Openpgp security update (V2) (#31)

* Change keyring unlock functionalities * Add keyring#Lock, keyring#CheckIntegrity, tests * Update helpers, fix bugs * Update go.mod with ProtonMail/crypto commit * Change key management system * Clear keys from memory + tests * Create SessionKey with direct encryption for datapackets. Move symmetrickey to password. * Fix upstream dependencies * Update module to V2, documentation * Add linter * Add v2 folder to .gitignore * Minor changes to KeyID getters * Remove old changelog * Improve docs, remove compilation script
2019-12-27 19:35:43 +01:00 · 2019-12-27 19:35:43 +01:00 · 54f45d0471
commit 54f45d0471
parent 136c0a5495
46 changed files with 2588 additions and 1770 deletions
--- a/crypto/message_test.go
+++ b/crypto/message_test.go
@ -4,48 +4,47 @@ import (
 	"bytes"
 	"encoding/base64"
 	"io"
-	"strings"
 	"testing"

 	"github.com/stretchr/testify/assert"
 	"golang.org/x/crypto/openpgp/packet"
 )

-func TestTextMessageEncryptionWithSymmetricKey(t *testing.T) {
+func TestTextMessageEncryptionWithPassword(t *testing.T) {
 	var message = NewPlainMessageFromString("The secret code is... 1, 2, 3, 4, 5")

 	// Encrypt data with password
-	encrypted, err := testSymmetricKey.Encrypt(message)
+	encrypted, err := EncryptMessageWithPassword(message, testSymmetricKey)
 	if err != nil {
 		t.Fatal("Expected no error when encrypting, got:", err)
 	}
 	// Decrypt data with wrong password
-	_, err = testWrongSymmetricKey.Decrypt(encrypted)
+	_, err = DecryptMessageWithPassword(encrypted, []byte("Wrong password"))
 	assert.NotNil(t, err)

 	// Decrypt data with the good password
-	decrypted, err := testSymmetricKey.Decrypt(encrypted)
+	decrypted, err := DecryptMessageWithPassword(encrypted, testSymmetricKey)
 	if err != nil {
 		t.Fatal("Expected no error when decrypting, got:", err)
 	}
 	assert.Exactly(t, message.GetString(), decrypted.GetString())
 }

-func TestBinaryMessageEncryptionWithSymmetricKey(t *testing.T) {
+func TestBinaryMessageEncryptionWithPassword(t *testing.T) {
 	binData, _ := base64.StdEncoding.DecodeString("ExXmnSiQ2QCey20YLH6qlLhkY3xnIBC1AwlIXwK/HvY=")
 	var message = NewPlainMessage(binData)

 	// Encrypt data with password
-	encrypted, err := testSymmetricKey.Encrypt(message)
+	encrypted, err := EncryptMessageWithPassword(message, testSymmetricKey)
 	if err != nil {
 		t.Fatal("Expected no error when encrypting, got:", err)
 	}
 	// Decrypt data with wrong password
-	_, err = testWrongSymmetricKey.Decrypt(encrypted)
+	_, err = DecryptMessageWithPassword(encrypted, []byte("Wrong password"))
 	assert.NotNil(t, err)

 	// Decrypt data with the good password
-	decrypted, err := testSymmetricKey.Decrypt(encrypted)
+	decrypted, err := DecryptMessageWithPassword(encrypted, testSymmetricKey)
 	if err != nil {
 		t.Fatal("Expected no error when decrypting, got:", err)
 	}
@ -55,21 +54,12 @@ func TestBinaryMessageEncryptionWithSymmetricKey(t *testing.T) {
 func TestTextMessageEncryption(t *testing.T) {
 	var message = NewPlainMessageFromString("plain text")

