aerc/lib/crypto/gpg/gpgbin/verify.go

package gpgbin

import (
	"bytes"
	"fmt"
	"io"
	"io/ioutil"
	"os"

	"git.sr.ht/~rjarry/aerc/models"
)

// Verify runs gpg --verify. If s is not nil, then gpg interprets the
// arguments as a detached signature
func Verify(m io.Reader, s io.Reader) (*models.MessageDetails, error) {
	args := []string{"--verify"}
	if s != nil {
		// Detached sig, save the sig to a tmp file and send msg over stdin
		sig, err := ioutil.TempFile("", "sig")
		if err != nil {
			return nil, err
		}
		_, _ = io.Copy(sig, s)
		sig.Close()
		defer os.Remove(sig.Name())
		args = append(args, sig.Name(), "-")
	}
	orig, err := ioutil.ReadAll(m)
	if err != nil {
		return nil, err
	}
	g := newGpg(bytes.NewReader(orig), args)
	err = g.cmd.Run()
	if err != nil {
		return nil, fmt.Errorf("gpg: failed to run verification: %w", err)
	}

	out := bytes.NewReader(g.stdout.Bytes())
	md := new(models.MessageDetails)
	err = parse(out, md)
	if err != nil {
		return nil, fmt.Errorf("gpg: failed to parse result: %w", err)
	}

	md.Body = bytes.NewReader(orig)

	return md, nil
}
feat: add gpg integration This commit adds gpg system integration. This is done through two new packages: gpgbin, which handles the system calls and parsing; and gpg which is mostly a copy of emersion/go-pgpmail with modifications to interface with package gpgbin. gpg includes tests for many cases, and by it's nature also tests package gpgbin. I separated these in case an external dependency is ever used for the gpg sys-calls/parsing (IE we mirror how go-pgpmail+openpgp currently are dependencies) Two new config options are introduced: * pgp-provider. If it is not explicitly set to "gpg", aerc will default to it's internal pgp provider * pgp-key-id: (Optionally) specify a key by short or long keyId Signed-off-by: Tim Culverhouse <tim@timculverhouse.com> Acked-by: Koni Marti <koni.marti@gmail.com> Acked-by: Robin Jarry <robin@jarry.cc> 2022-04-25 13:30:44 +00:00			`package gpgbin`

			`import (`
			`"bytes"`
lint: ensure errors are at least logged (errcheck) Signed-off-by: Moritz Poldrack <moritz@poldrack.dev> Acked-by: Robin Jarry <robin@jarry.cc> 2022-07-29 20:31:54 +00:00			`"fmt"`
feat: add gpg integration This commit adds gpg system integration. This is done through two new packages: gpgbin, which handles the system calls and parsing; and gpg which is mostly a copy of emersion/go-pgpmail with modifications to interface with package gpgbin. gpg includes tests for many cases, and by it's nature also tests package gpgbin. I separated these in case an external dependency is ever used for the gpg sys-calls/parsing (IE we mirror how go-pgpmail+openpgp currently are dependencies) Two new config options are introduced: * pgp-provider. If it is not explicitly set to "gpg", aerc will default to it's internal pgp provider * pgp-key-id: (Optionally) specify a key by short or long keyId Signed-off-by: Tim Culverhouse <tim@timculverhouse.com> Acked-by: Koni Marti <koni.marti@gmail.com> Acked-by: Robin Jarry <robin@jarry.cc> 2022-04-25 13:30:44 +00:00			`"io"`
			`"io/ioutil"`
			`"os"`

