lysann/passforios-gopenpgp
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Reject signatures using insecure hash algorithms (#52)

Browse source
This commit is contained in:
Daniel Huigens 2020-06-25 13:45:59 +02:00 committed by GitHub
parent 3e28b51abb
commit 608bedaaf1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 112 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

29
crypto/message_test.go
View file

@ -143,6 +143,35 @@ func TestSignedMessageDecryption(t *testing.T) {
assert.Exactly(t, readTestFile("message_plaintext", true), decrypted.GetString())
}
func TestSHA256SignedMessageDecryption(t *testing.T) {
pgpMessage, err := NewPGPMessageFromArmored(readTestFile("message_sha256_signed", false))
if err != nil {
t.Fatal("Expected no error when unarmoring, got:", err)
}
decrypted, err := keyRingTestPrivate.Decrypt(pgpMessage, keyRingTestPrivate, 0)
if err != nil {
t.Fatal("Expected no error when decrypting, got:", err)
}
assert.Exactly(t, readTestFile("message_plaintext", true), decrypted.GetString())
}
func TestSHA1SignedMessageDecryption(t *testing.T) {
pgpMessage, err := NewPGPMessageFromArmored(readTestFile("message_sha1_signed", false))
if err != nil {
t.Fatal("Expected no error when unarmoring, got:", err)
}
decrypted, err := keyRingTestPrivate.Decrypt(pgpMessage, keyRingTestPrivate, 0)
if err == nil {
t.Fatal("Expected verification error when decrypting")
}
if err.Error() != "Signature Verification Error: Insecure signature" {
t.Fatal("Expected verification error when decrypting, got:", err)
}
assert.Exactly(t, readTestFile("message_plaintext", true), decrypted.GetString())
}
func TestMultipleKeyMessageEncryption(t *testing.T) {
var message = NewPlainMessageFromString("plain text")
assert.Exactly(t, 3, len(keyRingTestMultiple.entities))