lysann/passforios-gopenpgp
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix verification of signature for PGP/MIME messages

Browse source 
We fix the verification of embedded and PGM/MIME signatures
when decrypting PGP/MIME messages.
This commit is contained in:
marin thiercelin 2021-12-15 11:01:04 +01:00
parent b97b3d886b
commit e2f03af655
No known key found for this signature in database
GPG key ID: 117C025B1F21B2C6
17 changed files with 749 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

14
crypto/signature_collector.go
View file

@ -7,6 +7,8 @@ import (
"mime"
"net/textproto"
pgpErrors "github.com/ProtonMail/go-crypto/openpgp/errors"
"github.com/ProtonMail/go-crypto/openpgp"
"github.com/ProtonMail/go-crypto/openpgp/packet"
gomime "github.com/ProtonMail/go-mime"
@ -40,6 +42,7 @@ func (sc *SignatureCollector) Accept(
parentMediaType, params, _ := mime.ParseMediaType(header.Get("Content-Type"))
if parentMediaType != "multipart/signed" {
sc.verified = newSignatureNotSigned()
return sc.target.Accept(part, header, hasPlainSibling, isFirst, isLast)
}
@ -97,12 +100,15 @@ func (sc *SignatureCollector) Accept(
str, _ := ioutil.ReadAll(rawBody)
rawBody = bytes.NewReader(str)
if sc.keyring != nil {
_, err = openpgp.CheckArmoredDetachedSignature(sc.keyring, rawBody, bytes.NewReader(buffer), sc.config)
_, err := openpgp.CheckArmoredDetachedSignature(sc.keyring, rawBody, bytes.NewReader(buffer), sc.config)
if err != nil {
sc.verified = newSignatureFailed()
} else {
switch {
case err == nil:
sc.verified = nil
case errors.Is(err, pgpErrors.ErrUnknownIssuer):
sc.verified = newSignatureNoVerifier()
default:
sc.verified = newSignatureFailed()
}
} else {
sc.verified = newSignatureNoVerifier()