Skip to content

Commit

Permalink
Merge pull request #185 from mattosaurus/bug/decrypt-PgpSignatureList
Browse files Browse the repository at this point in the history 
Bug/decrypt pgp signature list
  • Loading branch information
@mattosaurus
mattosaurus authored Nov 16, 2022
2 parents 1ff6058 + df8afc5 commit 61e8d0d
Showing 1 changed file with 63 additions and 54 deletions.
117 changes: 63 additions & 54 deletions PgpCore/PGP.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5039,7 +5039,7 @@ private async Task DecryptAsync(Stream inputStream, Stream outputStream)
PgpObjectFactory objectFactory = new PgpObjectFactory(compDataIn);
message = objectFactory.NextPgpObject();

if (message is PgpOnePassSignatureList)
if (message is PgpOnePassSignatureList || message is PgpSignatureList)
{
message = objectFactory.NextPgpObject();
var literalData = (PgpLiteralData)message;
Expand Down Expand Up @@ -5147,7 +5147,7 @@ private void Decrypt(Stream inputStream, Stream outputStream)
PgpObjectFactory objectFactory = new PgpObjectFactory(compDataIn);
message = objectFactory.NextPgpObject();

if (message is PgpOnePassSignatureList)
if (message is PgpOnePassSignatureList || message is PgpSignatureList)
{
message = objectFactory.NextPgpObject();
PgpLiteralData literalData = (PgpLiteralData)message;
Expand Down Expand Up @@ -5243,9 +5243,6 @@ private async Task DecryptAndVerifyAsync(Stream inputStream, Stream outputStream
PgpOnePassSignature pgpOnePassSignature = pgpOnePassSignatureList[0];
var keyIdToVerify = pgpOnePassSignature.KeyId;

// var verified = EncryptionKeys.ValidationPublicKey.KeyId == pgpOnePassSignature.KeyId ||
// EncryptionKeys.ValidationPublicKey.GetKeySignatures().Cast<PgpSignature>()
// .Select(x => x.KeyId).Contains(pgpOnePassSignature.KeyId);
var verified = Utilities.FindPublicKey(keyIdToVerify, EncryptionKeys.VerificationKeys,
out PgpPublicKey _);
if (verified == false)
Expand All @@ -5259,31 +5256,39 @@ private async Task DecryptAndVerifyAsync(Stream inputStream, Stream outputStream

if (message is PgpCompressedData cData)
{
Stream compDataIn = cData.GetDataStream().DisposeWith(disposables);
PgpObjectFactory objectFactory = new PgpObjectFactory(compDataIn);
message = objectFactory.NextPgpObject();
Stream compDataIn = cData.GetDataStream().DisposeWith(disposables);
PgpObjectFactory objectFactory = new PgpObjectFactory(compDataIn);
message = objectFactory.NextPgpObject();

if (message is PgpOnePassSignatureList pgpOnePassSignatureList)
{
PgpOnePassSignature pgpOnePassSignature = pgpOnePassSignatureList[0];
var keyIdToVerify = pgpOnePassSignature.KeyId;
long? keyIdToVerify = null;

// var verified = EncryptionKeys.ValidationKeys.First().KeyId == pgpOnePassSignature.KeyId || EncryptionKeys.ValidationKeys.First().GetKeySignatures().Cast<PgpSignature>().Select(x => x.KeyId).Contains(pgpOnePassSignature.KeyId);
var verified = Utilities.FindPublicKey(keyIdToVerify, EncryptionKeys.VerificationKeys,
out PgpPublicKey _);
if (verified == false)
throw new PgpException("Failed to verify file.");
if (message is PgpSignatureList pgpSignatureList)
{
keyIdToVerify = pgpSignatureList[0].KeyId;
}
else if (message is PgpOnePassSignatureList pgpOnePassSignatureList)
{
PgpOnePassSignature pgpOnePassSignature = pgpOnePassSignatureList[0];
keyIdToVerify = pgpOnePassSignature.KeyId;
}

