Fix various minor issues (#45)

* Update header version to 2.0.0 * Add space to cleartext message armouring * Fix password encrypted binary files * Clear key private params in helpers * Do not unlock key if private key is nil * Document changes * Use defer for ClearPrivateKeyParams
2020-04-27 21:01:23 +02:00 · 2020-04-27 21:01:23 +02:00 · 222decb919
commit 222decb919
parent 0f35072bc4
9 changed files with 28 additions and 7 deletions
--- a/helper/cleartext.go
+++ b/helper/cleartext.go
@ -19,6 +19,7 @@ func SignCleartextMessageArmored(privateKey string, passphrase []byte, text stri
 	if err != nil {
 		return "", err
 	}
+	defer unlockedKey.ClearPrivateParams()

 	keyRing, err := crypto.NewKeyRing(unlockedKey)
 	if err != nil {
--- a/helper/helper.go
+++ b/helper/helper.go
@ -94,6 +94,7 @@ func EncryptSignMessageArmored(
 	if unlockedKeyObj, err = privateKeyObj.Unlock(passphrase); err != nil {
 		return "", err
 	}
+	defer unlockedKeyObj.ClearPrivateParams()

 	if privateKeyRing, err = crypto.NewKeyRing(unlockedKeyObj); err != nil {
 		return "", err
@ -126,6 +127,7 @@ func DecryptMessageArmored(
 	if privateKeyUnlocked, err = privateKeyObj.Unlock(passphrase); err != nil {
 		return "", err
 	}
+	defer privateKeyUnlocked.ClearPrivateParams()

 	if privateKeyRing, err = crypto.NewKeyRing(privateKeyUnlocked); err != nil {
 		return "", err
@ -168,6 +170,7 @@ func DecryptVerifyMessageArmored(
 	if unlockedKeyObj, err = privateKeyObj.Unlock(passphrase); err != nil {
 		return "", err
 	}
+	defer unlockedKeyObj.ClearPrivateParams()

 	if privateKeyRing, err = crypto.NewKeyRing(unlockedKeyObj); err != nil {
 		return "", err
@ -214,6 +217,7 @@ func DecryptVerifyAttachment(
 	if unlockedKeyObj, err = privateKeyObj.Unlock(passphrase); err != nil {
 		return nil, err
 	}
+	defer unlockedKeyObj.ClearPrivateParams()

 	if privateKeyRing, err = crypto.NewKeyRing(unlockedKeyObj); err != nil {
 		return nil, err
--- a/helper/key.go
+++ b/helper/key.go
@ -19,13 +19,13 @@ func UpdatePrivateKeyPassphrase(
 	if err != nil {
 		return "", err
 	}
+	defer unlocked.ClearPrivateParams()

 	locked, err := unlocked.Lock(newPassphrase)
 	if err != nil {
 		return "", err
 	}

-	unlocked.ClearPrivateParams()
 	return locked.Armor()
 }

@ -37,13 +37,13 @@ func GenerateKey(name, email string, passphrase []byte, keyType string, bits int
 	if err != nil {
 		return "", err
 	}
+	defer key.ClearPrivateParams()

 	locked, err := key.Lock(passphrase)
 	if err != nil {
 		return "", err
 	}

-	key.ClearPrivateParams()
 	return locked.Armor()
 }

--- a/helper/sign_attachment.go
+++ b/helper/sign_attachment.go
@ -33,6 +33,7 @@ func EncryptSignAttachment(
 	if unlockedKeyObj, err = privateKeyObj.Unlock(passphrase); err != nil {
 		return nil, nil, nil, err
 	}
+	defer unlockedKeyObj.ClearPrivateParams()

 	if privateKeyRing, err = crypto.NewKeyRing(unlockedKeyObj); err != nil {
 		return nil, nil, nil, err