Merge branch 'fix/new-go-crypto' into 'master'

Fix for new go crypto See merge request ProtonMail/go-pm-crypto!9
2019-05-01 15:47:17 +00:00 · 2019-05-01 15:47:17 +00:00 · 5a5fe05f53
commit 5a5fe05f53
parent 99c48c2e4e 388b564874
6 changed files with 32 additions and 11 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -0,0 +1,22 @@
+variables:
+  # Please edit to your GitLab project
+  REPO_NAME: github.com/ProtonMail/go-pm-crypto
+
+before_script:
+    - 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )'
+    - eval $(ssh-agent -s)
+    - echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add - > /dev/null
+    - export PATH=/opt/local/bin:$PATH
+    - mkdir -p $GOPATH/src/$(dirname $REPO_NAME)
+    - ln -svf $CI_PROJECT_DIR $GOPATH/src/$REPO_NAME
+    - cd $GOPATH/src/$REPO_NAME
+    - glide install
+
+stages:
+    - test
+
+test-all:
+    stage: test
+    image: gitlab.protontech.ch:4567/protonmail/import-export/linux
+    script:
+        - go test ./...
--- a/crypto/attachment.go
+++ b/crypto/attachment.go
@ -75,14 +75,13 @@ func (pm *PmCrypto) encryptAttachment(estimatedSize int, fileName string, public
 	var ew io.WriteCloser
 	var encryptErr error
 	ew, encryptErr = openpgp.Encrypt(writer, publicKey.entities, nil, hints, config)
+	if encryptErr != nil {
+		return nil, encryptErr
+	}
 	attachmentProc.w = &ew
 	attachmentProc.pipe = writer
-	if attachmentProc.err != nil {
-		attachmentProc.err = encryptErr
-	}

 	return attachmentProc, nil
-
 }

 // Use: ios/android only
--- a/crypto/key.go
+++ b/crypto/key.go
@ -320,7 +320,7 @@ func (pm *PmCrypto) IsKeyExpiredBin(publicKey []byte) (bool, error) {
 			if subkey.Sig.FlagsValid &&
 				subkey.Sig.FlagEncryptCommunications &&
 				subkey.PublicKey.PubKeyAlgo.CanEncrypt() &&
-				!subkey.Sig.KeyExpired(now) &&
+				!subkey.PublicKey.KeyExpired(subkey.Sig, now) &&
 				(maxTime.IsZero() || subkey.Sig.CreationTime.After(maxTime)) {
 				candidateSubkey = i
 				maxTime = subkey.Sig.CreationTime
@ -349,7 +349,7 @@ func (pm *PmCrypto) IsKeyExpiredBin(publicKey []byte) (bool, error) {
 			i := firstIdentity
 			if !i.SelfSignature.FlagsValid || i.SelfSignature.FlagEncryptCommunications &&
 				e.PrimaryKey.PubKeyAlgo.CanEncrypt() &&
-				!i.SelfSignature.KeyExpired(now) {
+				!e.PrimaryKey.KeyExpired(i.SelfSignature, now) {
 				return false, nil
 			}
 		}
--- a/crypto/keyring.go
+++ b/crypto/keyring.go
@ -639,7 +639,7 @@ func FilterExpiredKeys(contactKeys []*KeyRing) (filteredKeys []*KeyRing, err err
 			hasExpired := false
 			hasUnexpired := false
 			for _, subkey := range entity.Subkeys {
-				if subkey.Sig.KeyExpired(now) {
+				if subkey.PublicKey.KeyExpired(subkey.Sig, now) {
 					hasExpired = true
 				} else {
 					hasUnexpired = true
--- a/crypto/message.go
+++ b/crypto/message.go
@ -140,8 +140,8 @@ func processSignatureExpiration(md *openpgp.MessageDetails, verifyTime int64) {
 		if verifyTime > 0 {
 			created := md.Signature.CreationTime.Unix()
 			expires := int64(math.MaxInt64)
-			if md.Signature.KeyLifetimeSecs != nil {
-				expires = int64(*md.Signature.KeyLifetimeSecs) + created
+			if md.Signature.SigLifetimeSecs != nil {
+				expires = int64(*md.Signature.SigLifetimeSecs) + created
 			}
 			if created-internal.CreationTimeOffset <= verifyTime && verifyTime <= expires {
 				md.SignatureError = nil
--- a/glide.lock
+++ b/glide.lock
@ -4,7 +4,7 @@ imports:
 - name: github.com/Sirupsen/logrus
  version: 3791101e143bf0f32515ac23e831475684f61229
 - name: golang.org/x/crypto
-  version: 25f88b74191b57d090d6d7cffaea61a9046393f4
+  version: efb430e751f2f00d8d9aedb254fc14ef76954880
  repo: https://github.com/ProtonMail/crypto.git
  subpackages:
  - bitcurves
@ -43,6 +43,6 @@ imports:
  - encoding/internal/identifier
  - transform
 - name: github.com/ProtonMail/go-pm-mime
-  version: 56f1d379d824060de4ae591dadf54bbbe4b47f08
+  version: dc270ae56b61837aa404c828a14b8ea731167ac0
  repo: https://gitlab.protontech.ch/ProtonMail/go-pm-mime.git
 testImports: []