lysann/passforios-gopenpgp
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Canonicalize PGP/MIME content before verifying signatures

Browse source 
Before verifying signatures of PGP/MIME messages we need to canonicalize
the content
This commit is contained in:
M. Thiercelin 2022-03-16 19:07:23 +01:00
parent 41eb732a58
commit 5c5666eaa1
No known key found for this signature in database
GPG key ID: 29581E7E24EBEC0A
1 changed files with 3 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
crypto/signature_collector.go
View file

@ -8,6 +8,7 @@ import (
"net/textproto" "net/textproto"
pgpErrors "github.com/ProtonMail/go-crypto/openpgp/errors" pgpErrors "github.com/ProtonMail/go-crypto/openpgp/errors"
"github.com/ProtonMail/gopenpgp/v2/internal"
"github.com/ProtonMail/go-crypto/openpgp" "github.com/ProtonMail/go-crypto/openpgp"
"github.com/ProtonMail/go-crypto/openpgp/packet" "github.com/ProtonMail/go-crypto/openpgp/packet"
@ -98,7 +99,8 @@ func (sc *SignatureCollector) Accept(
} }
sc.signature = string(buffer) sc.signature = string(buffer)
str, _ := ioutil.ReadAll(rawBody) str, _ := ioutil.ReadAll(rawBody)
rawBody = bytes.NewReader(str) canonicalizedBody := internal.CanonicalizeAndTrim(string(str))
rawBody = bytes.NewReader([]byte(canonicalizedBody))
if sc.keyring != nil { if sc.keyring != nil {
_, err = openpgp.CheckArmoredDetachedSignature(sc.keyring, rawBody, bytes.NewReader(buffer), sc.config) _, err = openpgp.CheckArmoredDetachedSignature(sc.keyring, rawBody, bytes.NewReader(buffer), sc.config)