diff --git a/CHANGELOG.md b/CHANGELOG.md index 09e79fc..111b85d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -88,6 +88,7 @@ EncryptSignArmoredDetachedMobile( - Hex Key IDs returned from `(key *Key) GetHexKeyID() string` are now correctly padded - Avoid panics in `(msg *PGPMessage) GetEncryptionKeyIDs() ([]uint64, bool)` by breaking the packet.next cycle on specific packet types - Prevent the server time from going backwards in `UpdateTime` +- Avoid panicking when messages with mixed symmetric/asymmetric key packets are decrypted with a password ## [2.0.1] - 2020-05-01 ### Security diff --git a/crypto/message_test.go b/crypto/message_test.go index aa55570..b3134f2 100644 --- a/crypto/message_test.go +++ b/crypto/message_test.go @@ -70,6 +70,21 @@ func TestBinaryMessageEncryptionWithPassword(t *testing.T) { assert.Exactly(t, message, decrypted) } +func TestTextMixedMessageDecryptionWithPassword(t *testing.T) { + encrypted, err := NewPGPMessageFromArmored(readTestFile("message_mixedPasswordPublic", false)) + if err != nil { + t.Fatal("Expected no error when unarmoring, got:", err) + } + + // Decrypt data with the good password + decrypted, err := DecryptMessageWithPassword(encrypted, []byte("pinata")) + if err != nil { + t.Fatal("Expected no error when decrypting, got:", err) + } + + assert.Exactly(t, readTestFile("message_mixedPasswordPublicExpected", true), decrypted.GetString()) +} + func TestTextMessageEncryption(t *testing.T) { var message = NewPlainMessageFromString("plain text") diff --git a/crypto/password.go b/crypto/password.go index 7c63f1e..9a51971 100644 --- a/crypto/password.go +++ b/crypto/password.go @@ -150,7 +150,9 @@ func passwordDecrypt(encryptedIO io.Reader, password []byte) ([]byte, error) { config := &packet.Config{ Time: getTimeGenerator(), } - md, err := openpgp.ReadMessage(encryptedIO, nil, prompt, config) + + var emptyKeyRing openpgp.EntityList + md, err := openpgp.ReadMessage(encryptedIO, emptyKeyRing, prompt, config) if err != nil { return nil, err } diff --git a/crypto/testdata/message_mixedPasswordPublic b/crypto/testdata/message_mixedPasswordPublic new file mode 100644 index 0000000..ebef4c2 --- /dev/null +++ b/crypto/testdata/message_mixedPasswordPublic @@ -0,0 +1,32 @@ +-----BEGIN PGP MESSAGE----- +Version: GopenPGP 2.0.1 +Comment: password = pinata + +wcBMA8qvclb8pUGwAQf/XTPYYr4JvanBwmEPVk7ej5dA4jIWaip0TGzCZMzgiD2A +UVsCKDSbPRHbtAS5xMWcESz1Bjwnn/3BG4kLRqiSSthI1w/1MDv126UsM+4Yo3hD +JO+J2EeUSYyXmeXHsSfZxs/Ip+oo2QQaOLvnX1SJAaDk6g4/8A2vz/0sEIGcsaJZ +sGnnUbi2YCQ09Z7hpNihaKTXWeCey3OQhRQAw8Y+tL8U+pfL2GF+kGYSv8xj250Z +nafO1BdmhvNBAcNSdqJZ8f7J3iINNOejmnyvmg854hU5m8ZSm3uYvVUS4pZsxW4Z +djni0zn+akHBhg+imiCvMClFep6a4iiKXY0GX4OB+8MuBAkDCCBAYrwoW0Oc4MiS +evR8lScfSANGprwSnJsehqLQf3N3W9nyltbhhi/+vtLCwQGiyBA9Ercz0r5Lcv7U +2bi3KovO317GDZar+O5/Hzq7nyd8rbe8U+hQMF9+Ga05Z4al2KB938qhV0LJB03u +3c07tfXvOf2whTJ2LlaSlWg2CSHSsigGGkWe25gqHN8QfEtkDnllz6h1kgcZcluf +2Tp88dcTpftPeHDHhFGe1+Vnyzc22vdZoG7Pskrd83PtkJUbmAJnkvdNeHW11oJl +POWPskyh4kdywOxcnV8qcGBZ8H1dcFnNEwMvhGPgh1pcTisUjRX+ZDzaVU8AXlkk +TeFjASY/B0Q2HvX0g+uJVzzymPxlK7mGmFe6uHo/vBGO8gxtnHy1DtJ8fVAeMF9/ +VxvK13eN9Ra5y95IcF6XEmGjgdmHUnGHbfiz/ug4suuGiJA7MWnCHSwYXzGxe6Hc +tvyHxsQcwaObdEtKtBLHc6M8Em5C89iy72sJuevx4QU9EM3ra+JSCC/3oSOsTCJy +dOI29cdAvuApVJySXFhjTDZxVhlSOlFCbMsNFpLXzK0q01jaK+algugSIMvr3XaC +PTm1GXUBhw4o6qz3apFVwg0/JrhIidrsUSmV1VOBSOsLW+RZhoyA/g4CekI6tFAx +yx+mTsRvKv+OR33QkdXWhoe7kAOM5qbAE5v0tlUaf4f7WN2w0p1YSaRovSGgig7d +NMKVGukIhB5mC2+dB1Uzr/FUHMNf1Cm4YXBiSRVXUryN8GSywBaX0Cnk1WrNTlYZ +OZifoVaBvi/dGSF4GlE9q3BQY51LTB+tWR7zJk343mXcpwC++7rRmr0C2smc/fOp +Ok+KiHDCkWdgdRRV6uBGR1j5037ytJWbB6ETLF/13p5UcZnTYTC27cSSUG0Jt+zy +xWs1HnWT6Z9CpEsW+d+W8MWuUtS7YEsLHTmd6Vf1lIT0EwRqtXOfkFJeYpvFlxOK +OINYKbhSvKFrSoOkRBtbI2YFbZLZDIgRZEc/oHdu+/O6td1203+ehxGoDyzbWYWh +8hh7MI98SQBxwiir2B+04AEdl4mC3LFIJr8HQK3He54Gf1g4Y3uvCcclB0sRnV5j +CyYRXt+eE6SXgbm8vqWmyqetM7LpKGE+Z19qbBdd+qlupWJcBZ3Bj5q4Bmufloif +LeifnA9RUVSM5rS/mTzH5A/bZegeifodX3m69kuNiYxSlzzeoVQaLURsNJVYrsli +gT9xedbgCYAJLKtf7HhaQu1TSQ== +=W7AQ +-----END PGP MESSAGE----- diff --git a/crypto/testdata/message_mixedPasswordPublicExpected b/crypto/testdata/message_mixedPasswordPublicExpected new file mode 100644 index 0000000..5b0bb63 Binary files /dev/null and b/crypto/testdata/message_mixedPasswordPublicExpected differ