search

openpgpjs / sop-openpgpjs

Other
2 stars 1 forks source link

`sop verify` fails over binary data #20

Closed dkg closed 4 hours ago

dkg commented 1 day ago

I'm working from the sop-openpgpjs git main branch, at commit d931bdba2146a869f40f4160e5c8532bcc24c7e8. I built it on debian unstable using npm i.

 dkg@unstable-amd64:~/src/sop/test-data$ ~/src/openpgpjs/sop-openpgpjs/sop-openpgp.js version --extended
sop-openpgp.js 2.0.0
OpenPGP.js 6.0.0
Running on Node.js v20.18.0
0 dkg@unstable-amd64:~/src/sop/test-data$ cat alice.cert
-----BEGIN PGP PUBLIC KEY BLOCK-----
Comment: 92A8 434C 1D16 556F 4B20  6C05 1934 6908 35AB 9FA1
Comment: alice

xjMEZz5l/BYJKwYBBAHaRw8BAQdAGgb1ID2yC2Jr0cXkLTQHbrbnxI1EfkUNsB+f
PFpgf/TCwAsEHxYKAH0Fgmc+ZfwDCwkHCRAZNGkINaufoUcUAAAAAAAeACBzYWx0
QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmdDOB9aVRIG/rCADP0LpFeg5+XQi5op
dari3YsjW1hzWwMVCggCmwECHgEWIQSSqENMHRZVb0sgbAUZNGkINaufoQAAtmcB
AIObqtqk3Ye1xpLn7/XmUcSkCB0oR3pvndbGL1hxJPaZAQCUkGme6twhLrI8O7Ix
mZ+xPxUO93Sy+/h+GkAcRQxPCM0FYWxpY2XCwA4EExYKAIAFgmc+ZfwDCwkHCRAZ
NGkINaufoUcUAAAAAAAeACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmfS
z3TEdOSKfwA14+uYJl0G/CZXsV4ZfbEeC+YEFdj6egMVCggCmQECmwECHgEWIQSS
qENMHRZVb0sgbAUZNGkINaufoQAAxekBALLC43GjVk1xUowJ9DJvNXvGxGVuw/Gw
mX7y3JURT7mhAP0V9PqsGWIb2GsgBMUme/ag8ijOzYQ55JlB/joO5HLUB84zBGc+
ZfwWCSsGAQQB2kcPAQEHQDL8Qxlw2SK/M4CfrXjWe6pdqvcuakMWbTzYDi1F5Ku7
wsC/BBgWCgExBYJnPmX8CRAZNGkINaufoUcUAAAAAAAeACBzYWx0QG5vdGF0aW9u
cy5zZXF1b2lhLXBncC5vcmcLAHYP5upJBLInUm+izavorog5Yihw1DolVp1XT7mm
1wKbAr6gBBkWCgBvBYJnPmX8CRA93VFsvpRx2UcUAAAAAAAeACBzYWx0QG5vdGF0
aW9ucy5zZXF1b2lhLXBncC5vcmej5B71K6gZ7rEEPo4e+Y6SCKFWNVgnoP3av8hU
+pdaFhYhBPzWPxGoo+LW6Cv8VT3dUWy+lHHZAADdQgEAkJAsEE0vgBqUTOTtrZbm
uKJkLMm1gr1hEAhWtUSH3ZoBANub9gCe7t1KWqW35hYHVagvZ5VAzoFqtM9Tfxw4
D1ALFiEEkqhDTB0WVW9LIGwFGTRpCDWrn6EAAE0xAQCSDBW6oJ6uMLa4p/C81tY1
AQ3algBrQdLPYMLGwi/exgD/cn5WZO5sihozY7RsYCJh2ZKzSaWaPLUd2ozKMxe6
wwo=
=0XMj
-----END PGP PUBLIC KEY BLOCK-----
0 dkg@unstable-amd64:~/src/sop/test-data$ cat msg.binary.alice.sig
-----BEGIN PGP SIGNATURE-----

wr0EABYKAG8Fgmc+ZjkJED3dUWy+lHHZRxQAAAAAAB4AIHNhbHRAbm90YXRpb25z
LnNlcXVvaWEtcGdwLm9yZxU011z0eDCdcyxsKX4FBNZGBwD8dIrHqIjJzlN3+ALt
FiEE/NY/Eaij4tboK/xVPd1RbL6UcdkAADMpAP9uRR3vphEexxx0a6/vr6kCii/Q
hFvkjW70qVf/9HfdsgD/bbhXoJY40cJo464i85R9ZmxcTpopl2w1W++d4on5vAU=
=+ZHw
-----END PGP SIGNATURE-----
0 dkg@unstable-amd64:~/src/sop/test-data$ base64 < msg.binary
AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4vMDEyMzQ1Njc4
OTo7PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWltcXV5fYFNPUFYgaXMgdGhlIFN0YXRl
bGVzcyBPcGVuUEdQIFZlcmlmaWNhdGlvbiBTdWJzZXTimaVhYmNkZWZnaGlqa2xtbm9wcXJzdHV2
d3h5ent8fX5/gIGCg4SFhoeIiYqLjI2Oj5CRkpOUlZaXmJmam5ydnp+goaKjpKWmp6ipqqusra6v
sLGys7S1tre4ubq7vL2+v8DBwsPExcbHyMnKy8zNzs/Q0dLT1NXW19jZ2tvc3d7f4OHi4+Tl5ufo
6err7O3u7/Dx8vP09fb3+Pn6+/z9/v8=
0 dkg@unstable-amd64:~/src/sop/test-data$ ~/src/openpgpjs/sop-openpgpjs/sop-openpgp.js verify msg.binary.alice.sig alice.cert < msg.binary
Signed digest did not match
3 dkg@unstable-amd64:~/src/sop/test-data$
dkg commented 1 day ago

i note that sop inline-verify does seem to work with OpenPGP messages with binary data -- it seems to only be an issue for detached signatures.