Openpgp security update (V2) (#31)

* Change keyring unlock functionalities

* Add keyring#Lock, keyring#CheckIntegrity, tests

* Update helpers, fix bugs

* Update go.mod with ProtonMail/crypto commit

* Change key management system

* Clear keys from memory + tests

* Create SessionKey with direct encryption for datapackets. Move symmetrickey to password.

* Fix upstream dependencies

* Update module to V2, documentation

* Add linter

* Add v2 folder to .gitignore

* Minor changes to KeyID getters

* Remove old changelog

* Improve docs, remove compilation script

helper/key.go

@@ -0,0 +1,48 @@
+package helper
+
+import (
+	"github.com/ProtonMail/gopenpgp/v2/crypto"
+)
+
+// UpdatePrivateKeyPassphrase decrypts the given armored privateKey with oldPassphrase,
+// re-encrypts it with newPassphrase, and returns the new armored key.
+func UpdatePrivateKeyPassphrase(
+	privateKey string,
+	oldPassphrase, newPassphrase []byte,
+) (string, error) {
+	key, err := crypto.NewKeyFromArmored(privateKey)
+	if err != nil {
+		return "", err
+	}
+
+	unlocked, err := key.Unlock(oldPassphrase)
+	if err != nil {
+		return "", err
+	}
+
+	locked, err := unlocked.Lock(newPassphrase)
+	if err != nil {
+		return "", err
+	}
+
+	unlocked.ClearPrivateParams()
+	return locked.Armor()
+}
+
+// GenerateKey generates a key of the given keyType ("rsa" or "x25519"), encrypts it, and returns an armored string.
+// If keyType is "rsa", bits is the RSA bitsize of the key.
+// If keyType is "x25519" bits is unused.
+func GenerateKey(name, email string, passphrase []byte, keyType string, bits int) (string, error) {
+	key, err := crypto.GenerateKey(name, email, keyType, bits)
+	if err != nil {
+		return "", err
+	}
+
+	locked, err := key.Lock(passphrase)
+	if err != nil {
+		return "", err
+	}
+
+	key.ClearPrivateParams()
+	return locked.Armor()
+}