Closed lubux closed 9 months ago
Thanks for the review. The update includes the following changes:
Currently, the SOP interoperability test suite fails due to the removal of armor checksums. It seems that GnuPG does not accept such messages without a checksum for detachable signature verification.
Fails to verify with GnuPG:
-----BEGIN PGP SIGNATURE-----
Version: GopenPGP 2.6.1
Comment: https://gopenpgp.org
wsDzBAABCgAnBQJkQRqPCZD7/MgqAV5zMBYhBNGmbhojsYLJmA94jPv8yCoBXnMw
AAD96wv9H138x1JuuuUu5qPCJiZZnZyC0H7z9IA3tlc6TtpMKBlATTQWMVA0m2bh
D9IwZit4W0Qvfih4o04eZBkQDGvzBsJQ0F63GQCyIHfEBbl2UlMmG8sR1qaqCD9E
qD4PN8S9kAi/+B0ntaH7EUW835GscdgwaC/v2uDXiiW/01jzCs0HrD/7Yi26SI4+
Ytp11ots5ySVAq6E+JtNwJ6IRGy+T6wRUZ+D5Y9UaxFoavG1S0N7QFauxcBa4Yn8
qjh03/vyQSzjkV6MwCIwNI7k4Q+FddzbbXn45xNjmHLkwu5qOuvm52K24V298lbi
wpZRhe+FUTz/uQxsUu2/sKrVmCygVk2BDJ+mKQH1Xg9Zd41V3TEivjOwosuSjj2K
LhPXwLDAB8/nw51S//uIO9YErn8tqB44zH7yASw8C+TQ/vjL+GAUhAnNS/DO1w6l
qa1D/osXcDLQF8sIlwqZFiRbx7ARAjFWu6EQr86HBYCuVJ0Dcn++2axKga6VcFDl
GDsGmvRk
-----END PGP SIGNATURE-----
Verifies with GnuPG:
-----BEGIN PGP SIGNATURE-----
Version: GopenPGP 2.6.1
Comment: https://gopenpgp.org
wsDzBAABCgAnBQJkQRqPCZD7/MgqAV5zMBYhBNGmbhojsYLJmA94jPv8yCoBXnMw
AAD96wv9H138x1JuuuUu5qPCJiZZnZyC0H7z9IA3tlc6TtpMKBlATTQWMVA0m2bh
D9IwZit4W0Qvfih4o04eZBkQDGvzBsJQ0F63GQCyIHfEBbl2UlMmG8sR1qaqCD9E
qD4PN8S9kAi/+B0ntaH7EUW835GscdgwaC/v2uDXiiW/01jzCs0HrD/7Yi26SI4+
Ytp11ots5ySVAq6E+JtNwJ6IRGy+T6wRUZ+D5Y9UaxFoavG1S0N7QFauxcBa4Yn8
qjh03/vyQSzjkV6MwCIwNI7k4Q+FddzbbXn45xNjmHLkwu5qOuvm52K24V298lbi
wpZRhe+FUTz/uQxsUu2/sKrVmCygVk2BDJ+mKQH1Xg9Zd41V3TEivjOwosuSjj2K
LhPXwLDAB8/nw51S//uIO9YErn8tqB44zH7yASw8C+TQ/vjL+GAUhAnNS/DO1w6l
qa1D/osXcDLQF8sIlwqZFiRbx7ARAjFWu6EQr86HBYCuVJ0Dcn++2axKga6VcFDl
GDsGmvRk
=s/ni
-----END PGP SIGNATURE-----
OK, thanks for the summary. Maybe let's still generate the checksum for armored detached v4 signatures, then.
I changed the API such that armor.Encode(...)
produces a checksum for now. To produce an armored message without a checksum, one has to use armor.EncodeWithoutChecksum(...)
This pull request implements most of the missing features described in the crypto refresh. The following features are added: