test passing

jshawl · Feb 7, 2024 · 6f9119c · 6f9119c
1 parent e9d5804
commit 6f9119c
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 8 deletions.
diff --git a/lib/minisign/private_key.rb b/lib/minisign/private_key.rb
@@ -18,14 +18,17 @@ class PrivateKey
     #   Minisign::PrivateKey.new('RWRTY0IyEf+yYa5eAX38PgdrI3TMxwy+3sgzpgcZWQXhOKqdf9sAAAACAAAAAAAAAEAAAAAAHe8Olzttgk6k5pZyT3CyCTcTAV0bLN3kq5CUqhLjqSdYZ6oEWs/S7ztaephS+/jwnuOElLBKkg3Sd56jzyvMwL4qStNUTyPDqckNjniw2SlowmHN8n5NnR47gvqjo96E+vakpw8v5PE=', 'password')
     def initialize(str, password = nil)
       contents = str.split("\n")
-      bytes = Base64.decode64(contents.last).bytes
+      decoded = Base64.decode64(contents.last)
+      @untrusted_comment = contents.first.split("untrusted comment: ").last
+      bytes = decoded.bytes
       @signature_algorithm, @kdf_algorithm, @cksum_algorithm =
         [bytes[0..1], bytes[2..3], bytes[4..5]].map { |a| a.pack('U*') }
       raise 'Missing password for encrypted key' if @kdf_algorithm.bytes.sum != 0 && password.nil?
 
       @kdf_salt = bytes[6..37]
       @kdf_opslimit = bytes[38..45].pack('V*').unpack('N*').sum
       @kdf_memlimit = bytes[46..53].pack('V*').unpack('N*').sum
+      @keynum_sk = bytes[54..157].pack("C*")
       @key_data_bytes = if password
                           kdf_output = derive_key(password, @kdf_salt, @kdf_opslimit, @kdf_memlimit)
                           xor(kdf_output, bytes[54..157])
@@ -93,12 +96,11 @@ def sign(filename, message, comment = nil)
     end
 
     def to_s
-      kdf_algorithm = @password.nil? ? [0, 0].pack('U*') : 'Sc'
       kdf_salt = @kdf_salt.pack('C*')
       kdf_opslimit = [@kdf_opslimit, 0].pack('L*')
       kdf_memlimit = [@kdf_memlimit, 0].pack('L*')
-      data = "Ed#{kdf_algorithm}B2#{kdf_algorithm}#{kdf_salt}#{kdf_opslimit}#{kdf_memlimit}#{@key_data_bytes}"
-      "untrusted comment: <arbitrary text>\n#{Base64.strict_encode64(data)}\n"
+      data = "Ed#{kdf_algorithm}B2#{kdf_salt}#{kdf_opslimit}#{kdf_memlimit}#{@keynum_sk}"
+      "untrusted comment: #{@untrusted_comment}\n#{Base64.strict_encode64(data)}\n"
     end
   end
 end
diff --git a/spec/minisign/private_key_spec.rb b/spec/minisign/private_key_spec.rb
@@ -73,9 +73,7 @@
     end
 
     it 'can be written to a file' do
-      expect do
-        Base64.strict_decode64(@private_key.to_s.split("\n").last)
-      end.not_to raise_error
+      expect(@private_key.to_s).to eq(File.read("test/minisign.key"))
     end
   end
 

diff --git a/spec/verify.sh b/spec/verify.sh
@@ -12,4 +12,4 @@ else
 fi
 
 test/generated/minisign -Vm test/generated/encrypted-key.txt -p test/minisign.pub || exit 1
-test/generated/minisign -Vm test/generated/unencrypted-key.txt -p test/unencrypted.pub || exit 1
+test/generated/minisign -Vm test/generated/unencrypted-key.txt -p test/unencrypted.pub || exit 1