docs(v2): Improve documentation in signatures for keys

lubux · lubux · commit d47e64875cdc · 2023-11-24T09:52:07.000+01:00
diff --git a/openpgp/packet/public_key.go b/openpgp/packet/public_key.go
@@ -874,13 +874,8 @@ func (pk *PublicKey) VerifyKeySignature(signed *PublicKey, sig *Signature) error
 	return nil
 }
 
-func keyRevocationHash(pk signingKey, hashFunc hash.Hash) (h hash.Hash, err error) {
-	h = hashFunc
-
-	// RFC 4880, section 5.2.4
-	err = pk.SerializeForHash(h)
-
-	return
+func keyRevocationHash(pk signingKey, hashFunc hash.Hash) (err error) {
+	return pk.SerializeForHash(hashFunc)
 }
 
 // VerifyRevocationSignature returns nil iff sig is a valid signature, made by this
@@ -890,11 +885,10 @@ func (pk *PublicKey) VerifyRevocationSignature(sig *Signature) (err error) {
 	if err != nil {
 		return err
 	}
-	h, err := keyRevocationHash(pk, preparedHash)
-	if err != nil {
+	if keyRevocationHash(pk, preparedHash); err != nil {
 		return err
 	}
-	return pk.VerifySignature(h, sig)
+	return pk.VerifySignature(preparedHash, sig)
 }
 
 // VerifySubkeyRevocationSignature returns nil iff sig is a valid subkey revocation signature,
@@ -935,16 +929,9 @@ func userIdSignatureHash(id string, pk *PublicKey, h hash.Hash) (err error) {
 	return nil
 }
 
-// directSignatureHash returns a Hash of the message that needs to be signed
+// directKeySignatureHash returns a Hash of the message that needs to be signed.
 func directKeySignatureHash(pk *PublicKey, h hash.Hash) (err error) {
-	// RFC 4880, section 5.2.4
-	if err := pk.SerializeSignaturePrefix(h); err != nil {
-		return err
-	}
-	if err := pk.serializeWithoutHeaders(h); err != nil {
-		return err
-	}
-	return nil
+	return pk.SerializeForHash(h)
 }
 
 // VerifyUserIdSignature returns nil iff sig is a valid signature, made by this
@@ -960,8 +947,8 @@ func (pk *PublicKey) VerifyUserIdSignature(id string, pub *PublicKey, sig *Signa
 	return pk.VerifySignature(h, sig)
 }
 
-// VerifyUserIdSignature returns nil iff sig is a valid signature, made by this
-// public key
+// VerifyDirectKeySignature returns nil iff sig is a valid signature, made by this
+// public key.
 func (pk *PublicKey) VerifyDirectKeySignature(sig *Signature) (err error) {
 	h, err := sig.PrepareVerify()
 	if err != nil {
diff --git a/openpgp/packet/signature.go b/openpgp/packet/signature.go
@@ -1019,11 +1019,10 @@ func (sig *Signature) RevokeKey(pub *PublicKey, priv *PrivateKey, config *Config
 	if err != nil {
 		return err
 	}
-	h, err := keyRevocationHash(pub, prepareHash)
-	if err != nil {
+	if err := keyRevocationHash(pub, prepareHash); err != nil {
 		return err
 	}
-	return sig.Sign(h, priv, config)
+	return sig.Sign(prepareHash, priv, config)
 }
 
 // RevokeSubkey computes a subkey revocation signature of pub using priv.
diff --git a/openpgp/v2/subkeys.go b/openpgp/v2/subkeys.go
@@ -79,6 +79,7 @@ func (s *Subkey) Serialize(w io.Writer, includeSecrets bool) error {
 	return nil
 }
 
+// ReSign resigns the latest valid subkey binding signature with the given config.
 func (s *Subkey) ReSign(config *packet.Config) error {
 	selectedSig, err := s.LatestValidBindingSignature(time.Time{})
 	if err != nil {
diff --git a/openpgp/v2/user.go b/openpgp/v2/user.go
@@ -71,6 +71,7 @@ func readUser(e *Entity, packets *packet.Reader, pkt *packet.UserId) error {
 	return nil
 }
 
+// Serialize serializes the user id to the writer.
 func (i *Identity) Serialize(w io.Writer) error {
 	if err := i.UserId.Serialize(w); err != nil {
 		return err
@@ -135,6 +136,7 @@ func (i *Identity) Revoked(selfCertification *packet.Signature, date time.Time)
 	return false
 }
 
+// ReSign resigns the latest valid self-certification with the given config.
 func (i *Identity) ReSign(config *packet.Config) error {
 	selectedSig, err := i.LatestValidSelfCertification(config.Now())
 	if err != nil {

Original file line number	Diff line number	Diff line change
`@@ -1019,11 +1019,10 @@ func (sig Signature) RevokeKey(pub PublicKey, priv PrivateKey, config Config`
`1019`	`1019`	`if err != nil {`
`1020`	`1020`	`return err`
`1021`	`1021`	`}`
`1022`		`- h, err := keyRevocationHash(pub, prepareHash)`
`1023`		`- if err != nil {`
	`1022`	`+ if err := keyRevocationHash(pub, prepareHash); err != nil {`
`1024`	`1023`	`return err`
`1025`	`1024`	`}`
`1026`		`- return sig.Sign(h, priv, config)`
	`1025`	`+ return sig.Sign(prepareHash, priv, config)`
`1027`	`1026`	`}`
`1028`	`1027`
`1029`	`1028`	`// RevokeSubkey computes a subkey revocation signature of pub using priv.`
Original file line number	Diff line number	Diff line change
`@@ -79,6 +79,7 @@ func (s *Subkey) Serialize(w io.Writer, includeSecrets bool) error {`
`79`	`79`	`return nil`
`80`	`80`	`}`
`81`	`81`
	`82`	`+// ReSign resigns the latest valid subkey binding signature with the given config.`
`82`	`83`	`func (s Subkey) ReSign(config packet.Config) error {`
`83`	`84`	`selectedSig, err := s.LatestValidBindingSignature(time.Time{})`
`84`	`85`	`if err != nil {`
Original file line number	Diff line number	Diff line change
`@@ -71,6 +71,7 @@ func readUser(e Entity, packets packet.Reader, pkt *packet.UserId) error {`
`71`	`71`	`return nil`
`72`	`72`	`}`
`73`	`73`
	`74`	`+// Serialize serializes the user id to the writer.`
`74`	`75`	`func (i *Identity) Serialize(w io.Writer) error {`
`75`	`76`	`if err := i.UserId.Serialize(w); err != nil {`
`76`	`77`	`return err`
`@@ -135,6 +136,7 @@ func (i Identity) Revoked(selfCertification packet.Signature, date time.Time)`
`135`	`136`	`return false`
`136`	`137`	`}`
`137`	`138`
	`139`	`+// ReSign resigns the latest valid self-certification with the given config.`
`138`	`140`	`func (i Identity) ReSign(config packet.Config) error {`
`139`	`141`	`selectedSig, err := i.LatestValidSelfCertification(config.Now())`
`140`	`142`	`if err != nil {`