1 files changed, 36 insertions, 8 deletions

diff --git a/openpgp/benches/common/decrypt.rs b/openpgp/benches/common/decrypt.rs
index 536581af..48186ac1 100644
--- a/openpgp/benches/common/decrypt.rs
+++ b/openpgp/benches/common/decrypt.rs
@@ -5,7 +5,7 @@ use openpgp::packet::prelude::*;
 use openpgp::packet::{PKESK, SKESK};
 use openpgp::parse::stream::{
     DecryptionHelper, DecryptorBuilder, MessageLayer, MessageStructure,
-    VerificationError, VerificationHelper,
+    VerificationHelper, VerifierBuilder,
 };
 use openpgp::parse::Parse;
 use openpgp::policy::StandardPolicy;
@@ -85,7 +85,7 @@ pub fn decrypt_with_password(
 // openpgp::parse::stream::Decryptor
 struct CertHelper<'a> {
     sender: Option<&'a Cert>,
-    recipient: &'a Cert,
+    recipient: Option<&'a Cert>,
 }
 
 impl VerificationHelper for CertHelper<'_> {
@@ -104,9 +104,9 @@ impl VerificationHelper for CertHelper<'_> {
         for (i, layer) in structure.into_iter().enumerate() {
             match layer {
                 MessageLayer::Encryption { .. } if i == 0 => (),
-                MessageLayer::Compression { .. } if i == 1 => (),
+                MessageLayer::Compression { .. } if i == 0 || i == 1 => (),
                 MessageLayer::SignatureGroup { ref results }
-                    if i == 1 || i == 2 =>
+                    if i == 0 || i == 1 || i == 2 =>
                 {
                     if !results.iter().any(|r| r.is_ok()) {
                         for result in results {
@@ -118,8 +118,9 @@ impl VerificationHelper for CertHelper<'_> {
                 }
                 _ => {
                     return Err(anyhow::anyhow!(
-                        "Unexpected message structure {:?}",
-                        layer
+                        "Unexpected message structure {:?} at level {}",
+                        layer,
+                        i
                     ))
                 }
             }
@@ -143,6 +144,7 @@ impl DecryptionHelper for CertHelper<'_> {
 
         let cand_secret_keys: Vec<Key<key::SecretParts, key::UnspecifiedRole>> =
             self.recipient
+                .expect("Cannot decrypt without recipient's cert.")
                 .keys()
                 .with_policy(p, None)
                 .for_transport_encryption()
@@ -190,7 +192,7 @@ pub fn decrypt_with_cert(
     // Make a helper that that feeds the password to the decryptor.
     let helper = CertHelper {
         sender: None,
-        recipient: cert,
+        recipient: Some(cert),
     };
 
     // Now, create a decryptor with a helper using the given Certs.
@@ -217,7 +219,7 @@ pub fn decrypt_and_verify(
     // Make a helper that that feeds the password to the decryptor.
     let helper = CertHelper {
         sender: Some(sender),
-        recipient,
+        recipient: Some(recipient),
     };
 
     // Now, create a decryptor with a helper using the given Certs.
@@ -230,3 +232,29 @@ pub fn decrypt_and_verify(
 
     Ok(())
 }
+
+// This is marked as dead_code. Seems that using a function only from within
+// a benchmark loop hides it from the compiler.
+#[allow(dead_code)]
+// Verifies the given message using the given sender's cert.
+pub fn verify(
+    sink: &mut dyn Write,
+    ciphertext: &[u8],
+    sender: &Cert,
+) -> openpgp::Result<()> {
+    // Make a helper that that feeds the sender's cert to the verifier.
+    let helper = CertHelper {
+        sender: Some(sender),
+        recipient: None,
+    };
+
+    // Now, create a verifier with a helper using the given Certs.
+    let p = &StandardPolicy::new();
+    let mut verifier = VerifierBuilder::from_bytes(ciphertext)?
+        .with_policy(p, None, helper)?;
+
+    // Verify the data.
+    std::io::copy(&mut verifier, sink)?;
+
+    Ok(())
+}