Add tests, remove duplicate signing functions (#1)
This commit is contained in:
wussler
Daniel Huigens
parent
3e4e36b766
commit
b074657c90
7 changed files with 157 additions and 128 deletions
|
|
@ -304,76 +304,6 @@ func (kr *KeyRing) DecryptStringIfNeeded(data string) (decrypted string, err err
|
|||
return
|
||||
}
|
||||
|
||||
// SignString signs a string message, using this KeyRing. canonicalizeText identifies if newlines are canonicalized
|
||||
func (kr *KeyRing) SignString(message string, canonicalizeText bool) (signed string, err error) {
|
||||
var sig bytes.Buffer
|
||||
err = kr.DetachedSign(&sig, strings.NewReader(message), canonicalizeText, true)
|
||||
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
return sig.String(), nil
|
||||
}
|
||||
|
||||
// DetachedSign will sign a separate ("detached") data from toSign, writing to
|
||||
// w writer. The canonicalizeText identifies if newlines are canonicalized
|
||||
func (kr *KeyRing) DetachedSign(w io.Writer, toSign io.Reader, canonicalizeText bool, armored bool) (err error) {
|
||||
var signEntity *openpgp.Entity
|
||||
for _, e := range kr.entities {
|
||||
if e.PrivateKey != nil && !e.PrivateKey.Encrypted {
|
||||
signEntity = e
|
||||
break
|
||||
}
|
||||
}
|
||||
|
||||
if signEntity == nil {
|
||||
return errKeyringNotUnlocked
|
||||
}
|
||||
|
||||
config := &packet.Config{DefaultCipher: packet.CipherAES256,
|
||||
Time: func() time.Time {
|
||||
return GetGopenPGP().GetTime()
|
||||
},
|
||||
}
|
||||
|
||||
if canonicalizeText {
|
||||
err = openpgp.ArmoredDetachSignText(w, signEntity, toSign, config)
|
||||
} else {
|
||||
if armored {
|
||||
err = openpgp.ArmoredDetachSign(w, signEntity, toSign, config)
|
||||
} else {
|
||||
err = openpgp.DetachSign(w, signEntity, toSign, config)
|
||||
}
|
||||
}
|
||||
return err
|
||||
}
|
||||
|
||||
// VerifyString may return errors.ErrSignatureExpired (defined in
|
||||
// golang.org/x/crypto/openpgp/errors) In this case signature has been verified
|
||||
// successfully, but it is either expired or in the future.
|
||||
func (kr *KeyRing) VerifyString(message, signature string, sign *KeyRing) (err error) {
|
||||
messageReader := strings.NewReader(message)
|
||||
signatureReader := strings.NewReader(signature)
|
||||
|
||||
err = nil
|
||||
if sign != nil {
|
||||
for _, e := range sign.entities {
|
||||
if e.PrivateKey != nil && !e.PrivateKey.Encrypted {
|
||||
_, err = openpgp.CheckArmoredDetachedSignature(kr.entities, messageReader, signatureReader, nil)
|
||||
if err == nil || err == pgperrors.ErrSignatureExpired {
|
||||
return
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if err == nil {
|
||||
return errKeyringNotUnlocked
|
||||
}
|
||||
|
||||
return err
|
||||
}
|
||||
|
||||
// Unlock tries to unlock as many keys as possible with the following password. Note
|
||||
// that keyrings can contain keys locked with different passwords, and thus
|
||||
// err == nil does not mean that all keys have been successfully decrypted.
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue