Only verify and get the time stamp of the first signature packet

If the detached signature has several packets, GetVerifiedSignatureTimestamp() only verifies and returns the timestamp of the first packet
ProtonMail · Dec 20, 2021 · 7fd793d · 7fd793d
1 parent a648a38
commit 7fd793d
Showing 1 changed file with 21 additions and 2 deletions.
diff --git a/crypto/keyring_message.go b/crypto/keyring_message.go
@@ -122,11 +122,30 @@ func (keyRing *KeyRing) VerifyDetachedEncrypted(message *PlainMessage, encrypted
 // returns the creation time of the signature if it succeeds
 // and returns a SignatureVerificationError if fails.
 func (keyRing *KeyRing) GetVerifiedSignatureTimestamp(message *PlainMessage, signature *PGPSignature, verifyTime int64) (int64, error) {
-	err := keyRing.VerifyDetached(message, signature, verifyTime)
+	packets := packet.NewReader(bytes.NewReader(signature.Data))
+	p, err := packets.Next()
+	if err != nil {
+		return 0, errors.Wrap(err, "gopenpgp: can't parse signature")
+	}
+	sigPacket, ok := p.(*packet.Signature)
+	if !ok {
+		return 0, errors.New("gopenpgp: non signature packet found")
+	}
+	var outBuf bytes.Buffer
+	err = sigPacket.Serialize(&outBuf)
+	if err != nil {
+		return 0, errors.Wrap(err, "gopenpgp: can't serialize signature packet")
+	}
+	err = verifySignature(
+		keyRing.entities,
+		message.NewReader(),
+		outBuf.Bytes(),
+		verifyTime,
+	)
 	if err != nil {
 		return 0, err
 	}
-	return signature.getCreationTime()
+	return sigPacket.CreationTime.Unix(), nil
 }
 
 // ------ INTERNAL FUNCTIONS -------