Added PGP verify operation

Added some more metadata to decrypt & verify
Fixes gchq/CyberChef#581
This commit is contained in:
Matt 2019-06-27 16:48:03 +01:00
parent ca9bab5d4c
commit 4c27a46d35
No known key found for this signature in database
GPG Key ID: 2DD462FE98BF38C2
2 changed files with 114 additions and 2 deletions

View File

@ -93,7 +93,7 @@ class PGPDecryptAndVerify extends Operation {
text += `${signer.username} `;
}
if (signer.comment) {
text += `${signer.comment} `;
text += `(${signer.comment}) `;
}
if (signer.email) {
text += `<${signer.email}>`;
@ -102,7 +102,8 @@ class PGPDecryptAndVerify extends Operation {
}
text += [
`PGP fingerprint: ${km.get_pgp_fingerprint().toString("hex")}`,
`Signed on ${new Date(ds.sig.hashed_subpackets[0].time * 1000).toUTCString()}`,
`PGP key ID: ${km.get_pgp_short_key_id()}`,
`Signed on ${new Date(ds.sig.when_generated() * 1000).toUTCString()}`,
"----------------------------------\n"
].join("\n");
text += unboxedLiterals.toString();

View File

@ -0,0 +1,111 @@
/**
* @author Matt C [me@mitt.dev]
* @copyright Crown Copyright 2019
* @license Apache-2.0
*/
import Operation from "../Operation";
import OperationError from "../errors/OperationError";
import kbpgp from "kbpgp";
import { ASP, importPublicKey } from "../lib/PGP";
import * as es6promisify from "es6-promisify";
const promisify = es6promisify.default ? es6promisify.default.promisify : es6promisify.promisify;
/**
* PGP Verify operation
*/
class PGPVerify extends Operation {
/**
* PGPVerify constructor
*/
constructor() {
super();
this.name = "PGP Verify";
this.module = "PGP";
this.description = [
"Input: the ASCII-armoured encrypted PGP message you want to verify.",
"<br><br>",
"Argument: the ASCII-armoured PGP public key of the signer",
"<br><br>",
"This operation uses PGP to decrypt a clearsigned message.",
"<br><br>",
"Pretty Good Privacy is an encryption standard (OpenPGP) used for encrypting, decrypting, and signing messages.",
"<br><br>",
"This function uses the Keybase implementation of PGP.",
].join("\n");
this.infoURL = "https://wikipedia.org/wiki/Pretty_Good_Privacy";
this.inputType = "string";
this.outputType = "string";
this.args = [
{
"name": "Public key of signer",
"type": "text",
"value": ""
}
];
}
/**
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
async run(input, args) {
const signedMessage = input,
[publicKey] = args,
keyring = new kbpgp.keyring.KeyRing();
let unboxedLiterals;
if (!publicKey) throw new OperationError("Enter the public key of the signer.");
const pubKey = await importPublicKey(publicKey);
keyring.add_key_manager(pubKey);
try {
unboxedLiterals = await promisify(kbpgp.unbox)({
armored: signedMessage,
keyfetch: keyring,
asp: ASP
});
const ds = unboxedLiterals[0].get_data_signer();
if (ds) {
const km = ds.get_key_manager();
if (km) {
const signer = km.get_userids_mark_primary()[0].components;
let text = "Signed by ";
if (signer.email || signer.username || signer.comment) {
if (signer.username) {
text += `${signer.username} `;
}
if (signer.comment) {
text += `(${signer.comment}) `;
}
if (signer.email) {
text += `<${signer.email}>`;
}
text += "\n";
}
text += [
`PGP fingerprint: ${km.get_pgp_fingerprint().toString("hex")}`,
`PGP key ID: ${km.get_pgp_short_key_id()}`,
`Signed on ${new Date(ds.sig.when_generated() * 1000).toUTCString()}`,
"----------------------------------\n"
].join("\n");
text += unboxedLiterals.toString();
return text.trim();
} else {
throw new OperationError("Could not identify a key manager.");
}
} else {
throw new OperationError("The data does not appear to be signed.");
}
} catch (err) {
throw new OperationError(`Couldn't verify message: ${err}`);
}
}
}
export default PGPVerify;