carddav: fix signature verification in ContactCard.Read
This commit is contained in:
parent
1680bd1a0e
commit
e8ff91c542
|
@ -33,7 +33,7 @@ func formatCard(card vcard.Card, privateKey *openpgp.Entity) (*protonmail.Contac
|
||||||
i := 1
|
i := 1
|
||||||
for _, email := range card[vcard.FieldEmail] {
|
for _, email := range card[vcard.FieldEmail] {
|
||||||
if email.Group == "" {
|
if email.Group == "" {
|
||||||
email.Group = strconv.Itoa(i)
|
email.Group = "item" + strconv.Itoa(i)
|
||||||
i++
|
i++
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -149,6 +149,33 @@ func entityPrimaryKey(e *openpgp.Entity) *openpgp.Key {
|
||||||
return &openpgp.Key{e, e.PrimaryKey, e.PrivateKey, selfSig}
|
return &openpgp.Key{e, e.PrimaryKey, e.PrivateKey, selfSig}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
type detachedSignatureReader struct {
|
||||||
|
md *openpgp.MessageDetails
|
||||||
|
body io.Reader
|
||||||
|
signed bytes.Buffer
|
||||||
|
signature io.Reader
|
||||||
|
keyring openpgp.KeyRing
|
||||||
|
eof bool
|
||||||
|
}
|
||||||
|
|
||||||
|
func (r *detachedSignatureReader) Read(p []byte) (n int, err error) {
|
||||||
|
// TODO: check signature and decrypt at the same time
|
||||||
|
|
||||||
|
n, err = r.body.Read(p)
|
||||||
|
if err == io.EOF && !r.eof {
|
||||||
|
// Check signature
|
||||||
|
signer, signatureError := openpgp.CheckArmoredDetachedSignature(r.keyring, &r.signed, r.signature)
|
||||||
|
r.md.IsSigned = true
|
||||||
|
r.md.SignatureError = signatureError
|
||||||
|
if signer != nil {
|
||||||
|
r.md.SignedByKeyId = signer.PrimaryKey.KeyId
|
||||||
|
r.md.SignedBy = entityPrimaryKey(signer)
|
||||||
|
}
|
||||||
|
r.eof = true
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
func (card *ContactCard) Read(keyring openpgp.KeyRing) (*openpgp.MessageDetails, error) {
|
func (card *ContactCard) Read(keyring openpgp.KeyRing) (*openpgp.MessageDetails, error) {
|
||||||
if !card.Type.Encrypted() {
|
if !card.Type.Encrypted() {
|
||||||
md := &openpgp.MessageDetails{
|
md := &openpgp.MessageDetails{
|
||||||
|
@ -178,17 +205,23 @@ func (card *ContactCard) Read(keyring openpgp.KeyRing) (*openpgp.MessageDetails,
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
var r io.Reader = ciphertextBlock.Body
|
md, err := openpgp.ReadMessage(ciphertextBlock.Body, keyring, nil, nil)
|
||||||
|
if err != nil {
|
||||||
if card.Type.Signed() {
|
return nil, err
|
||||||
sigBlock, err := armor.Decode(strings.NewReader(card.Signature))
|
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
r = io.MultiReader(r, sigBlock.Body)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return openpgp.ReadMessage(r, keyring, nil, nil)
|
if card.Type.Signed() {
|
||||||
|
r := &detachedSignatureReader{
|
||||||
|
md: md,
|
||||||
|
signature: strings.NewReader(card.Signature),
|
||||||
|
keyring: keyring,
|
||||||
|
}
|
||||||
|
r.body = io.TeeReader(md.UnverifiedBody, &r.signed)
|
||||||
|
|
||||||
|
md.UnverifiedBody = r
|
||||||
|
}
|
||||||
|
|
||||||
|
return md, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
type ContactExport struct {
|
type ContactExport struct {
|
||||||
|
|
Loading…
Reference in New Issue