protonmail: make SRP modulus signature failures a warning
Temporarily make signature errors non-fatal because the Go OpenPGP library is missing some features we need: openpgp: unsupported feature: public key algorithm 22 This doesn't really weaken our security since we weren't checking the signature key anyway. To completely fix this issue, we need to upstream the required key algorithm. Fixes https://github.com/emersion/hydroxide/issues/46
This commit is contained in:
parent
8f167410be
commit
93c8007937
|
@ -7,6 +7,7 @@ import (
|
|||
"encoding/base64"
|
||||
"errors"
|
||||
"io"
|
||||
"log"
|
||||
"math/big"
|
||||
|
||||
"golang.org/x/crypto/openpgp"
|
||||
|
@ -22,10 +23,11 @@ func decodeModulus(msg string) ([]byte, error) {
|
|||
return nil, errors.New("invalid modulus signed PGP block")
|
||||
}
|
||||
|
||||
// TODO: check signature key
|
||||
// TODO: check signature and signature key
|
||||
_, err := openpgp.CheckDetachedSignature(nil, bytes.NewReader(block.Plaintext), block.ArmoredSignature.Body)
|
||||
if err != nil && err != openpgperrors.ErrUnknownIssuer {
|
||||
return nil, err
|
||||
//return nil, fmt.Errorf("failed to decode modulus: %v", err)
|
||||
log.Println("warning: failed to check SRP modulus signature:", err)
|
||||
}
|
||||
|
||||
return base64.StdEncoding.DecodeString(string(block.Plaintext))
|
||||
|
|
Loading…
Reference in New Issue