||
"net/textproto"
|
||||
|
||||
gomime "github.com/ProtonMail/go-mime"
|
||||
|
||||
"github.com/pkg/errors"
|
||||
"golang.org/x/crypto/openpgp"
|
||||
"golang.org/x/crypto/openpgp/packet"
|
||||
)
|
||||
|
|
@ -58,7 +58,7 @@ func (sc *SignatureCollector) Accept(
|
|||
sc.verified = newSignatureNotSigned()
|
||||
// Invalid multipart/signed format just pass along
|
||||
if _, err = ioutil.ReadAll(rawBody); err != nil {
|
||||
return err
|
||||
return errors.Wrap(err, "gopenpgp: error in reading raw message body")
|
||||
}
|
||||
|
||||
for i, p := range multiparts {
|
||||
|
|
@ -72,12 +72,12 @@ func (sc *SignatureCollector) Accept(
|
|||
// actual multipart/signed format
|
||||
err = sc.target.Accept(multiparts[0], multipartHeaders[0], hasPlainChild, true, true)
|
||||
if err != nil {
|
||||
return err
|
||||
return errors.Wrap(err, "gopenpgp: error in parsing body")
|
||||
}
|
||||
|
||||
partData, err := ioutil.ReadAll(multiparts[1])
|
||||
if err != nil {
|
||||
return err
|
||||
return errors.Wrap(err, "gopenpgp: error in ready part data")
|
||||
}
|
||||
|
||||
decodedPart := gomime.DecodeContentEncoding(
|
||||
|
|
@ -86,12 +86,12 @@ func (sc *SignatureCollector) Accept(
|
|||
|
||||
buffer, err := ioutil.ReadAll(decodedPart)
|
||||
if err != nil {
|
||||
return err
|
||||
return errors.Wrap(err, "gopenpgp: error in reading decoded data")
|
||||
}
|
||||
mediaType, _, _ := mime.ParseMediaType(header.Get("Content-Type"))
|
||||
buffer, err = gomime.DecodeCharset(buffer, mediaType, params)
|
||||
if err != nil {
|
||||
return err
|
||||
return errors.Wrap(err, "gopenpgp: error in decoding charset")
|
||||
}
|
||||
sc.signature = string(buffer)
|
||||
str, _ := ioutil.ReadAll(rawBody)
|
||||
|
|
@ -107,7 +107,8 @@ func (sc *SignatureCollector) Accept(
|
|||
} else {
|
||||
sc.verified = newSignatureNoVerifier()
|
||||
}
|
||||
return err
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// GetSignature collected by Accept.
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package crypto
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"regexp"
|
||||
"testing"
|
||||
|
||||
|
|
@ -44,7 +45,8 @@ func TestVerifyTextDetachedSigWrong(t *testing.T) {
|
|||
|
||||
assert.EqualError(t, verificationError, "Signature Verification Error: Invalid signature")
|
||||
|
||||
err, _ := verificationError.(SignatureVerificationError)
|
||||
err := &SignatureVerificationError{}
|
||||
_ = errors.As(verificationError, err)
|
||||
assert.Exactly(t, constants.SIGNATURE_FAILED, err.Status)
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue