2018-09-11 11:09:28 +02:00
|
|
|
package crypto
|
2018-06-04 16:05:14 -07:00
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"bytes"
|
|
|
|
|
"io"
|
|
|
|
|
"io/ioutil"
|
|
|
|
|
|
|
|
|
|
"golang.org/x/crypto/openpgp"
|
2018-09-11 11:09:28 +02:00
|
|
|
"golang.org/x/crypto/openpgp/armor"
|
2018-09-19 11:52:14 +02:00
|
|
|
"golang.org/x/crypto/openpgp/packet"
|
|
|
|
|
armorUtils "proton/pmcrypto/armor"
|
|
|
|
|
"proton/pmcrypto/internal"
|
2018-09-11 11:09:28 +02:00
|
|
|
"proton/pmcrypto/models"
|
2018-06-04 16:05:14 -07:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
//EncryptAttachmentBinKey ...
|
2018-09-11 11:09:28 +02:00
|
|
|
func (pm *PmCrypto) EncryptAttachmentBinKey(plainData []byte, fileName string, publicKey []byte) (*models.EncryptedSplit, error) {
|
2018-06-04 16:05:14 -07:00
|
|
|
|
|
|
|
|
var outBuf bytes.Buffer
|
2018-09-11 11:09:28 +02:00
|
|
|
w, err := armor.Encode(&outBuf, armorUtils.MESSAGE_HEADER, internal.ArmorHeaders)
|
2018-06-04 16:05:14 -07:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
pubKeyReader := bytes.NewReader(publicKey)
|
|
|
|
|
pubKeyEntries, err := openpgp.ReadKeyRing(pubKeyReader)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
hints := &openpgp.FileHints{
|
|
|
|
|
FileName: fileName,
|
|
|
|
|
}
|
2018-06-22 16:04:20 +02:00
|
|
|
|
|
|
|
|
config := &packet.Config{
|
|
|
|
|
DefaultCipher: packet.CipherAES256,
|
2018-09-11 11:09:28 +02:00
|
|
|
Time: pm.getTimeGenerator(),
|
2018-06-22 16:04:20 +02:00
|
|
|
}
|
2018-06-04 16:05:14 -07:00
|
|
|
|
|
|
|
|
ew, err := openpgp.Encrypt(w, pubKeyEntries, nil, hints, config)
|
|
|
|
|
|
|
|
|
|
_, _ = ew.Write(plainData)
|
|
|
|
|
ew.Close()
|
|
|
|
|
w.Close()
|
|
|
|
|
|
2018-09-11 11:09:28 +02:00
|
|
|
split, err := armorUtils.SplitArmor(outBuf.String())
|
2018-06-04 16:05:14 -07:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
2018-06-04 17:50:26 -07:00
|
|
|
split.Algo = "aes256"
|
|
|
|
|
return split, nil
|
2018-06-04 16:05:14 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//EncryptAttachment ...
|
2018-09-11 11:09:28 +02:00
|
|
|
func (pm *PmCrypto) EncryptAttachment(plainData []byte, fileName string, publicKey string) (*models.EncryptedSplit, error) {
|
2018-09-19 11:52:14 +02:00
|
|
|
rawPubKey, err := armorUtils.Unarmor(publicKey)
|
2018-06-04 16:05:14 -07:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
2018-09-11 11:09:28 +02:00
|
|
|
return pm.EncryptAttachmentBinKey(plainData, fileName, rawPubKey)
|
2018-06-04 16:05:14 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//DecryptAttachmentBinKey ...
