Netsyms/IPENtool
2
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

Fall back to system gpg utilities when unable to decode signature

Browse Source
This commit is contained in:
Skylar Ittner 2021-07-20 17:02:23 -06:00
parent f114febad3
commit 35ef690ea1
3 changed files with 83 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
src/js/crypto.js
View File

@ -249,6 +249,55 @@ function importPrivateKey() {
}, ".asc");
}
/**
* Call the native system GPG to "decrypt" a PGP signature. This should work when the hacky "base64 decode and search for strings" method fails.
* @param {String} sigdata
* @param {Function} callback (string) message, (string) fingerprint, (bool) success
* @returns {undefined}
*/
function readSignatureExternally(sigdata, callback) {
const exec = require('child_process').exec;
const os = require('os');
const process = require('process');
const sigfilepath = getNewTempFilePath() + ".asc";
writeToFile(sigfilepath, sigdata);
var gpgexecutable = "gpg";
switch (os.platform()) {
case "win32":
// Most systems will have it here
gpgexecutable = '"C:\\Program Files (x86)\\gnupg\\bin\\gpg.exe"';
if (!fs.existsSync(gpgexecutable)) {
// Let's hope it's in %PATH%
gpgexecutable = "gpg.exe";
}
break;
case "linux":
break;
default:
break;
}
var command = gpgexecutable + " -vv --decrypt " + sigfilepath;
exec(command, function (error, stdout, stderr) {
console.log(stdout);
var msg = null;
if (stdout.length > 50) {
msg = stdout;
} else {
callback(null, null, false);
}
var keyid = null;
var keyidregex = /(keyid|RSA key) ([A-F0-9]+)/;
if (keyidregex.test(stderr)) {
keyid = stderr.match(keyidregex)[2];
}
callback(msg, keyid, true);
});
}
function calculateSHA256HashOfBuffer(buffer) {
const hasha = require('hasha');
var hashstr = hasha(Buffer.from(buffer), {algorithm: 'sha256'});

20
src/js/filesystem.js
View File

@ -94,6 +94,24 @@ function deleteFile(path) {
}
function getBasename(fullpath) {
var path = require("path");
const path = require("path");
return path.basename(fullpath);
}
/**
* Get the path to a nonexistent, randomly-named temporary file.
* @returns {String}
*/
function getNewTempFilePath() {
const fs = require('fs');
const path = require("path");
const crypto = require('crypto');
const os = require('os');
const randomname = crypto.randomBytes(6).readUIntLE(0,6).toString(36);
var temppath = path.join(os.tmpdir(), "nwjs-app-");
var folder = fs.mkdtempSync(temppath);
return path.join(folder, randomname);
}

19
src/js/pdf.js
View File

@ -83,8 +83,14 @@ function analyzeSignedPDF() {
var msg = window.atob(base64).split("START", 2)[1].split("END", 2)[0];
parseAndDisplaySignature(msg, pdfhash, false, null);
} catch (ex) {
readSignatureExternally(sigdata, function (msg, keyprint, ok) {
if (!ok) {
showAlert("Error: could not parse signature data.");
return;
}
parseAndDisplaySignature(msg, pdfhash, false, keyprint);
});
console.error(ex);
showAlert("Error: could not parse signature data.");
}
});
});
@ -233,9 +239,14 @@ then run the analyze tool again to prove if it was changed since notarization.")
}
if (typeof fingerprint == "string") {
var fingerprintstart = fingerprint.substr(0, fingerprint.length - 16);
var fingerprintend = fingerprint.substr(-16);
$("#verifyModalDetailedInfoList").append('<li class="list-group-item"><i class="fas fa-fingerprint fa-fw"></i> Signature fingerprint: ' + fingerprintstart + '<b>' + fingerprintend + '</b></li>');
if (fingerprint.length > 16) {
var fingerprintstart = fingerprint.substr(0, fingerprint.length - 16);
var fingerprintend = fingerprint.substr(-16);
} else {
var fingerprintstart = "";
var fingerprintend = fingerprint;
}
$("#verifyModalDetailedInfoList").append('<li class="list-group-item"><i class="fas fa-fingerprint fa-fw"></i> Signature key ID: ' + fingerprintstart + '<b>' + fingerprintend + '</b></li>');
}
new bootstrap.Modal(document.getElementById('verifyModal')).show();
}