message = objectFactory.NextPgpObject();
PgpLiteralData literalData = (PgpLiteralData)message;
Stream unc = literalData.GetInputStream();
await Streams.PipeAllAsync(unc, outputStream);
}
else
{
throw new PgpException("File was not signed.");
}
}
if (keyIdToVerify.HasValue)
{
var verified = Utilities.FindPublicKey(keyIdToVerify.Value, EncryptionKeys.VerificationKeys,
out PgpPublicKey _);
if (verified == false)
throw new PgpException("Failed to verify file.");

message = objectFactory.NextPgpObject();
var literalData = (PgpLiteralData)message;
Stream unc = literalData.GetInputStream();
await Streams.PipeAllAsync(unc, outputStream);
}
else
{
throw new PgpException("File was not signed.");
}
}
else if (message is PgpLiteralData literalData)
{
Stream unc = literalData.GetInputStream();
Expand Down Expand Up @@ -5364,9 +5369,6 @@ private void DecryptAndVerify(Stream inputStream, Stream outputStream)
PgpOnePassSignature pgpOnePassSignature = pgpOnePassSignatureList[0];
var keyIdToVerify = pgpOnePassSignature.KeyId;

// var verified = EncryptionKeys.ValidationPublicKey.KeyId == pgpOnePassSignature.KeyId ||
// EncryptionKeys.ValidationPublicKey.GetKeySignatures().Cast<PgpSignature>()
// .Select(x => x.KeyId).Contains(pgpOnePassSignature.KeyId);
var verified = Utilities.FindPublicKey(keyIdToVerify, EncryptionKeys.VerificationKeys,
out PgpPublicKey _);
if (verified == false)
Expand All @@ -5380,32 +5382,39 @@ private void DecryptAndVerify(Stream inputStream, Stream outputStream)

if (message is PgpCompressedData cData)
{
Stream compDataIn = cData.GetDataStream().DisposeWith(disposables);
PgpObjectFactory objectFactory = new PgpObjectFactory(compDataIn);
message = objectFactory.NextPgpObject();
Stream compDataIn = cData.GetDataStream().DisposeWith(disposables);
PgpObjectFactory objectFactory = new PgpObjectFactory(compDataIn);
message = objectFactory.NextPgpObject();

if (message is PgpOnePassSignatureList pgpOnePassSignatureList)
{
PgpOnePassSignature pgpOnePassSignature = pgpOnePassSignatureList[0];
var keyIdToVerify = pgpOnePassSignature.KeyId;
// var verified = EncryptionKeys.ValidationPublicKey.KeyId == pgpOnePassSignature.KeyId ||
// EncryptionKeys.ValidationPublicKey.GetKeySignatures().Cast<PgpSignature>()
// .Select(x => x.KeyId).Contains(pgpOnePassSignature.KeyId);
var verified = Utilities.FindPublicKey(keyIdToVerify, EncryptionKeys.VerificationKeys,
out PgpPublicKey _);
if (verified == false)
throw new PgpException("Failed to verify file.");
long? keyIdToVerify = null;

message = objectFactory.NextPgpObject();
var literalData = (PgpLiteralData)message;
Stream unc = literalData.GetInputStream();
Streams.PipeAll(unc, outputStream);
}
else
{
throw new PgpException("File was not signed.");
}
}
if (message is PgpSignatureList pgpSignatureList)
{
keyIdToVerify = pgpSignatureList[0].KeyId;
}
else if (message is PgpOnePassSignatureList pgpOnePassSignatureList)
{
PgpOnePassSignature pgpOnePassSignature = pgpOnePassSignatureList[0];
keyIdToVerify = pgpOnePassSignature.KeyId;
}

if (keyIdToVerify.HasValue)
{
var verified = Utilities.FindPublicKey(keyIdToVerify.Value, EncryptionKeys.VerificationKeys,
out PgpPublicKey _);
if (verified == false)
throw new PgpException("Failed to verify file.");

message = objectFactory.NextPgpObject();
var literalData = (PgpLiteralData)message;
Stream unc = literalData.GetInputStream();
Streams.PipeAll(unc, outputStream);
}
else
{
throw new PgpException("File was not signed.");
}
}
else if (message is PgpLiteralData literalData)
{
Stream unc = literalData.GetInputStream();
Expand Down

0 comments on commit 61e8d0d

Please sign in to comment.