Openpgp security update (V2) (#31)

* Change keyring unlock functionalities * Add keyring#Lock, keyring#CheckIntegrity, tests * Update helpers, fix bugs * Update go.mod with ProtonMail/crypto commit * Change key management system * Clear keys from memory + tests * Create SessionKey with direct encryption for datapackets. Move symmetrickey to password. * Fix upstream dependencies * Update module to V2, documentation * Add linter * Add v2 folder to .gitignore * Minor changes to KeyID getters * Remove old changelog * Improve docs, remove compilation script
2019-12-27 19:35:43 +01:00 · 2019-12-27 19:35:43 +01:00 · 54f45d0471
commit 54f45d0471
parent 136c0a5495
46 changed files with 2588 additions and 1770 deletions
--- a/crypto/attachment_test.go
+++ b/crypto/attachment_test.go
@ -10,44 +10,46 @@ import (
 // const testAttachmentEncrypted =
 // `0ksB0fHC6Duezx/0TqpK/82HSl8+qCY0c2BCuyrSFoj6Dubd93T3//32jVYa624NYvfvxX+UxFKYKJxG09gFsU1IVc87cWvUgmUmgjU=`

+var testAttachmentKey, _ = base64.StdEncoding.DecodeString("ExXmnSiQ2QCey20YLH6qlLhkY3xnIBC1AwlIXwK/HvY=")
+
 func TestAttachmentGetKey(t *testing.T) {
 	testKeyPacketsDecoded, err := base64.StdEncoding.DecodeString(readTestFile("attachment_keypacket", false))
 	if err != nil {
 		t.Fatal("Expected no error while decoding base64 KeyPacket, got:", err)
 	}

-	symmetricKey, err := testPrivateKeyRing.DecryptSessionKey(testKeyPacketsDecoded)
+	sessionKey, err := keyRingTestPrivate.DecryptSessionKey(testKeyPacketsDecoded)
 	if err != nil {
 		t.Fatal("Expected no error while decrypting KeyPacket, got:", err)
 	}

-	assert.Exactly(t, testSymmetricKey, symmetricKey)
+	assert.Exactly(t, testAttachmentKey, sessionKey.Key)
 }

 func TestAttachmentSetKey(t *testing.T) {
-	keyPackets, err := testPublicKeyRing.EncryptSessionKey(testSymmetricKey)
+	keyPackets, err := keyRingTestPublic.EncryptSessionKey(testSessionKey)
 	if err != nil {
 		t.Fatal("Expected no error while encrypting attachment key, got:", err)
 	}

-	symmetricKey, err := testPrivateKeyRing.DecryptSessionKey(keyPackets)
+	sessionKey, err := keyRingTestPrivate.DecryptSessionKey(keyPackets)
 	if err != nil {
 		t.Fatal("Expected no error while decrypting attachment key, got:", err)
 	}

-	assert.Exactly(t, testSymmetricKey, symmetricKey)
+	assert.Exactly(t, testSessionKey, sessionKey)
 }

 func TestAttachmentEncryptDecrypt(t *testing.T) {
 	var testAttachmentCleartext = "cc,\ndille."
 	var message = NewPlainMessage([]byte(testAttachmentCleartext))

-	encSplit, err := testPrivateKeyRing.EncryptAttachment(message, "s.txt")
+	encSplit, err := keyRingTestPrivate.EncryptAttachment(message, "s.txt")
 	if err != nil {
 		t.Fatal("Expected no error while encrypting attachment, got:", err)
 	}

-	redecData, err := testPrivateKeyRing.DecryptAttachment(encSplit)
+	redecData, err := keyRingTestPrivate.DecryptAttachment(encSplit)
 	if err != nil {
 		t.Fatal("Expected no error while decrypting attachment, got:", err)
 	}
@ -59,14 +61,14 @@ func TestAttachmentEncrypt(t *testing.T) {
 	var testAttachmentCleartext = "cc,\ndille."
 	var message = NewPlainMessage([]byte(testAttachmentCleartext))

-	encSplit, err := testPrivateKeyRing.EncryptAttachment(message, "s.txt")
+	encSplit, err := keyRingTestPrivate.EncryptAttachment(message, "s.txt")
 	if err != nil {
 		t.Fatal("Expected no error while encrypting attachment, got:", err)
 	}

 	pgpMessage := NewPGPMessage(encSplit.GetBinary())

-	redecData, err := testPrivateKeyRing.Decrypt(pgpMessage, nil, 0)
+	redecData, err := keyRingTestPrivate.Decrypt(pgpMessage, nil, 0)
 	if err != nil {
 		t.Fatal("Expected no error while decrypting attachment, got:", err)
 	}
@ -78,7 +80,7 @@ func TestAttachmentDecrypt(t *testing.T) {
 	var testAttachmentCleartext = "cc,\ndille."
 	var message = NewPlainMessage([]byte(testAttachmentCleartext))

-	encrypted, err := testPrivateKeyRing.Encrypt(message, nil)
+	encrypted, err := keyRingTestPrivate.Encrypt(message, nil)
 	if err != nil {
 		t.Fatal("Expected no error while encrypting attachment, got:", err)
 	}
@ -93,7 +95,7 @@ func TestAttachmentDecrypt(t *testing.T) {
 		t.Fatal("Expected no error while unarmoring, got:", err)
 	}

-	redecData, err := testPrivateKeyRing.DecryptAttachment(pgpSplitMessage)
+	redecData, err := keyRingTestPrivate.DecryptAttachment(pgpSplitMessage)
 	if err != nil {
 		t.Fatal("Expected no error while decrypting attachment, got:", err)
 	}