// Run starts the engine.
func (e *PGPDecrypt) Run(ctx *Context) (err error) {
e.G().Log.Debug("+ PGPDecrypt::Run")
defer func() {
e.G().Log.Debug("- PGPDecrypt::Run %s", err)
}()
e.G().Log.Debug("| ScanKeys")
sk, err := NewScanKeys(ctx.SecretUI, ctx.IdentifyUI, &e.arg.TrackOptions, e.G())
if err != nil {
return err
}
e.G().Log.Debug("| PGPDecrypt")
e.signStatus, err = libkb.PGPDecrypt(e.arg.Source, e.arg.Sink, sk)
if err != nil {
return err
}
e.G().Log.Debug("| Sink Close")
if err = e.arg.Sink.Close(); err != nil {
return err
}
e.owner = sk.Owner()
if len(e.arg.SignedBy) > 0 {
e.arg.AssertSigned = true
}
if !e.arg.AssertSigned {
e.G().Log.Debug("Not checking signature status (AssertSigned == false)")
return nil
}
e.G().Log.Debug("PGPDecrypt: signStatus: %+v", e.signStatus)
if !e.signStatus.IsSigned {
return libkb.BadSigError{E: "no signature in message"}
}
if !e.signStatus.Verified {
return e.signStatus.SignatureError
}
e.G().Log.Debug("| checkSignedBy")
if err = e.checkSignedBy(ctx); err != nil {
return err
}
if e.signStatus.Entity == nil {
return libkb.NoKeyError{Msg: fmt.Sprintf("In signature verification: no public key found for PGP ID %x", e.signStatus.KeyID)}
}
bundle := libkb.NewPGPKeyBundle(e.signStatus.Entity)
OutputSignatureSuccess(ctx, bundle.GetFingerprint(), e.owner, e.signStatus.SignatureTime)
return nil
}
func sigVer(ss *libkb.SignatureStatus, owner *libkb.User) keybase1.PGPSigVerification {
var res keybase1.PGPSigVerification
if ss.IsSigned {
res.IsSigned = ss.IsSigned
res.Verified = ss.Verified
if owner != nil {
signer := owner.Export()
if signer != nil {
res.Signer = *signer
}
}
if ss.Entity != nil {
bundle := libkb.NewPGPKeyBundle(ss.Entity)
res.SignKey = bundle.Export()
}
}
return res
}
// Run starts the engine.
func (e *PGPDecrypt) Run(ctx *Context) (err error) {
defer e.G().Trace("PGPDecrypt::Run", func() error { return err })()
e.G().Log.Debug("| ScanKeys")
sk, err := NewScanKeys(ctx.SecretUI, e.G())
if err != nil {
return err
}
e.G().Log.Debug("| PGPDecrypt")
e.signStatus, err = libkb.PGPDecrypt(e.G(), e.arg.Source, e.arg.Sink, sk)
if err != nil {
return err
}
e.G().Log.Debug("| Sink Close")
if err = e.arg.Sink.Close(); err != nil {
return err
}
e.owner = sk.Owner()
if len(e.arg.SignedBy) > 0 {
e.arg.AssertSigned = true
}
if !e.signStatus.IsSigned {
if !e.arg.AssertSigned {
return nil
}
return libkb.BadSigError{E: "no signature in message"}
}
if !e.signStatus.Verified {
return e.signStatus.SignatureError
}
// message is signed and verified
if len(e.arg.SignedBy) > 0 {
// identify the SignedBy assertion
arg := NewIdentifyArg(e.arg.SignedBy, false, false)
eng := NewIdentify(arg, e.G())
if err := RunEngine(eng, ctx); err != nil {
return err
}
signByUser := eng.User()
if signByUser == nil {
// this shouldn't happen (engine should return an error in this state)
// but just in case:
return libkb.ErrNilUser
}
if !signByUser.Equal(e.owner) {
return libkb.BadSigError{
E: fmt.Sprintf("Signer %q did not match signed by assertion %q", e.owner.GetName(), e.arg.SignedBy),
}
}
} else {
// identify the signer
arg := NewIdentifyArg(e.owner.GetName(), false, false)
eng := NewIdentify(arg, e.G())
if err := RunEngine(eng, ctx); err != nil {
return err
}
}
if e.signStatus.Entity == nil {
return libkb.NoKeyError{Msg: fmt.Sprintf("In signature verification: no public key found for PGP ID %x", e.signStatus.KeyID)}
}
bundle := libkb.NewPGPKeyBundle(e.G(), e.signStatus.Entity)
OutputSignatureSuccess(ctx, bundle.GetFingerprint(), e.owner, e.signStatus.SignatureTime)
return nil
}