-	testPublicKeyRing, _ = BuildKeyRingArmored(readTestFile("keyring_publicKey", false))
-	testPrivateKeyRing, err = BuildKeyRingArmored(readTestFile("keyring_privateKey", false))
-
-	// Password defined in keyring_test
-	err = testPrivateKeyRing.UnlockWithPassphrase(testMailboxPassword)
-	if err != nil {
-		t.Fatal("Expected no error unlocking privateKey, got:", err)
-	}
-
-	ciphertext, err := testPublicKeyRing.Encrypt(message, testPrivateKeyRing)
+	ciphertext, err := keyRingTestPublic.Encrypt(message, keyRingTestPrivate)
 	if err != nil {
 		t.Fatal("Expected no error when encrypting, got:", err)
 	}

-	decrypted, err := testPrivateKeyRing.Decrypt(ciphertext, testPublicKeyRing, GetUnixTime())
+	decrypted, err := keyRingTestPrivate.Decrypt(ciphertext, keyRingTestPublic, GetUnixTime())
 	if err != nil {
 		t.Fatal("Expected no error when decrypting, got:", err)
 	}
@ -80,28 +70,19 @@ func TestBinaryMessageEncryption(t *testing.T) {
 	binData, _ := base64.StdEncoding.DecodeString("ExXmnSiQ2QCey20YLH6qlLhkY3xnIBC1AwlIXwK/HvY=")
 	var message = NewPlainMessage(binData)

-	testPublicKeyRing, _ = BuildKeyRingArmored(readTestFile("keyring_publicKey", false))
-	testPrivateKeyRing, err = BuildKeyRingArmored(readTestFile("keyring_privateKey", false))
-
-	// Password defined in keyring_test
-	err = testPrivateKeyRing.UnlockWithPassphrase(testMailboxPassword)
-	if err != nil {
-		t.Fatal("Expected no error unlocking privateKey, got:", err)
-	}
-
-	ciphertext, err := testPublicKeyRing.Encrypt(message, testPrivateKeyRing)
+	ciphertext, err := keyRingTestPublic.Encrypt(message, keyRingTestPrivate)
 	if err != nil {
 		t.Fatal("Expected no error when encrypting, got:", err)
 	}

-	decrypted, err := testPrivateKeyRing.Decrypt(ciphertext, testPublicKeyRing, GetUnixTime())
+	decrypted, err := keyRingTestPrivate.Decrypt(ciphertext, keyRingTestPublic, GetUnixTime())
 	if err != nil {
 		t.Fatal("Expected no error when decrypting, got:", err)
 	}
 	assert.Exactly(t, message.GetBinary(), decrypted.GetBinary())

 	// Decrypt without verifying
-	decrypted, err = testPrivateKeyRing.Decrypt(ciphertext, nil, 0)
+	decrypted, err = keyRingTestPrivate.Decrypt(ciphertext, nil, 0)
 	if err != nil {
 		t.Fatal("Expected no error when decrypting, got:", err)
 	}
@ -109,29 +90,40 @@ func TestBinaryMessageEncryption(t *testing.T) {
 }

 func TestIssue11(t *testing.T) {
-	myKeyring, err := BuildKeyRingArmored(readTestFile("issue11_privatekey", false))
+	var issue11Password = []byte("1234")
+
+	issue11Key, err := NewKeyFromArmored(readTestFile("issue11_privatekey", false))
+	if err != nil {
+		t.Fatal("Expected no error while unarmoring private keyring, got:", err)
+	}
+
+	issue11Key, err = issue11Key.Unlock(issue11Password)
+	if err != nil {
+		t.Fatal("Expected no error while unlocking private key, got:", err)
+	}
+
+	issue11Keyring, err := NewKeyRing(issue11Key)
 	if err != nil {
 		t.Fatal("Expected no error while bulding private keyring, got:", err)
 	}

-	err = myKeyring.UnlockWithPassphrase("1234");
+	senderKey, err := NewKeyFromArmored(readTestFile("issue11_publickey", false))
 	if err != nil {
-		t.Fatal("Expected no error while unlocking private keyring, got:", err)
+		t.Fatal("Expected no error while unarmoring public keyring, got:", err)
 	}
+	assert.Exactly(t, "643b3595e6ee4fdf", senderKey.GetHexKeyID())

-	senderKeyring, err := BuildKeyRingArmored(readTestFile("issue11_publickey", false))
+	senderKeyring, err := NewKeyRing(senderKey)
 	if err != nil {
 		t.Fatal("Expected no error while building public keyring, got:", err)
 	}

