Merge pull request #199 from ProtonMail/detached-sign-type-text

Detached sign text messages with signature type text
2022-11-18 15:32:50 +01:00 · 2022-11-18 15:32:50 +01:00 · 9b9463553c
commit 9b9463553c
parent 7cedddc40d ba2125a681
3 changed files with 47 additions and 2 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -8,6 +8,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Changed
 - Updated `github.com/ProtonMail/go-mime` to latest versions, which cleans up uneeded dependencies. And fix an issue with PGP/MIME messages with non standard encodings.
 - Sanitize strings returned in `MIMECallbacks.OnBody()` and `PlainMessage.GetString()`. Strings that have non utf8 characters will be sanitized to have the "character unknown" character : <20> instead.
+- Detached sign text messages with signature type text. Similarly, clearsigned messages now also use signature type text.

 ## [2.4.10] 2022-08-22
 ### Changed
--- a/crypto/keyring_message.go
+++ b/crypto/keyring_message.go
@ -69,8 +69,12 @@ func (keyRing *KeyRing) SignDetached(message *PlainMessage) (*PGPSignature, erro

 	config := &packet.Config{DefaultHash: crypto.SHA512, Time: getTimeGenerator()}
 	var outBuf bytes.Buffer
-	// sign bin
-	if err := openpgp.DetachSign(&outBuf, signEntity, message.NewReader(), config); err != nil {
+	if message.IsBinary() {
+		err = openpgp.DetachSign(&outBuf, signEntity, message.NewReader(), config)
+	} else {
+		err = openpgp.DetachSignText(&outBuf, signEntity, message.NewReader(), config)
+	}
+	if err != nil {
 		return nil, errors.Wrap(err, "gopenpgp: error in signing")
 	}

--- a/crypto/signature_test.go
+++ b/crypto/signature_test.go
@ -19,6 +19,26 @@ var textSignature, binSignature *PGPSignature
 var message *PlainMessage
 var signatureTest = regexp.MustCompile("(?s)^-----BEGIN PGP SIGNATURE-----.*-----END PGP SIGNATURE-----$")

+func getSignatureType(sig *PGPSignature) (packet.SignatureType, error) {
+	sigPacket, err := getSignaturePacket(sig)
+	if err != nil {
+		return 0, err
+	}
+	return sigPacket.SigType, nil
+}
+
+func getSignaturePacket(sig *PGPSignature) (*packet.Signature, error) {
+	p, err := packet.Read(bytes.NewReader(sig.Data))
+	if err != nil {
+		return nil, err
+	}
+	sigPacket, ok := p.(*packet.Signature)
+	if !ok {
+		return nil, errors.New("")
+	}
+	return sigPacket, nil
+}
+
 func TestSignTextDetached(t *testing.T) {
 	var err error

@ -33,6 +53,16 @@ func TestSignTextDetached(t *testing.T) {
 		t.Fatal("Cannot armor signature:", err)
 	}

+	sigType, err := getSignatureType(textSignature)
+
+	if err != nil {
+		t.Fatal("Cannot get signature type:", err)
+	}
+
+	if sigType != packet.SigTypeText {
+		t.Fatal("Signature type was not text")
+	}
+
 	assert.Regexp(t, signatureTest, armoredSignature)
 }

@ -68,6 +98,16 @@ func TestSignBinDetached(t *testing.T) {
 		t.Fatal("Cannot armor signature:", err)
 	}

+	sigType, err := getSignatureType(binSignature)
+
+	if err != nil {
+		t.Fatal("Cannot get signature type:", err)
+	}
+
+	if sigType != packet.SigTypeBinary {
+		t.Fatal("Signature type was not binary")
+	}
+
 	assert.Regexp(t, signatureTest, armoredSignature)
 }