dkforest

A forum and chat platform (onion)
git clone https://git.dasho.dev/n0tr1v/dkforest.git
Log | Files | Refs | LICENSE
commit a759293f55aa611db926bfbe95b01fee0affccb7
parent 2d78fbc081fc806beca03c6a290084d04b17c60e
Author: n0tr1v <n0tr1v@protonmail.com>
Date:   Fri,  2 Dec 2022 22:37:51 -0500

simplify code

Diffstat:

Mpkg/utils/utils.go | 15+++++++--------


Mpkg/web/handlers/handlers.go | 6++----


2 files changed, 9 insertions(+), 12 deletions(-)

diff --git a/pkg/utils/utils.go b/pkg/utils/utils.go
@@ -373,18 +373,17 @@ func getGCMKeyBytes(keyBytes []byte) (cipher.AEAD, int, error) {
 	return gcm, nonceSize, nil
 }
 
-func PgpCheckSignMessage(pkey, msg, signature string) error {
+func PgpCheckSignMessage(pkey, msg, signature string) bool {
 	keyring, err := openpgp.ReadArmoredKeyRing(strings.NewReader(pkey))
 	if err != nil {
-		return errors.New("invalid public key")
+		return false
 	}
-	if _, err = openpgp.CheckArmoredDetachedSignature(keyring, strings.NewReader(msg), strings.NewReader(signature), nil); err != nil {
-		// Text editors often add an extra line break, so let's check with and without it.
-		if _, err = openpgp.CheckArmoredDetachedSignature(keyring, strings.NewReader(msg + "\n"), strings.NewReader(signature), nil); err != nil {
-			return err
-		}
+	verify := func(msg string) bool {
+		_, err := openpgp.CheckArmoredDetachedSignature(keyring, strings.NewReader(msg), strings.NewReader(signature), nil)
+		return err == nil
 	}
-	return nil
+	// Text editors often add an extra line break, so let's check with and without it.
+	return verify(msg) || verify(msg+"\n")
 }
 
 func PgpDecryptMessage(secretKey, msg string) (string, error) {
diff --git a/pkg/web/handlers/handlers.go b/pkg/web/handlers/handlers.go
@@ -484,8 +484,7 @@ func SessionsGpgSignTwoFactorHandler(c echo.Context) error {
 	data.ToBeSignedMessage = c.Request().PostFormValue("to_be_signed_message")
 	data.SignedMessage = c.Request().PostFormValue("signed_message")
 
-	if err := utils.PgpCheckSignMessage(token.PKey, token.Value, data.SignedMessage); err != nil {
-		logrus.Error(err)
+	if !utils.PgpCheckSignMessage(token.PKey, token.Value, data.SignedMessage) {
 		data.ErrorSignedMessage = "invalid signature"
 		return c.Render(http.StatusOK, "sessions-gpg-sign-two-factor", data)
 	}
@@ -3384,8 +3383,7 @@ func AddPGPHandler(c echo.Context) error {
 			if data.GpgMode {
 				data.ToBeSignedMessage = c.Request().PostFormValue("to_be_signed_message")
 				data.SignedMessage = c.Request().PostFormValue("signed_message")
-				if err := utils.PgpCheckSignMessage(token.PKey, token.Value, data.SignedMessage); err != nil {
-					logrus.Error(err)
+				if !utils.PgpCheckSignMessage(token.PKey, token.Value, data.SignedMessage) {
 					data.ErrorSignedMessage = "invalid signature"
 					return c.Render(http.StatusOK, "pgp_code", data)
 				}