diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2024-02-25 18:17:53 +0100 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2024-02-25 18:22:11 +0100 |
commit | f21016f51ca9f71d519bce5215394d5dadd63df7 (patch) | |
tree | 67d6c54ae4836e2178b71ceab5681134d2a1ff64 /openpgp/src/parse/stream.rs | |
parent | 1cb7f66d9308afd08e5e556f2809513309711355 (diff) |
openpgp: Handle header lines in the cleartext signature framework.
- Fixes #1091.
Diffstat (limited to 'openpgp/src/parse/stream.rs')
-rw-r--r-- | openpgp/src/parse/stream.rs | 54 |
1 files changed, 53 insertions, 1 deletions
diff --git a/openpgp/src/parse/stream.rs b/openpgp/src/parse/stream.rs index 63d42507..e419e14b 100644 --- a/openpgp/src/parse/stream.rs +++ b/openpgp/src/parse/stream.rs @@ -3030,7 +3030,7 @@ pub mod test { use super::*; use std::convert::TryFrom; use crate::parse::Parse; - use crate::policy::StandardPolicy as P; + use crate::policy::{NullPolicy as NP, StandardPolicy as P}; use crate::serialize::Serialize; use crate::{ crypto::Password, @@ -3852,6 +3852,58 @@ EK8= Ok(()) } + /// Tests samples of messages signed with the cleartext signature + /// framework. + #[test] + fn csf_verification() -> Result<()> { + struct H(Vec<Cert>, bool); + impl VerificationHelper for H { + fn get_certs(&mut self, _ids: &[crate::KeyHandle]) + -> Result<Vec<Cert>> { + Ok(std::mem::take(&mut self.0)) + } + + fn check(&mut self, m: MessageStructure) + -> Result<()> { + for (i, layer) in m.into_iter().enumerate() { + assert_eq!(i, 0); + if let MessageLayer::SignatureGroup { results } = layer { + assert!(! results.is_empty()); + for result in results { + result.unwrap(); + } + self.1 = true; + } else { + panic!(); + } + } + + Ok(()) + } + } + + for (m, c) in [ + ("InRelease", "InRelease.signers.pgp"), + ("InRelease.msft", "InRelease.msft.signers.pgp"), + ] { + let certs = crate::cert::CertParser::from_bytes( + crate::tests::key(c))?.collect::<Result<Vec<_>>>()?; + + // The Microsoft cert uses SHA-1. + let p = &NP::new(); + eprintln!("Parsing {}...", m); + let mut verifier = VerifierBuilder::from_bytes( + crate::tests::message(m))? + .with_policy(p, None, H(certs, false))?; + let mut b = Vec::new(); + verifier.read_to_end(&mut b)?; + let h = verifier.into_helper(); + assert!(h.1); + } + + Ok(()) + } + /// Tests whether messages using the cleartext signature framework /// with multiple signatures and signers are correctly handled. #[test] |