|
|
|
|
|
//keyPacket
|
|
|
|
|
//dataPacket
|
|
|
|
|
//privateKeys could be mutiple private keys
|
2018-09-11 11:09:28 +02:00
|
|
|
func (pm *PmCrypto) DecryptAttachmentBinKey(keyPacket []byte, dataPacket []byte, privateKeys []byte, passphrase string) ([]byte, error) {
|
2018-06-04 16:05:14 -07:00
|
|
|
privKeyRaw := bytes.NewReader(privateKeys)
|
|
|
|
|
privKeyEntries, err := openpgp.ReadKeyRing(privKeyRaw)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
rawPwd := []byte(passphrase)
|
|
|
|
|
for _, e := range privKeyEntries {
|
|
|
|
|
|
|
|
|
|
if e.PrivateKey != nil && e.PrivateKey.Encrypted {
|
|
|
|
|
e.PrivateKey.Decrypt(rawPwd)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for _, sub := range e.Subkeys {
|
|
|
|
|
if sub.PrivateKey != nil && sub.PrivateKey.Encrypted {
|
|
|
|
|
sub.PrivateKey.Decrypt(rawPwd)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
keyReader := bytes.NewReader(keyPacket)
|
|
|
|
|
dataReader := bytes.NewReader(dataPacket)
|
|
|
|
|
|
|
|
|
|
encryptedReader := io.MultiReader(keyReader, dataReader)
|
|
|
|
|
|
2018-09-19 11:52:14 +02:00
|
|
|
config := &packet.Config{Time: pm.getTimeGenerator()}
|
2018-06-22 16:04:20 +02:00
|
|
|
|
|
|
|
|
md, err := openpgp.ReadMessage(encryptedReader, privKeyEntries, nil, config)
|
2018-06-04 16:05:14 -07:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
decrypted := md.UnverifiedBody
|
|
|
|
|
b, err := ioutil.ReadAll(decrypted)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return b, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//DecryptAttachment ...
|
2018-09-11 11:09:28 +02:00
|
|
|
func (pm *PmCrypto) DecryptAttachment(keyPacket []byte, dataPacket []byte, privateKey string, passphrase string) ([]byte, error) {
|
2018-09-19 11:52:14 +02:00
|
|
|
rawPrivKey, err := armorUtils.Unarmor(privateKey)
|
2018-06-04 16:05:14 -07:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
2018-09-11 11:09:28 +02:00
|
|
|
return pm.DecryptAttachmentBinKey(keyPacket, dataPacket, rawPrivKey, passphrase)
|
2018-06-04 16:05:14 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//EncryptAttachmentWithPassword ...
|
2018-09-11 11:09:28 +02:00
|
|
|
func (pm *PmCrypto) EncryptAttachmentWithPassword(plainData []byte, password string) (string, error) {
|
2018-06-04 16:05:14 -07:00
|
|
|
|
|
|
|
|
var outBuf bytes.Buffer
|
2018-09-11 11:09:28 +02:00
|
|
|
w, err := armor.Encode(&outBuf, armorUtils.MESSAGE_HEADER, internal.ArmorHeaders)
|
2018-06-04 16:05:14 -07:00
|
|
|
if err != nil {
|
|
|
|
|
return "", err
|
|
|
|
|
}
|
|
|
|
|
|
2018-09-19 11:52:14 +02:00
|
|
|
config := &packet.Config{Time: pm.getTimeGenerator()}
|
2018-06-22 16:04:20 +02:00
|
|
|
|
|
|
|
|
plaintext, err := openpgp.SymmetricallyEncrypt(w, []byte(password), nil, config)
|
2018-06-04 16:05:14 -07:00
|
|
|
if err != nil {
|
|
|
|
|
return "", err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
_, err = plaintext.Write(plainData)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return "", err
|
|
|
|
|
}
|
|
|
|
|
err = plaintext.Close()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return "", err
|
|
|
|
|
}
|
|
|
|
|
w.Close()
|
|
|
|
|
|
|
|
|
|
return outBuf.String(), nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//DecryptAttachmentWithPassword ...
|
2018-09-11 11:09:28 +02:00
|
|
|
func (pm *PmCrypto) DecryptAttachmentWithPassword(keyPacket []byte, dataPacket []byte, password string) ([]byte, error) {
|
2018-06-04 16:05:14 -07:00
|
|
|
|
|
|
|
|
encrypted := append(keyPacket, dataPacket...)
|
|
|
|
|
|
|
|
|
|
encryptedReader := bytes.NewReader(encrypted)
|
|
|
|
|
|
|
|
|
|
var prompt = func(keys []openpgp.Key, symmetric bool) ([]byte, error) {
|
|
|
|
|
return []byte(password), nil
|
|
|
|
|
}
|
|
|
|
|
|
2018-09-19 11:52:14 +02:00
|
|
|
config := &packet.Config{Time: pm.getTimeGenerator()}
|
2018-06-22 16:04:20 +02:00
|
|
|
|
|
|
|
|
md, err := openpgp.ReadMessage(encryptedReader, nil, prompt, config)
|
2018-06-04 16:05:14 -07:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
messageBuf := bytes.NewBuffer(nil)
|
|
|
|
|
_, err = io.Copy(messageBuf, md.UnverifiedBody)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return messageBuf.Bytes(), nil
|
|
|
|
|
}
|
