diff --git a/.gitignore b/.gitignore index b0b0e3a..21657f8 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,4 @@ vendor *.out *.html reports +.idea diff --git a/crypto/attachment.go b/crypto/attachment.go index b04ac68..8f1da17 100644 --- a/crypto/attachment.go +++ b/crypto/attachment.go @@ -2,6 +2,7 @@ package crypto import ( "bytes" + "fmt" "io" "io/ioutil" "runtime" @@ -123,7 +124,10 @@ func (pm *PmCrypto) DecryptAttachment(keyPacket []byte, dataPacket []byte, kr *K privKeyEntries := kr.entities - kr.Unlock([]byte(passphrase)) + if err := kr.Unlock([]byte(passphrase)); err != nil { + err = fmt.Errorf("pm-crypto: cannot decrypt attachment: %v", err) + return nil, err + } keyReader := bytes.NewReader(keyPacket) dataReader := bytes.NewReader(dataPacket) diff --git a/crypto/key.go b/crypto/key.go index 2182290..40c357d 100644 --- a/crypto/key.go +++ b/crypto/key.go @@ -192,22 +192,23 @@ func SeparateKeyAndData(kr *KeyRing, r io.Reader, estimatedLength int, garbageCo } outSplit.DataPacket = symEncryptedData - break - } } if decryptErr != nil { err = fmt.Errorf("pm-crypto: cannot decrypt encrypted key packet: %v", decryptErr) - return + return nil, err } if ek == nil { err = errors.New("pm-crypto: packets don't include an encrypted key packet") - return + return nil, err } if kr == nil { var buf bytes.Buffer - ek.Serialize(&buf) + if err := ek.Serialize(&buf); err != nil { + err = fmt.Errorf("pm-crypto: cannot serialize encrypted key: %v", err) + return nil, err + } outSplit.KeyPacket = buf.Bytes() } else { key := newSymmetricKey(ek) diff --git a/crypto/keyring.go b/crypto/keyring.go index 5de8acf..6399e02 100644 --- a/crypto/keyring.go +++ b/crypto/keyring.go @@ -527,6 +527,9 @@ func (pm *PmCrypto) BuildKeyRingNoError(binKeys []byte) (kr *KeyRing) { // BuildKeyRingArmored reads armored string and returns keyring func (pm *PmCrypto) BuildKeyRingArmored(key string) (kr *KeyRing, err error) { keyRaw, err := armorUtils.Unarmor(key) + if err != nil { + return nil, err + } keyReader := bytes.NewReader(keyRaw) keyEntries, err := openpgp.ReadKeyRing(keyReader) return &KeyRing{entities: keyEntries}, err diff --git a/crypto/message.go b/crypto/message.go index 48b2299..aa567a7 100644 --- a/crypto/message.go +++ b/crypto/message.go @@ -3,6 +3,7 @@ package crypto import ( "bytes" "errors" + "fmt" "io" "io/ioutil" "math" @@ -59,7 +60,10 @@ func (pm *PmCrypto) DecryptMessage(encryptedText string, privateKey *KeyRing, pa func decryptCore(encryptedText string, additionalEntries openpgp.EntityList, privKey *KeyRing, passphrase string, timeFunc func() time.Time) (*openpgp.MessageDetails, error) { rawPwd := []byte(passphrase) - privKey.Unlock(rawPwd) + if err := privKey.Unlock(rawPwd); err != nil { + err = fmt.Errorf("pm-crypto: cannot decrypt passphrase: %v", err) + return nil, err + } privKeyEntries := privKey.entities for _, entity := range privKey.entities { diff --git a/crypto/session.go b/crypto/session.go index 4dfb697..2203e41 100644 --- a/crypto/session.go +++ b/crypto/session.go @@ -46,9 +46,6 @@ func (pm *PmCrypto) GetSessionFromKeyPacket(keyPackage []byte, privateKey *KeyRi ek := p.(*packet.EncryptedKey) - if err != nil { - return nil, err - } rawPwd := []byte(passphrase) var decryptErr error for _, key := range privateKey.entities.DecryptionKeys() { diff --git a/key/key.go b/key/key.go index d00b8f5..f37b508 100644 --- a/key/key.go +++ b/key/key.go @@ -51,7 +51,9 @@ func PublicKey(privateKey string) (string, error) { var outBuf bytes.Buffer for _, e := range entries { - e.Serialize(&outBuf) + if err := e.Serialize(&outBuf); err != nil { + return "", err + } } outString, err := armor.ArmorWithType(outBuf.Bytes(), constants.PublicKeyHeader) @@ -72,7 +74,9 @@ func PublicKeyBinOut(privateKey string) ([]byte, error) { var outBuf bytes.Buffer for _, e := range entries { - e.Serialize(&outBuf) + if err := e.Serialize(&outBuf); err != nil { + return nil, err + } } return outBuf.Bytes(), nil