lysann/passforios-gopenpgp
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add signcryption methods to the keyrings (#109)

Browse source 
* add signcryption methods to the keyrings

* added signing and verifying keyrings

* added nil checks

* added unit test for signcrypt

* updated changelog

* switched the keyrings in the api

* update the error messages

* changed the names of the keyRing variable
This commit is contained in:
marinthiercelin 2020-12-17 03:58:25 -08:00 committed by GitHub
parent a42d48a203
commit e0deea82a3
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 64 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

8
CHANGELOG.md
View file

@ -4,6 +4,14 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [Unreleased]
### Added
- Methods for generating an verifying encrypted detached signatures
```go
(signingKeyRing *KeyRing) SignDetachedEncrypted(message *PlainMessage, encryptionKeyRing *KeyRing) (encryptedSignature *PGPMessage, err error)
(verifyingKeyRing *KeyRing) VerifyDetachedEncrypted(message *PlainMessage, encryptedSignature *PGPMessage, decryptionKeyRing *KeyRing, verifyTime int64) error
```
## [2.1.3] 2020-12-09 ## [2.1.3] 2020-12-09
### Added ### Added
- `helper.FreeOSMemory()` to explicitly call the GC and release the memory to the OS - `helper.FreeOSMemory()` to explicitly call the GC and release the memory to the OS

32
crypto/keyring_message.go
View file

@ -76,7 +76,7 @@ func (keyRing *KeyRing) SignDetached(message *PlainMessage) (*PGPSignature, erro
return NewPGPSignature(outBuf.Bytes()), nil return NewPGPSignature(outBuf.Bytes()), nil
} }
// VerifyDetached verifies a PlainMessage with embedded a PGPSignature // VerifyDetached verifies a PlainMessage with a detached PGPSignature
// and returns a SignatureVerificationError if fails. // and returns a SignatureVerificationError if fails.
func (keyRing *KeyRing) VerifyDetached(message *PlainMessage, signature *PGPSignature, verifyTime int64) error { func (keyRing *KeyRing) VerifyDetached(message *PlainMessage, signature *PGPSignature, verifyTime int64) error {
return verifySignature( return verifySignature(
@ -87,6 +87,36 @@ func (keyRing *KeyRing) VerifyDetached(message *PlainMessage, signature *PGPSign
) )
} }
// SignDetachedEncrypted generates and returns a PGPMessage
// containing an encrypted detached signature for a given PlainMessage.
func (keyRing *KeyRing) SignDetachedEncrypted(message *PlainMessage, encryptionKeyRing *KeyRing) (encryptedSignature *PGPMessage, err error) {
if encryptionKeyRing == nil {
return nil, errors.New("gopenpgp: no encryption key ring provided")
}
signature, err := keyRing.SignDetached(message)
if err != nil {
return nil, err
}
plainMessage := NewPlainMessage(signature.GetBinary())
encryptedSignature, err = encryptionKeyRing.Encrypt(plainMessage, nil)
return
}
// VerifyDetachedEncrypted verifies a PlainMessage
// with a PGPMessage containing an encrypted detached signature
// and returns a SignatureVerificationError if fails.
func (keyRing *KeyRing) VerifyDetachedEncrypted(message *PlainMessage, encryptedSignature *PGPMessage, decryptionKeyRing *KeyRing, verifyTime int64) error {
if decryptionKeyRing == nil {
return errors.New("gopenpgp: no decryption key ring provided")
}
plainMessage, err := decryptionKeyRing.Decrypt(encryptedSignature, nil, 0)
if err != nil {
return err
}
signature := NewPGPSignature(plainMessage.GetBinary())
return keyRing.VerifyDetached(message, signature, verifyTime)
}
// ------ INTERNAL FUNCTIONS ------- // ------ INTERNAL FUNCTIONS -------
// Core for encryption+signature functions. // Core for encryption+signature functions.

25
crypto/keyring_test.go
View file

@ -197,3 +197,28 @@ func TestClearPrivateParams(t *testing.T) {
assert.False(t, key.ClearPrivateParams()) assert.False(t, key.ClearPrivateParams())
} }
} }
func TestEncryptedDetachedSignature(t *testing.T) {
keyRingPrivate, err := keyRingTestPrivate.Copy()
if err != nil {
t.Fatal("Expected no error while copying keyring, got:", err)
}
keyRingPublic, err := keyRingTestPublic.Copy()
if err != nil {
t.Fatal("Expected no error while copying keyring, got:", err)
}
message := NewPlainMessageFromString("Hello World!")
encSign, err := keyRingPrivate.SignDetachedEncrypted(message, keyRingPublic)
if err != nil {
t.Fatal("Expected no error while encryptedSigning, got:", err)
}
err = keyRingPublic.VerifyDetachedEncrypted(message, encSign, keyRingPrivate, 0)
if err != nil {
t.Fatal("Expected no error while verifying encSignature, got:", err)
}
message2 := NewPlainMessageFromString("Bye!")
err = keyRingPublic.VerifyDetachedEncrypted(message2, encSign, keyRingPrivate, 0)
if err == nil {
t.Fatal("Expected an error while verifying bad encSignature, got nil")
}
}