Add quick check for session key decryption (#249)

This commit adds the function QuickCheckDecrypt to the helper package. The function allows to check with high probability if a session key can decrypt a data packet given its 24-byte prefix. It only works for SEIPDv1 data packets that uses AES as a cipher.
2023-08-28 10:31:40 +02:00 · 2023-08-28 10:31:40 +02:00 · 987923f9d8
commit 987923f9d8
parent b97d994962
2 changed files with 129 additions and 0 deletions
--- a/helper/decrypt_check_test.go
+++ b/helper/decrypt_check_test.go
@ -0,0 +1,43 @@
+package helper
+
+import (
+	"encoding/hex"
+	"testing"
+
+	"github.com/ProtonMail/gopenpgp/v2/crypto"
+)
+
+const testQuickCheckSessionKey = `038c9cb9d408074e36bac22c6b90973082f86e5b01f38b787da3927000365a81`
+const testQuickCheckSessionKeyAlg = "aes256"
+const testQuickCheckDataPacket = `d2540152ab2518950f282d98d901eb93c00fb55a3bb30b3b517d6a356f57884bac6963060ebb167ffc3296e5e99ec058aeff5003a4784a0734a62861ae56d2921b9b790d50586cd21cad45e2d84ac93fb5d8af2ce6c5`
+
+func TestCheckDecrypt(t *testing.T) {
+	sessionKeyData, err := hex.DecodeString(testQuickCheckSessionKey)
+	if err != nil {
+		t.Error(err)
+	}
+	dataPacket, err := hex.DecodeString(testQuickCheckDataPacket)
+	if err != nil {
+		t.Error(err)
+	}
+	sessionKey := &crypto.SessionKey{
+		Key:  sessionKeyData,
+		Algo: testQuickCheckSessionKeyAlg,
+	}
+	ok, err := QuickCheckDecrypt(sessionKey, dataPacket[:22])
+	if err != nil {
+		t.Error(err)
+	}
+	if !ok {
+		t.Error("should be able to decrypt")
+	}
+
+	sessionKey.Key[0] += 1
+	ok, err = QuickCheckDecrypt(sessionKey, dataPacket[:22])
+	if err != nil {
+		t.Error(err)
+	}
+	if ok {
+		t.Error("should no be able to decrypt")
+	}
+}