From b90e70daa4fc850a5c36e01c99bf02f9f044d2f3 Mon Sep 17 00:00:00 2001 From: Daniel Huigens Date: Wed, 16 Nov 2022 14:21:39 +0100 Subject: [PATCH 1/3] Detached sign text messages with signature type text --- crypto/keyring_message.go | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/crypto/keyring_message.go b/crypto/keyring_message.go index 4c2c9cd..1c429eb 100644 --- a/crypto/keyring_message.go +++ b/crypto/keyring_message.go @@ -69,8 +69,12 @@ func (keyRing *KeyRing) SignDetached(message *PlainMessage) (*PGPSignature, erro config := &packet.Config{DefaultHash: crypto.SHA512, Time: getTimeGenerator()} var outBuf bytes.Buffer - // sign bin - if err := openpgp.DetachSign(&outBuf, signEntity, message.NewReader(), config); err != nil { + if message.IsBinary() { + err = openpgp.DetachSign(&outBuf, signEntity, message.NewReader(), config) + } else { + err = openpgp.DetachSignText(&outBuf, signEntity, message.NewReader(), config) + } + if err != nil { return nil, errors.Wrap(err, "gopenpgp: error in signing") } From bae54f7e83bc9a97ac2a9c9161d1909f74f5fb60 Mon Sep 17 00:00:00 2001 From: "M. Thiercelin" Date: Thu, 17 Nov 2022 15:22:03 +0100 Subject: [PATCH 2/3] Check signature types in unit tests --- crypto/signature_test.go | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/crypto/signature_test.go b/crypto/signature_test.go index 2395fc2..b1f301f 100644 --- a/crypto/signature_test.go +++ b/crypto/signature_test.go @@ -19,6 +19,26 @@ var textSignature, binSignature *PGPSignature var message *PlainMessage var signatureTest = regexp.MustCompile("(?s)^-----BEGIN PGP SIGNATURE-----.*-----END PGP SIGNATURE-----$") +func getSignatureType(sig *PGPSignature) (packet.SignatureType, error) { + sigPacket, err := getSignaturePacket(sig) + if err != nil { + return 0, err + } + return sigPacket.SigType, nil +} + +func getSignaturePacket(sig *PGPSignature) (*packet.Signature, error) { + p, err := packet.Read(bytes.NewReader(sig.Data)) + if err != nil { + return nil, err + } + sigPacket, ok := p.(*packet.Signature) + if !ok { + return nil, errors.New("") + } + return sigPacket, nil +} + func TestSignTextDetached(t *testing.T) { var err error @@ -33,6 +53,16 @@ func TestSignTextDetached(t *testing.T) { t.Fatal("Cannot armor signature:", err) } + sigType, err := getSignatureType(textSignature) + + if err != nil { + t.Fatal("Cannot get signature type:", err) + } + + if sigType != packet.SigTypeText { + t.Fatal("Signature type was not text") + } + assert.Regexp(t, signatureTest, armoredSignature) } @@ -68,6 +98,16 @@ func TestSignBinDetached(t *testing.T) { t.Fatal("Cannot armor signature:", err) } + sigType, err := getSignatureType(binSignature) + + if err != nil { + t.Fatal("Cannot get signature type:", err) + } + + if sigType != packet.SigTypeBinary { + t.Fatal("Signature type was not binary") + } + assert.Regexp(t, signatureTest, armoredSignature) } From ba2125a6812c85b6f25a450737e39dd0f021e223 Mon Sep 17 00:00:00 2001 From: Daniel Huigens Date: Thu, 17 Nov 2022 18:41:16 +0100 Subject: [PATCH 3/3] Update changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2b20845..0871e3d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Changed - Updated `github.com/ProtonMail/go-mime` to latest versions, which cleans up uneeded dependencies. And fix an issue with PGP/MIME messages with non standard encodings. - Sanitize strings returned in `MIMECallbacks.OnBody()` and `PlainMessage.GetString()`. Strings that have non utf8 characters will be sanitized to have the "character unknown" character : � instead. +- Detached sign text messages with signature type text. Similarly, clearsigned messages now also use signature type text. ## [2.4.10] 2022-08-22 ### Changed