Merge branch 'addexamples' into 'master'
Add examples See merge request ProtonMail/go-pm-crypto!20
This commit is contained in:
Daniel Huigens
commit
0931705fce
3 changed files with 113 additions and 1 deletions
64
README.md
64
README.md
|
|
@ -44,7 +44,71 @@ If you use build.sh, you may need to modify the paths in it.
|
||||||
|
|
||||||
### Encrypt and decrypt
|
### Encrypt and decrypt
|
||||||
|
|
||||||
|
Encryption and decryption will use the AES256 algorithm by default.
|
||||||
|
|
||||||
|
#### Encrypt / Decrypt with password
|
||||||
|
```
|
||||||
|
var pmCrypto = PmCrypto{}
|
||||||
|
|
||||||
|
const password = "my secret password"
|
||||||
|
|
||||||
|
// Encrypt data with password
|
||||||
|
armor, err := pmCrypto.EncryptMessageWithPassword("my message", password)
|
||||||
|
|
||||||
|
// Decrypt data with password
|
||||||
|
message, err := pmCrypto.DecryptMessageWithPassword(armor, password)
|
||||||
|
```
|
||||||
|
|
||||||
|
#### Encrypt / Decrypt with PGP keys
|
||||||
|
```
|
||||||
|
// put keys in backtick (``) to avoid errors caused by spaces or tabs
|
||||||
|
const pubkey = `-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||||
|
...
|
||||||
|
-----END PGP PUBLIC KEY BLOCK-----`
|
||||||
|
|
||||||
|
const privkey = `-----BEGIN PGP PRIVATE KEY BLOCK-----
|
||||||
|
...
|
||||||
|
-----END PGP PRIVATE KEY BLOCK-----` // encrypted private key
|
||||||
|
|
||||||
|
const passphrase = `the passphrase of the private key` // what the privKey is encrypted with
|
||||||
|
|
||||||
|
privateKeyRing, err := crypto.ReadArmoredKeyRing(strings.NewReader(privkey))
|
||||||
|
publicKeyRing, err := crypto.ReadArmoredKeyRing(strings.NewReader(pubkey))
|
||||||
|
|
||||||
|
// encrypt message using public key and can be optionally signed using private key and passphrase
|
||||||
|
armor, err := pmCrypto.EncryptMessage("plain text", publicKeyRing, privateKeyRing, passphrase, false)
|
||||||
|
// OR
|
||||||
|
privateKeyRing.Unlock([]byte(passphrase)) // if private key is locked with passphrase
|
||||||
|
armor, err := publicKeyRing.EncryptString("plain text", privateKeyRing)
|
||||||
|
|
||||||
|
// decrypt armored encrypted message using the private key and the passphrase of the private key
|
||||||
|
plainText, err := pmCrypto.DecryptMessage(armor, privateKeyRing, passphrase)
|
||||||
|
// OR
|
||||||
|
signedText, err := privateKeyRing.DecryptString(armor)
|
||||||
|
plainText = signedText.String
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
### Generate key
|
### Generate key
|
||||||
|
Keys are generated with the `GenerateKey` function, that returns the armored key as a string and a potential error.
|
||||||
|
The library supports RSA with different key lengths or Curve25519 keys.
|
||||||
|
```
|
||||||
|
var pmCrypto = PmCrypto{}
|
||||||
|
|
||||||
|
var (
|
||||||
|
localPart = "name.surname"
|
||||||
|
domain = "example.com"
|
||||||
|
passphrase = "LongSecret"
|
||||||
|
rsaBits = 2048
|
||||||
|
ecBits = 256
|
||||||
|
)
|
||||||
|
|
||||||
|
// RSA
|
||||||
|
rsaKey, err := pmCrypto.GenerateKey(localPart, domain, passphrase, "rsa", rsaBits)
|
||||||
|
|
||||||
|
// Curve 25519
|
||||||
|
ecKey, err := pmCrypto.GenerateKey(localPart, domain, passphrase, "x25519", ecBits)
|
||||||
|
```
|
||||||
|
|
||||||
### Sign
|
### Sign
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -55,7 +55,6 @@ func (pm *PmCrypto) DecryptMessage(encryptedText string, privateKey *KeyRing, pa
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
|
|
||||||
println(4)
|
|
||||||
return string(b), nil
|
return string(b), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
49
crypto/message_test.go
Normal file
49
crypto/message_test.go
Normal file
|
|
@ -0,0 +1,49 @@
|
||||||
|
package crypto
|
||||||
|
|
||||||
|
import (
|
||||||
|
"github.com/stretchr/testify/assert"
|
||||||
|
"strings"
|
||||||
|
"testing"
|
||||||
|
)
|
||||||
|
|
||||||
|
func TestMessageEncryptionWithPassword(t *testing.T) {
|
||||||
|
var pmCrypto = PmCrypto{}
|
||||||
|
|
||||||
|
const password = "my secret password"
|
||||||
|
|
||||||
|
// Encrypt data with password
|
||||||
|
armor, err := pmCrypto.EncryptMessageWithPassword("my message", password)
|
||||||
|
if err != nil {
|
||||||
|
t.Fatal("Expected no error when encrypting, got:", err)
|
||||||
|
}
|
||||||
|
// Decrypt data with wrong password
|
||||||
|
text, err := pmCrypto.DecryptMessageWithPassword(armor, "wrong password")
|
||||||
|
assert.NotNil(t, err)
|
||||||
|
// Decrypt data with the good password
|
||||||
|
text, err = pmCrypto.DecryptMessageWithPassword(armor, password)
|
||||||
|
if err != nil {
|
||||||
|
t.Fatal("Expected no error when decrypting, got:", err)
|
||||||
|
}
|
||||||
|
assert.Exactly(t, "my message", text)
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestMessageEncryption(t *testing.T) {
|
||||||
|
var pmCrypto = PmCrypto{}
|
||||||
|
var (
|
||||||
|
message = "plain text"
|
||||||
|
)
|
||||||
|
|
||||||
|
testPrivateKeyRing, err = ReadArmoredKeyRing(strings.NewReader(readTestFile("keyring_privateKey")))
|
||||||
|
testPrivateKeyRing.Unlock([]byte(testMailboxPassword))
|
||||||
|
testPublicKeyRing, err = ReadArmoredKeyRing(strings.NewReader(readTestFile("keyring_publicKey")))
|
||||||
|
|
||||||
|
armor, err := pmCrypto.EncryptMessage(message, testPublicKeyRing, testPrivateKeyRing, testMailboxPassword, false)
|
||||||
|
if err != nil {
|
||||||
|
t.Fatal("Expected no error when encrypting, got:", err)
|
||||||
|
}
|
||||||
|
plainText, err := pmCrypto.DecryptMessage(armor, testPrivateKeyRing, testMailboxPassword)
|
||||||
|
if err != nil {
|
||||||
|
t.Fatal("Expected no error when decrypting, got:", err)
|
||||||
|
}
|
||||||
|
assert.Exactly(t, message, plainText)
|
||||||
|
}
|
||||||
Loading…
Add table
Add a link
Reference in a new issue