From ff243af900741efb3bc4a7d044c05737c2fb345d Mon Sep 17 00:00:00 2001
From: Mingshen Sun <bob@mssun.me>
Date: Sat, 30 Nov 2024 11:04:25 -0800
Subject: [PATCH] Use createPGPMessage instead of CryptoNewPGPMessage to
 support ASCII-armored password with YubiKey

---
 pass/Services/PasswordDecryptor.swift  |  4 ++--
 passKit/Crypto/GopenPGPInterface.swift | 18 +++++++++---------
 2 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/pass/Services/PasswordDecryptor.swift b/pass/Services/PasswordDecryptor.swift
index aec53d44..2183220d 100644
--- a/pass/Services/PasswordDecryptor.swift
+++ b/pass/Services/PasswordDecryptor.swift
@@ -206,7 +206,7 @@ func verifyPin(smartCard: YKFSmartCardInterface, pin: String) async throws {
 
 func decipher(smartCard: YKFSmartCardInterface, ciphertext: Data, chained: Bool) async throws -> Data {
     var error: NSError?
-    let message = CryptoNewPGPMessage(ciphertext)
+    let message = createPGPMessage(from: ciphertext)
     guard let mpi1 = Gopenpgp.HelperPassGetEncryptedMPI1(message, &error) else {
         throw AppError.yubiKey(.decipher(message: "Failed to get encrypted MPI."))
     }
@@ -225,7 +225,7 @@ func decipher(smartCard: YKFSmartCardInterface, ciphertext: Data, chained: Bool)
 }
 
 func decryptPassword(deciphered: Data, ciphertext: Data) throws -> String {
-    let message = CryptoNewPGPMessage(ciphertext)
+    let message = createPGPMessage(from: ciphertext)
 
     guard let algoByte = deciphered.first, let algo = symmetricKeyIDNameDict[algoByte] else {
         throw AppError.yubiKey(.decipher(message: "Failed to new session key."))
diff --git a/passKit/Crypto/GopenPGPInterface.swift b/passKit/Crypto/GopenPGPInterface.swift
index bfd38bbc..34f06228 100644
--- a/passKit/Crypto/GopenPGPInterface.swift
+++ b/passKit/Crypto/GopenPGPInterface.swift
@@ -147,15 +147,15 @@ struct GopenPGPInterface: PGPInterface {
     var shortKeyID: [String] {
         publicKeys.keys.map { $0.suffix(8).uppercased() }
     }
+}
 
-    private func createPGPMessage(from encryptedData: Data) -> CryptoPGPMessage? {
-        // Important note:
-        // Even if Defaults.encryptInArmored is true now, it could be different during the encryption.
-        var error: NSError?
-        let message = CryptoNewPGPMessageFromArmored(String(data: encryptedData, encoding: .ascii), &error)
-        if error == nil {
-            return message
-        }
-        return CryptoNewPGPMessage(encryptedData.mutable as Data)
+public func createPGPMessage(from encryptedData: Data) -> CryptoPGPMessage? {
+    // Important note:
+    // Even if Defaults.encryptInArmored is true now, it could be different during the encryption.
+    var error: NSError?
+    let message = CryptoNewPGPMessageFromArmored(String(data: encryptedData, encoding: .ascii), &error)
+    if error == nil {
+        return message
     }
+    return CryptoNewPGPMessage(encryptedData.mutable as Data)
 }