diff --git a/README.md b/README.md index b29a00d..9d9eb31 100644 --- a/README.md +++ b/README.md @@ -44,6 +44,51 @@ If you use build.sh, you may need to modify the paths in it. ### Encrypt and decrypt +Encryption and decryption will use the AES256 algorithm by default. + +#### Encrypt / Decrypt with password +``` +var pmCrypto = PmCrypto{} + +const password = "my secret password" + +// Encrypt data with password +armor, err := pmCrypto.EncryptMessageWithPassword("my message", password) + +// Decrypt data with password +message, err := pmCrypto.DecryptMessageWithPassword(armor, password) +``` + +#### Encrypt / Decrypt with PGP keys +``` +// put keys in backtick (``) to avoid errors caused by spaces or tabs +const pubkey = `-----BEGIN PGP PUBLIC KEY BLOCK----- +... +-----END PGP PUBLIC KEY BLOCK-----` + +const privkey = `-----BEGIN PGP PRIVATE KEY BLOCK----- +... +-----END PGP PRIVATE KEY BLOCK-----` // encrypted private key + +const passphrase = `the passphrase of the private key` // what the privKey is encrypted with + +privateKeyRing, err := crypto.ReadArmoredKeyRing(strings.NewReader(privkey)) +publicKeyRing, err := crypto.ReadArmoredKeyRing(strings.NewReader(pubkey)) + +// encrypt message using public key and can be optionally signed using private key and passphrase +armor, err := pmCrypto.EncryptMessage("plain text", publicKeyRing, privateKeyRing, passphrase, false) +// OR +privateKeyRing.Unlock([]byte(passphrase)) // if private key is locked with passphrase +armor, err := publicKeyRing.EncryptString("plain text", privateKeyRing) + +// decrypt armored encrypted message using the private key and the passphrase of the private key +plainText, err := pmCrypto.DecryptMessage(armor, privateKeyRing, passphrase) +// OR +signedText, err := privateKeyRing.DecryptString(armor) +plainText = signedText.String + +``` + ### Generate key Keys are generated with the `GenerateKey` function, that returns the armored key as a string and a potential error. The library supports RSA with different key lengths or Curve25519 keys. diff --git a/crypto/message.go b/crypto/message.go index 5e02dc2..58041bc 100644 --- a/crypto/message.go +++ b/crypto/message.go @@ -54,7 +54,6 @@ func (pm *PmCrypto) DecryptMessage(encryptedText string, privateKey *KeyRing, pa return "", err } - println(4) return string(b), nil } diff --git a/crypto/message_test.go b/crypto/message_test.go new file mode 100644 index 0000000..d6be61e --- /dev/null +++ b/crypto/message_test.go @@ -0,0 +1,49 @@ +package crypto + +import ( + "github.com/stretchr/testify/assert" + "strings" + "testing" +) + +func TestMessageEncryptionWithPassword(t *testing.T) { + var pmCrypto = PmCrypto{} + + const password = "my secret password" + + // Encrypt data with password + armor, err := pmCrypto.EncryptMessageWithPassword("my message", password) + if err != nil { + t.Fatal("Expected no error when encrypting, got:", err) + } + // Decrypt data with wrong password + text, err := pmCrypto.DecryptMessageWithPassword(armor, "wrong password") + assert.NotNil(t, err) + // Decrypt data with the good password + text, err = pmCrypto.DecryptMessageWithPassword(armor, password) + if err != nil { + t.Fatal("Expected no error when decrypting, got:", err) + } + assert.Exactly(t, "my message", text) +} + +func TestMessageEncryption(t *testing.T) { + var pmCrypto = PmCrypto{} + var ( + message = "plain text" + ) + + testPrivateKeyRing, err = ReadArmoredKeyRing(strings.NewReader(readTestFile("keyring_privateKey"))) + testPrivateKeyRing.Unlock([]byte(testMailboxPassword)) + testPublicKeyRing, err = ReadArmoredKeyRing(strings.NewReader(readTestFile("keyring_publicKey"))) + + armor, err := pmCrypto.EncryptMessage(message, testPublicKeyRing, testPrivateKeyRing, testMailboxPassword, false) + if err != nil { + t.Fatal("Expected no error when encrypting, got:", err) + } + plainText, err := pmCrypto.DecryptMessage(armor, testPrivateKeyRing, testMailboxPassword) + if err != nil { + t.Fatal("Expected no error when decrypting, got:", err) + } + assert.Exactly(t, message, plainText) +}