Openpgp security update (V2) (#31)
* Change keyring unlock functionalities * Add keyring#Lock, keyring#CheckIntegrity, tests * Update helpers, fix bugs * Update go.mod with ProtonMail/crypto commit * Change key management system * Clear keys from memory + tests * Create SessionKey with direct encryption for datapackets. Move symmetrickey to password. * Fix upstream dependencies * Update module to V2, documentation * Add linter * Add v2 folder to .gitignore * Minor changes to KeyID getters * Remove old changelog * Improve docs, remove compilation script
This commit is contained in:
wussler
GitHub
parent
136c0a5495
commit
54f45d0471
46 changed files with 2588 additions and 1770 deletions
|
|
@ -3,30 +3,40 @@ package helper
|
|||
import (
|
||||
"strings"
|
||||
|
||||
"github.com/ProtonMail/gopenpgp/crypto"
|
||||
"github.com/ProtonMail/gopenpgp/internal"
|
||||
"github.com/ProtonMail/gopenpgp/v2/crypto"
|
||||
"github.com/ProtonMail/gopenpgp/v2/internal"
|
||||
)
|
||||
|
||||
// SignCleartextMessageArmored signs text given a private key and its passphrase, canonicalizes and trims the newlines,
|
||||
// and returns the PGP-compliant special armoring
|
||||
func SignCleartextMessageArmored(privateKey, passphrase, text string) (string, error) {
|
||||
signingKeyRing, err := crypto.BuildKeyRingArmored(privateKey)
|
||||
func SignCleartextMessageArmored(privateKey string, passphrase []byte, text string) (string, error) {
|
||||
signingKey, err := crypto.NewKeyFromArmored(privateKey)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
err = signingKeyRing.UnlockWithPassphrase(passphrase)
|
||||
unlockedKey, err := signingKey.Unlock(passphrase)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
return SignCleartextMessage(signingKeyRing, text)
|
||||
keyRing, err := crypto.NewKeyRing(unlockedKey)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
return SignCleartextMessage(keyRing, text)
|
||||
}
|
||||
|
||||
// VerifyCleartextMessageArmored verifies PGP-compliant armored signed plain text given the public key
|
||||
// and returns the text or err if the verification fails
|
||||
func VerifyCleartextMessageArmored(publicKey, armored string, verifyTime int64) (string, error) {
|
||||
verifyKeyRing, err := crypto.BuildKeyRingArmored(publicKey)
|
||||
signingKey, err := crypto.NewKeyFromArmored(publicKey)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
verifyKeyRing, err := crypto.NewKeyRing(signingKey)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue