Skip to content

Commit

Permalink
Canonicalize PGP/MIME content before verifying signatures
Browse files Browse the repository at this point in the history 
Before verifying signatures of PGP/MIME messages we need to canonicalize
the content
  • Loading branch information
M. Thiercelin committed Mar 17, 2022
1 parent 41eb732 commit 5c5666e
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion crypto/signature_collector.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ import (
"net/textproto"

pgpErrors "github.com/ProtonMail/go-crypto/openpgp/errors"
"github.com/ProtonMail/gopenpgp/v2/internal"

"github.com/ProtonMail/go-crypto/openpgp"
"github.com/ProtonMail/go-crypto/openpgp/packet"
Expand Down Expand Up @@ -98,7 +99,8 @@ func (sc *SignatureCollector) Accept(
}
sc.signature = string(buffer)
str, _ := ioutil.ReadAll(rawBody)
rawBody = bytes.NewReader(str)
canonicalizedBody := internal.CanonicalizeAndTrim(string(str))
rawBody = bytes.NewReader([]byte(canonicalizedBody))
if sc.keyring != nil {
_, err = openpgp.CheckArmoredDetachedSignature(sc.keyring, rawBody, bytes.NewReader(buffer), sc.config)

Expand Down

0 comments on commit 5c5666e

Please sign in to comment.