Add methods for embedded signatures using session keys (#128)

* Add methods to sign when using session keys

* Add mobile helpers for explicit decryption

* Add functions to CHANGELOG

* Fix linter

helper/mobile.go

@@ -14,18 +14,33 @@ type ExplicitVerifyMessage struct {
 	SignatureVerificationError *crypto.SignatureVerificationError
 }
 
-// DecryptExplicitVerify decrypts an armored PGP message given a private key
-// and its passphrase and verifies the embedded signature. Returns the plain
-// data or an error on signature verification failure.
+// DecryptExplicitVerify decrypts a PGP message given a private keyring
+// and a public keyring to verify the embedded signature. Returns the plain
+// data and an error on signature verification failure.
 func DecryptExplicitVerify(
 	pgpMessage *crypto.PGPMessage,
 	privateKeyRing, publicKeyRing *crypto.KeyRing,
 	verifyTime int64,
 ) (*ExplicitVerifyMessage, error) {
-	var explicitVerify *ExplicitVerifyMessage
-
 	message, err := privateKeyRing.Decrypt(pgpMessage, publicKeyRing, verifyTime)
+	return newExplicitVerifyMessage(message, err)
+}
 
+// DecryptSessionKeyExplicitVerify decrypts a PGP data packet given a session key
+// and a public keyring to verify the embedded signature. Returns the plain data and
+// an error on signature verification failure.
+func DecryptSessionKeyExplicitVerify(
+	dataPacket []byte,
+	sessionKey *crypto.SessionKey,
+	publicKeyRing *crypto.KeyRing,
+	verifyTime int64,
+) (*ExplicitVerifyMessage, error) {
+	message, err := sessionKey.DecryptAndVerify(dataPacket, publicKeyRing, verifyTime)
+	return newExplicitVerifyMessage(message, err)
+}
+
+func newExplicitVerifyMessage(message *crypto.PlainMessage, err error) (*ExplicitVerifyMessage, error) {
+	var explicitVerify *ExplicitVerifyMessage
 	if err != nil {
 		castedErr := &crypto.SignatureVerificationError{}
 		isType := goerrors.As(err, castedErr)

helper/mobile_test.go

@@ -54,6 +54,57 @@ func TestMobileSignedMessageDecryption(t *testing.T) {
 	assert.Nil(t, decrypted)
 }
 
+func TestMobileSignedMessageDecryptionWithSessionKey(t *testing.T) {
+	var message = crypto.NewPlainMessageFromString(
+		"The secret code is... 1, 2, 3, 4, 5. I repeat: the secret code is... 1, 2, 3, 4, 5",
+	)
+
+	privateKey, _ := crypto.NewKeyFromArmored(readTestFile("keyring_privateKey", false))
+	// Password defined in base_test
+	privateKey, err := privateKey.Unlock(testMailboxPassword)
+	if err != nil {
+		t.Fatal("Expected no error unlocking privateKey, got:", err)
+	}
+	testPrivateKeyRing, _ := crypto.NewKeyRing(privateKey)
+
+	publicKey, _ := crypto.NewKeyFromArmored(readTestFile("keyring_publicKey", false))
+	testPublicKeyRing, _ := crypto.NewKeyRing(publicKey)
+
+	sk, err := crypto.GenerateSessionKey()
+	if err != nil {
+		t.Fatal("Expected no error generating session key, got:", err)
+	}
+
+	pgpMessage, err := sk.Encrypt(message)
+	if err != nil {
+		t.Fatal("Expected no error when unarmoring, got:", err)
+	}
+
+	decrypted, err := DecryptSessionKeyExplicitVerify(pgpMessage, sk, testPublicKeyRing, crypto.GetUnixTime())
+	if err != nil {
+		t.Fatal("Expected no error when decrypting, got:", err)
+	}
+
+	assert.Exactly(t, constants.SIGNATURE_NO_VERIFIER, decrypted.SignatureVerificationError.Status)
+	assert.Exactly(t, message.GetString(), decrypted.Message.GetString())
+
+	publicKey, _ = crypto.NewKeyFromArmored(readTestFile("keyring_publicKey", false))
+	testPublicKeyRing, _ = crypto.NewKeyRing(publicKey)
+
+	pgpMessage, err = sk.EncryptAndSign(message, testPrivateKeyRing)
+	if err != nil {
+		t.Fatal("Expected no error when encrypting, got:", err)
+	}
+
+	decrypted, err = DecryptSessionKeyExplicitVerify(pgpMessage, sk, testPublicKeyRing, crypto.GetUnixTime())
+	if err != nil {
+		t.Fatal("Expected no error when decrypting, got:", err)
+	}
+
+	assert.Nil(t, decrypted.SignatureVerificationError)
+	assert.Exactly(t, message.GetString(), decrypted.Message.GetString())
+}
+
 func TestGetJsonSHA256FingerprintsV4(t *testing.T) {
 	sha256Fingerprints, err := GetJsonSHA256Fingerprints(readTestFile("keyring_publicKey", false))
 	if err != nil {