Initial implementation of verify methods

horde · Apr 13, 2015 · c99fa0f · c99fa0f
1 parent e12d599
commit c99fa0f
Show file tree

Hide file tree

Showing 7 changed files with 151 additions and 15 deletions.
diff --git a/framework/Pgp/lib/Horde/Pgp.php b/framework/Pgp/lib/Horde/Pgp.php
@@ -257,10 +257,33 @@ public function verify($text, $key)
      */
     public function verifyDetached($text, $sig, $key)
     {
+        if (is_null($sig)) {
+            if ($text instanceof Horde_Pgp_Element) {
+                $data = $text;
+            } else {
+                $armor = new Horde_Pgp_Armor($text);
+                foreach ($armor as $val) {
+                    if (($val instanceof Horde_Pgp_Element_Message) ||
+                        ($val instanceof Horde_Pgp_Element_SignedMessage)) {
+                        $data = $val;
+                        break;
+                    }
+                }
+            }
+        } else {
+            $sig = Horde_Pgp_Element_Signature::create($sig);
+            $data = new Horde_Pgp_Element_SignedMessage(
+                new OpenPGP_Message(array(
+                    new OpenPGP_LiteralDataPacket($text),
+                    $sig->message[0]
+                ))
+            );
+        }
+
         return $this->_runInBackend(
             'verify',
-            array($text, $key, $sig),
-            Horde_Pgp_Translation::t("Could not decrypt PGP data.")
+            array($data, Horde_Pgp_Element_PublicKey::create($key)),
+            Horde_Pgp_Translation::t("Could not verify PGP data.")
         );
     }
 

diff --git a/framework/Pgp/lib/Horde/Pgp/Backend.php b/framework/Pgp/lib/Horde/Pgp/Backend.php
@@ -128,9 +128,14 @@ public function decryptSymmetric($msg, $passphrase)
     }
 
     /**
-     * TODO
+     * Verifies data using a PGP public key.
+     *
+     * @param Horde_Pgp_Element $msg            The text to be verified.
+     * @param Horde_Pgp_Element_PublicKey $key  Public key used for signing.
+     *
+     * @return array  {@see Horde_Pgp#verify()}.
      */
-    public function verify($text, $key, $sig)
+    public function verify($msg, $key)
     {
         throw new BadMethodCallException();
     }

diff --git a/framework/Pgp/lib/Horde/Pgp/Backend/Openpgp.php b/framework/Pgp/lib/Horde/Pgp/Backend/Openpgp.php
@@ -341,4 +341,12 @@ public function decryptSymmetric($msg, $passphrase)
         throw new RunTimeException();
     }
 
+    /**
+     */
+    public function verify($msg, $key)
+    {
+        $verify = new OpenPGP_Crypt_RSA($key->message);
+        return $verify->verify($msg->message);
+    }
+
 }
diff --git a/framework/Pgp/package.xml b/framework/Pgp/package.xml
@@ -352,6 +352,7 @@
        <file name="pgp_public.asc" role="test" />
        <file name="pgp_public_rsa.txt" role="test" />
        <file name="pgp_signature.txt" role="test" />
+       <file name="pgp_signature2.txt" role="test" />
        <file name="pgp_signed.txt" role="test" />
        <file name="pgp_signed2.txt" role="test" />
       </dir> <!-- /test/Horde/Pgp/fixtures -->
@@ -687,9 +688,10 @@
    <install as="Horde/Pgp/fixtures/pgp_public.asc" name="test/Horde/Pgp/fixtures/pgp_public.asc" />
    <install as="Horde/Pgp/fixtures/pgp_public_rsa.txt" name="test/Horde/Pgp/fixtures/pgp_public_rsa.txt" />
    <install as="Horde/Pgp/fixtures/pgp_signature.txt" name="test/Horde/Pgp/fixtures/pgp_signature.txt" />
+   <install as="Horde/Pgp/fixtures/pgp_signature2.txt" name="test/Horde/Pgp/fixtures/pgp_signature2.txt" />
    <install as="Horde/Pgp/fixtures/pgp_signed.txt" name="test/Horde/Pgp/fixtures/pgp_signed.txt" />
    <install as="Horde/Pgp/fixtures/pgp_signed2.txt" name="test/Horde/Pgp/fixtures/pgp_signed2.txt" />
-  </filelist>
+   </filelist>
  </phprelease>
  <changelog>
  </changelog>

diff --git a/framework/Pgp/test/Horde/Pgp/Backend/TestBase.php b/framework/Pgp/test/Horde/Pgp/Backend/TestBase.php
@@ -256,12 +256,84 @@ public function testDecryptSymmetric()
         );
     }
 
