Using the notation data packets of signatures, we add a way to
set a context to detached signatures.
We also add a way to enforce that signatures have the right context
during verification.
Instead of parsing the signature packets manually, use the signature
packet returned by VerifyDetachedSignatureAndHash to get the
signature creation time.
When decrypting message, we have to use verifyTime in the config
otherwise signatures not valid at verifyTime but valid at Now()
will be seen as valid.
* barebone streaming functionality
* encryption needs to return a writecloser
* added eof check
* workaround for reader problem with copies
* separate mobile wrappers from main api
* add a clone in the read result to avoid memory corruption
* refactor to reuse code, and fix verification
* have to give the verify key at the start of the decryption
* enfore readAll before signature verification
* streaming api for SessionKey
* add split message stream apis
* name interface params
* fix streaming api so it's supported by go-mobile
* hide internal writeCloser
* fix nil access
* added detached sigs methods
* started unit testing
* unit testing and fixed a bug where key and data packets where inverted
* remove unecessary error wrapping
* figured out closing order and error handling
* add GC calls to mobile writer and reader
* remove debugging values and arrays
* writer with builtin sha256
* unit testing the mobile helpers
* comments and linting
* Typo in error
Co-authored-by: wussler <aron@wussler.it>
* Add GetKeyPacket doc
Co-authored-by: wussler <aron@wussler.it>
* Add rfc reference in comments
Co-authored-by: wussler <aron@wussler.it>
* small improvements
* add compatibility tests with normal methods
* remove unecessary copies in the tests
* update go-crypto to the merged changes commit
* update comments of core internal functions
* remove unused nolint comment
* group message metadata in a struct
* fix comments
* change default values for metadata
* change the mobile reader wrapper to fit the behavior of java
* remove gc calls in the wrappers to avoid performance penalties
* bring back the former Go2MobileReader to be used for ios
* Update crypto/keyring_streaming.go
Co-authored-by: wussler <aron@wussler.it>
* return an error when verifying an embedded sig with no keyring
* Update crypto/sessionkey_streaming.go
Co-authored-by: wussler <aron@wussler.it>
* linter error
* update changelog
* update changelog
Co-authored-by: wussler <aron@wussler.it>
* add signcryption methods to the keyrings
* added signing and verifying keyrings
* added nil checks
* added unit test for signcrypt
* updated changelog
* switched the keyrings in the api
* update the error messages
* changed the names of the keyRing variable
* Reduce complexity of SignatureCollector.Accept
* Add stylecheck linter, and lint accordingly
* Rephrase some comments
* godot - Top level comments should end with a dot.
* nestif - Reduce nested complexity of code
* Review changes
Co-authored-by: Aron Wussler <aron@wussler.it>
* Refactor library, remove duplicates
* Rebuild structure to use Messages and Signature models
* Use PGPSplitMessage
* Remove signature model
* Various fixes
* Add helpers with tests
* Fixes, add some docs, add tests
* Add attachment helpers
* Add helpers Symmetric encryption
* Edit docs + examples
* Rename kr to keyRing
* Various fixes for documentation
* Edit JSON handling functions, add decrypt keyring via token
* Add proposal changes doc
* Fix CI
* Drop *Message functions, join CleartextMessage and BinaryMessage
* Change canonicalization and trimming only to text signatures
* Add cleartextsignature, detach signature from message model, move helpers
* Documentation, remove optional parameters
* Move verification to separate model
* Don't return message in VerifyDetached
* Update table of contents in readme
* Appease golint
* Run go fmt
* Rename Encrypt/DecryptMessageWithPassword to ..WithToken
These functions shouldn't be used with user-provided passwords,
as they don't do any key-stretching.
* Change key generation usernames
