diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2020-10-02 15:00:42 +0200 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2020-10-02 15:09:11 +0200 |
commit | 32c1a6f9003beacf7a30af50772eb31601721952 (patch) | |
tree | 90aac4b8b8e4c33f0706467c4e2264ddbae49e66 | |
parent | 3b8046a1493755941f9ddb7f27ca0f6928919b1f (diff) |
openpgp: Add Signature::verify_hash analogous to sign_hash.
-rw-r--r-- | openpgp/src/packet/signature.rs | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/openpgp/src/packet/signature.rs b/openpgp/src/packet/signature.rs index 84b19ae3..6f05e3ac 100644 --- a/openpgp/src/packet/signature.rs +++ b/openpgp/src/packet/signature.rs @@ -2078,6 +2078,34 @@ impl crate::packet::Signature { impl Signature { /// Verifies the signature against `hash`. /// + /// The `hash` should only be computed over the payload, this + /// function hashes in the signature itself before verifying it. + /// + /// Note: Due to limited context, this only verifies the + /// cryptographic signature and checks that the key predates the + /// signature. Further constraints on the signature, like + /// creation and expiration time, or signature revocations must be + /// checked by the caller. + /// + /// Likewise, this function does not check whether `key` can made + /// valid signatures; it is up to the caller to make sure the key + /// is not revoked, not expired, has a valid self-signature, has a + /// subkey binding signature (if appropriate), has the signing + /// capability, etc. + pub fn verify_hash<P, R>(&mut self, key: &Key<P, R>, + mut hash: hash::Context) + -> Result<()> + where P: key::KeyParts, + R: key::KeyRole, + { + self.hash(&mut hash); + let mut digest = vec![0u8; hash.digest_size()]; + hash.digest(&mut digest); + self.verify_digest(key, digest) + } + + /// Verifies the signature against `digest`. + /// /// Note: Due to limited context, this only verifies the /// cryptographic signature and checks that the key predates the /// signature. Further constraints on the signature, like |