-    public function testVerify()
+    /**
+     * @dataProvider verifyProvider
+     */
+    public function testVerify($data, $key)
+    {
+        $out = $this->_pgp->verify($data, $key);
+
+        $this->assertEquals(
+            1,
+            count($out)
+        );
+
+        $this->assertInstanceOf(
+            'OpenPGP_LiteralDataPacket',
+            $out[0][0]
+        );
+
+        $this->assertInstanceOf(
+            'OpenPGP_SignaturePacket',
+            $out[0][1][0]
+        );
+    }
+
+    public function verifyProvider()
+    {
+        return array(
+            // DSA signature
+            array(
+                $this->_getFixture('pgp_signed.txt'),
+                $this->_getFixture('pgp_public.asc')
+            ),
+            // RSA signature
+            array(
+                $this->_getFixture('pgp_signed2.txt'),
+                $this->_getFixture('pgp_public_rsa.txt')
+            )
+        );
+    }
+
+    /**
+     * @dataProvider verifyDetachedProvider
+     */
+    public function testVerifyDetached($data, $sig, $key)
     {
+        $out = $this->_pgp->verifyDetached($data, $sig, $key);
+
+        $this->assertEquals(
+            1,
+            count($out)
+        );
+
+        $this->assertInstanceOf(
+            'OpenPGP_LiteralDataPacket',
+            $out[0][0]
+        );
+
+        $this->assertInstanceOf(
+            'OpenPGP_SignaturePacket',
+            $out[0][1][0]
+        );
     }
 
-    public function testVerifyDetached()
+    public function verifyDetachedProvider()
     {
+        return array(
+            // DSA signature
+            array(
+                $this->_getFixture('clear.txt'),
+                $this->_getFixture('pgp_signature.txt'),
+                $this->_getFixture('pgp_public.asc')
+            ),
+            // RSA signature
+            array(
+                $this->_getFixture('clear.txt'),
+                $this->_getFixture('pgp_signature2.txt'),
+                $this->_getFixture('pgp_public_rsa.txt')
+            )
+        );
     }
 
     /* Helper methods. */

diff --git a/framework/Pgp/test/Horde/Pgp/fixtures/pgp_signature2.txt b/framework/Pgp/test/Horde/Pgp/fixtures/pgp_signature2.txt
@@ -0,0 +1,9 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2
+
+iJwEAAEIAAYFAlUsJNAACgkQLKN6NvePMNbSsAQApsamsOJ5VxB3acZawhxtNC8+
+Oc6D1sxzwpFF/cymXzfav7MOBOCMPSOiNj9F1Sy5NNAOwkK7iaA18t18/mdPrPT/
+vTuptcE/IeuuAadDWyGdGmkZPgwu7U+OCN/iruroLkEDPkDPIaDhX/LDrHqn+VX/
+kf6PNb5xCdbK6asdpD8=
+=Y0Y/
+-----END PGP SIGNATURE-----
diff --git a/framework/Pgp/test/Horde/Pgp/fixtures/pgp_signed2.txt b/framework/Pgp/test/Horde/Pgp/fixtures/pgp_signed2.txt
@@ -1,9 +1,26 @@
------BEGIN PGP MESSAGE-----
-Version: GnuPG v1.4.5 (GNU/Linux)
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA256
 
-owGbwMvMwCRYs9xFbde91dcZT79MYnC5M0XBwNDI2MTUzNzCEj+LKyQjVaGwNDM5
-WyGpKL88TyEtv0IhqzS3oFghvyy1SKEEKJ2TWFWpkJKfrjeqmD6KFSgxeRoVHU10
-KlJUUlmuqqahaWsft2VDgrayrp6Olnq8lbWNXU1dTHV0bC1Xhx0zKzhlwpKqIFPg
-ZIYZfd+39c/3v2Hbbi9tZT5P+o/7eyOGuVJ6rUZsLHVikwvyfuc/2lPb3Cv/CwA=
-=Cw7w
------END PGP MESSAGE-----
+0123456789012345678901234567890123456789
+The quick brown fox jumps over the lazy dog.
+The quick brown fox jumps over the lazy dog.
+The quick brown fox jumps over the lazy dog.
+The quick brown fox jumps over the lazy dog.
+The quick brown fox jumps over the lazy dog.
+The quick brown fox jumps over the lazy dog.
+The quick brown fox jumps over the lazy dog.
+The quick brown fox jumps over the lazy dog.
+The quick brown fox jumps over the lazy dog. The quick brown fox jumps over the lazy dog.
+The quick brown fox jumps over the lazy dog.
+The quick brown fox jumps over the lazy dog.
+0123456789012345678901234567890123456789
+!"$�%&()=?^��`+#-.,*'_:;<>|~\{[]}
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2
+
+iJwEAQEIAAYFAlUsHAIACgkQLKN6NvePMNb6ZwP+OXVnQkFtJx2g6NyWpRD89+cX
+zywqROF4omWZuyuPumywLZtb0HOCQqfJr+brUaFLsvtfkXWAmx6ab26jnGAXQQdh
+oXyzdBpC8G10zYde5yAim3UnySnG7ryhbzEkzhGiENazLtW7HzHc4q/YqN6a6yvH
+fpuaD/X92NdikC5CRiI=
+=vzMe
+-----END PGP SIGNATURE-----