-	assert.Exactly(t, []uint64{0x643b3595e6ee4fdf}, senderKeyring.KeyIds())
-
 	pgpMessage, err := NewPGPMessageFromArmored(readTestFile("issue11_message", false))
 	if err != nil {
 		t.Fatal("Expected no error while unlocking private keyring, got:", err)
 	}

-	plainMessage, err := myKeyring.Decrypt(pgpMessage, senderKeyring, 0)
+	plainMessage, err := issue11Keyring.Decrypt(pgpMessage, senderKeyring, 0)
 	if err != nil {
 		t.Fatal("Expected no error while decrypting/verifying, got:", err)
 	}
@ -140,20 +132,12 @@ func TestIssue11(t *testing.T) {
 }

 func TestSignedMessageDecryption(t *testing.T) {
-	testPrivateKeyRing, err = BuildKeyRingArmored(readTestFile("keyring_privateKey", false))
-
-	// Password defined in keyring_test
-	err = testPrivateKeyRing.UnlockWithPassphrase(testMailboxPassword)
-	if err != nil {
-		t.Fatal("Expected no error unlocking privateKey, got:", err)
-	}
-
 	pgpMessage, err := NewPGPMessageFromArmored(readTestFile("message_signed", false))
 	if err != nil {
 		t.Fatal("Expected no error when unarmoring, got:", err)
 	}

-	decrypted, err := testPrivateKeyRing.Decrypt(pgpMessage, nil, 0)
+	decrypted, err := keyRingTestPrivate.Decrypt(pgpMessage, nil, 0)
 	if err != nil {
 		t.Fatal("Expected no error when decrypting, got:", err)
 	}
@ -162,24 +146,9 @@ func TestSignedMessageDecryption(t *testing.T) {

 func TestMultipleKeyMessageEncryption(t *testing.T) {
 	var message = NewPlainMessageFromString("plain text")
+	assert.Exactly(t, 3, len(keyRingTestMultiple.entities))

-	testPublicKeyRing, _ = BuildKeyRingArmored(readTestFile("keyring_publicKey", false))
-	err = testPublicKeyRing.ReadFrom(strings.NewReader(readTestFile("mime_publicKey", false)), true)
-	if err != nil {
-		t.Fatal("Expected no error adding second public key, got:", err)
-	}
-
-	assert.Exactly(t, 2, len(testPublicKeyRing.entities))
-
-	testPrivateKeyRing, err = BuildKeyRingArmored(readTestFile("keyring_privateKey", false))
-
-	// Password defined in keyring_test
-	err = testPrivateKeyRing.UnlockWithPassphrase(testMailboxPassword)
-	if err != nil {
-		t.Fatal("Expected no error unlocking privateKey, got:", err)
-	}
-
-	ciphertext, err := testPublicKeyRing.Encrypt(message, testPrivateKeyRing)
+	ciphertext, err := keyRingTestMultiple.Encrypt(message, keyRingTestPrivate)
 	if err != nil {
 		t.Fatal("Expected no error when encrypting, got:", err)
 	}
@ -189,17 +158,15 @@ func TestMultipleKeyMessageEncryption(t *testing.T) {
 	for {
 		var p packet.Packet
 		if p, err = packets.Next(); err == io.EOF {
-			err = nil
 			break
 		}
-		switch p.(type) {
-			case *packet.EncryptedKey:
-				numKeyPackets++
+		if _, ok := p.(*packet.EncryptedKey); ok {
+			numKeyPackets++
 		}
 	}
-	assert.Exactly(t, 2, numKeyPackets)
+	assert.Exactly(t, 3, numKeyPackets)

-	decrypted, err := testPrivateKeyRing.Decrypt(ciphertext, testPublicKeyRing, GetUnixTime())
+	decrypted, err := keyRingTestPrivate.Decrypt(ciphertext, keyRingTestPublic, GetUnixTime())
 	if err != nil {
 		t.Fatal("Expected no error when decrypting, got:", err)
 	}