			`"git.sr.ht/~rjarry/aerc/models"`
			`)`

			`// Verify runs gpg --verify. If s is not nil, then gpg interprets the`
			`// arguments as a detached signature`
			`func Verify(m io.Reader, s io.Reader) (*models.MessageDetails, error) {`
			`args := []string{"--verify"}`
			`if s != nil {`
			`// Detached sig, save the sig to a tmp file and send msg over stdin`
			`sig, err := ioutil.TempFile("", "sig")`
			`if err != nil {`
			`return nil, err`
			`}`
lint: ensure errors are at least logged (errcheck) Signed-off-by: Moritz Poldrack <moritz@poldrack.dev> Acked-by: Robin Jarry <robin@jarry.cc> 2022-07-29 20:31:54 +00:00			`_, _ = io.Copy(sig, s)`
feat: add gpg integration This commit adds gpg system integration. This is done through two new packages: gpgbin, which handles the system calls and parsing; and gpg which is mostly a copy of emersion/go-pgpmail with modifications to interface with package gpgbin. gpg includes tests for many cases, and by it's nature also tests package gpgbin. I separated these in case an external dependency is ever used for the gpg sys-calls/parsing (IE we mirror how go-pgpmail+openpgp currently are dependencies) Two new config options are introduced: * pgp-provider. If it is not explicitly set to "gpg", aerc will default to it's internal pgp provider * pgp-key-id: (Optionally) specify a key by short or long keyId Signed-off-by: Tim Culverhouse <tim@timculverhouse.com> Acked-by: Koni Marti <koni.marti@gmail.com> Acked-by: Robin Jarry <robin@jarry.cc> 2022-04-25 13:30:44 +00:00			`sig.Close()`
			`defer os.Remove(sig.Name())`
			`args = append(args, sig.Name(), "-")`
			`}`
			`orig, err := ioutil.ReadAll(m)`
			`if err != nil {`
			`return nil, err`
			`}`
			`g := newGpg(bytes.NewReader(orig), args)`
lint: ensure errors are at least logged (errcheck) Signed-off-by: Moritz Poldrack <moritz@poldrack.dev> Acked-by: Robin Jarry <robin@jarry.cc> 2022-07-29 20:31:54 +00:00			`err = g.cmd.Run()`
			`if err != nil {`
			`return nil, fmt.Errorf("gpg: failed to run verification: %w", err)`
			`}`
feat: add gpg integration This commit adds gpg system integration. This is done through two new packages: gpgbin, which handles the system calls and parsing; and gpg which is mostly a copy of emersion/go-pgpmail with modifications to interface with package gpgbin. gpg includes tests for many cases, and by it's nature also tests package gpgbin. I separated these in case an external dependency is ever used for the gpg sys-calls/parsing (IE we mirror how go-pgpmail+openpgp currently are dependencies) Two new config options are introduced: * pgp-provider. If it is not explicitly set to "gpg", aerc will default to it's internal pgp provider * pgp-key-id: (Optionally) specify a key by short or long keyId Signed-off-by: Tim Culverhouse <tim@timculverhouse.com> Acked-by: Koni Marti <koni.marti@gmail.com> Acked-by: Robin Jarry <robin@jarry.cc> 2022-04-25 13:30:44 +00:00
			`out := bytes.NewReader(g.stdout.Bytes())`
			`md := new(models.MessageDetails)`
lint: ensure errors are at least logged (errcheck) Signed-off-by: Moritz Poldrack <moritz@poldrack.dev> Acked-by: Robin Jarry <robin@jarry.cc> 2022-07-29 20:31:54 +00:00			`err = parse(out, md)`
			`if err != nil {`
			`return nil, fmt.Errorf("gpg: failed to parse result: %w", err)`
			`}`
feat: add gpg integration This commit adds gpg system integration. This is done through two new packages: gpgbin, which handles the system calls and parsing; and gpg which is mostly a copy of emersion/go-pgpmail with modifications to interface with package gpgbin. gpg includes tests for many cases, and by it's nature also tests package gpgbin. I separated these in case an external dependency is ever used for the gpg sys-calls/parsing (IE we mirror how go-pgpmail+openpgp currently are dependencies) Two new config options are introduced: * pgp-provider. If it is not explicitly set to "gpg", aerc will default to it's internal pgp provider * pgp-key-id: (Optionally) specify a key by short or long keyId Signed-off-by: Tim Culverhouse <tim@timculverhouse.com> Acked-by: Koni Marti <koni.marti@gmail.com> Acked-by: Robin Jarry <robin@jarry.cc> 2022-04-25 13:30:44 +00:00
			`md.Body = bytes.NewReader(orig)`

			`return md, nil`
			`}`