From 8f830e09ac2ed4c85fb01073ffaaed6bbf3f8328 Mon Sep 17 00:00:00 2001 From: Aron Wussler Date: Tue, 14 May 2019 10:54:27 +0200 Subject: [PATCH 1/2] Add key generation examples --- README.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/README.md b/README.md index 2459b35..b29a00d 100644 --- a/README.md +++ b/README.md @@ -45,6 +45,25 @@ If you use build.sh, you may need to modify the paths in it. ### Encrypt and decrypt ### Generate key +Keys are generated with the `GenerateKey` function, that returns the armored key as a string and a potential error. +The library supports RSA with different key lengths or Curve25519 keys. +``` +var pmCrypto = PmCrypto{} + +var ( + localPart = "name.surname" + domain = "example.com" + passphrase = "LongSecret" + rsaBits = 2048 + ecBits = 256 +) + +// RSA +rsaKey, err := pmCrypto.GenerateKey(localPart, domain, passphrase, "rsa", rsaBits) + +// Curve 25519 +ecKey, err := pmCrypto.GenerateKey(localPart, domain, passphrase, "x25519", ecBits) +``` ### Sign From 0421e1c829d2d4def5ca75d7b9f4c49803f17c21 Mon Sep 17 00:00:00 2001 From: William Gotti Date: Tue, 14 May 2019 15:39:35 +0200 Subject: [PATCH 2/2] Add Encrypt/Decrypt examples --- README.md | 45 ++++++++++++++++++++++++++++++++++++++ crypto/message.go | 1 - crypto/message_test.go | 49 ++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 94 insertions(+), 1 deletion(-) create mode 100644 crypto/message_test.go diff --git a/README.md b/README.md index b29a00d..9d9eb31 100644 --- a/README.md +++ b/README.md @@ -44,6 +44,51 @@ If you use build.sh, you may need to modify the paths in it. ### Encrypt and decrypt +Encryption and decryption will use the AES256 algorithm by default. + +#### Encrypt / Decrypt with password +``` +var pmCrypto = PmCrypto{} + +const password = "my secret password" + +// Encrypt data with password +armor, err := pmCrypto.EncryptMessageWithPassword("my message", password) + +// Decrypt data with password +message, err := pmCrypto.DecryptMessageWithPassword(armor, password) +``` + +#### Encrypt / Decrypt with PGP keys +``` +// put keys in backtick (``) to avoid errors caused by spaces or tabs +const pubkey = `-----BEGIN PGP PUBLIC KEY BLOCK----- +... +-----END PGP PUBLIC KEY BLOCK-----` + +const privkey = `-----BEGIN PGP PRIVATE KEY BLOCK----- +... +-----END PGP PRIVATE KEY BLOCK-----` // encrypted private key + +const passphrase = `the passphrase of the private key` // what the privKey is encrypted with + +privateKeyRing, err := crypto.ReadArmoredKeyRing(strings.NewReader(privkey)) +publicKeyRing, err := crypto.ReadArmoredKeyRing(strings.NewReader(pubkey)) + +// encrypt message using public key and can be optionally signed using private key and passphrase +armor, err := pmCrypto.EncryptMessage("plain text", publicKeyRing, privateKeyRing, passphrase, false) +// OR +privateKeyRing.Unlock([]byte(passphrase)) // if private key is locked with passphrase +armor, err := publicKeyRing.EncryptString("plain text", privateKeyRing) + +// decrypt armored encrypted message using the private key and the passphrase of the private key +plainText, err := pmCrypto.DecryptMessage(armor, privateKeyRing, passphrase) +// OR +signedText, err := privateKeyRing.DecryptString(armor) +plainText = signedText.String + +``` + ### Generate key Keys are generated with the `GenerateKey` function, that returns the armored key as a string and a potential error. The library supports RSA with different key lengths or Curve25519 keys. diff --git a/crypto/message.go b/crypto/message.go index 5e02dc2..58041bc 100644 --- a/crypto/message.go +++ b/crypto/message.go @@ -54,7 +54,6 @@ func (pm *PmCrypto) DecryptMessage(encryptedText string, privateKey *KeyRing, pa return "", err } - println(4) return string(b), nil } diff --git a/crypto/message_test.go b/crypto/message_test.go new file mode 100644 index 0000000..d6be61e --- /dev/null +++ b/crypto/message_test.go @@ -0,0 +1,49 @@ +package crypto + +import ( + "github.com/stretchr/testify/assert" + "strings" + "testing" +) + +func TestMessageEncryptionWithPassword(t *testing.T) { + var pmCrypto = PmCrypto{} + + const password = "my secret password" + + // Encrypt data with password + armor, err := pmCrypto.EncryptMessageWithPassword("my message", password) + if err != nil { + t.Fatal("Expected no error when encrypting, got:", err) + } + // Decrypt data with wrong password + text, err := pmCrypto.DecryptMessageWithPassword(armor, "wrong password") + assert.NotNil(t, err) + // Decrypt data with the good password + text, err = pmCrypto.DecryptMessageWithPassword(armor, password) + if err != nil { + t.Fatal("Expected no error when decrypting, got:", err) + } + assert.Exactly(t, "my message", text) +} + +func TestMessageEncryption(t *testing.T) { + var pmCrypto = PmCrypto{} + var ( + message = "plain text" + ) + + testPrivateKeyRing, err = ReadArmoredKeyRing(strings.NewReader(readTestFile("keyring_privateKey"))) + testPrivateKeyRing.Unlock([]byte(testMailboxPassword)) + testPublicKeyRing, err = ReadArmoredKeyRing(strings.NewReader(readTestFile("keyring_publicKey"))) + + armor, err := pmCrypto.EncryptMessage(message, testPublicKeyRing, testPrivateKeyRing, testMailboxPassword, false) + if err != nil { + t.Fatal("Expected no error when encrypting, got:", err) + } + plainText, err := pmCrypto.DecryptMessage(armor, testPrivateKeyRing, testMailboxPassword) + if err != nil { + t.Fatal("Expected no error when decrypting, got:", err) + } + assert.Exactly(t, message, plainText) +}