diff --git a/attachment.go b/attachment.go index f26d510..8e416a2 100644 --- a/attachment.go +++ b/attachment.go @@ -27,7 +27,11 @@ func (o *OpenPGP) EncryptAttachmentBinKey(plainData []byte, fileName string, pub hints := &openpgp.FileHints{ FileName: fileName, } - config := &packet.Config{DefaultCipher: packet.CipherAES256} + + config := &packet.Config{ + DefaultCipher: packet.CipherAES256, + Time: o.getTimeGenerator(), + } ew, err := openpgp.Encrypt(w, pubKeyEntries, nil, hints, config) @@ -82,7 +86,9 @@ func (o *OpenPGP) DecryptAttachmentBinKey(keyPacket []byte, dataPacket []byte, p encryptedReader := io.MultiReader(keyReader, dataReader) - md, err := openpgp.ReadMessage(encryptedReader, privKeyEntries, nil, nil) + config := &packet.Config{ Time: o.getTimeGenerator() } + + md, err := openpgp.ReadMessage(encryptedReader, privKeyEntries, nil, config) if err != nil { return nil, err } @@ -114,7 +120,9 @@ func (o *OpenPGP) EncryptAttachmentWithPassword(plainData []byte, password strin return "", err } - plaintext, err := openpgp.SymmetricallyEncrypt(w, []byte(password), nil, nil) + config := &packet.Config{ Time: o.getTimeGenerator() } + + plaintext, err := openpgp.SymmetricallyEncrypt(w, []byte(password), nil, config) if err != nil { return "", err } @@ -143,7 +151,9 @@ func (o *OpenPGP) DecryptAttachmentWithPassword(keyPacket []byte, dataPacket []b return []byte(password), nil } - md, err := openpgp.ReadMessage(encryptedReader, nil, prompt, nil) + config := &packet.Config{ Time: o.getTimeGenerator() } + + md, err := openpgp.ReadMessage(encryptedReader, nil, prompt, config) if err != nil { return nil, err } diff --git a/key.go b/key.go index b127e52..9ff7e9d 100644 --- a/key.go +++ b/key.go @@ -155,14 +155,11 @@ func (o *OpenPGP) generateKey(userName string, domain string, passphrase string, } comments := "" - timeNow := func() time.Time { - return o.getNow() - } cfg := &packet.Config{ Algorithm: packet.PubKeyAlgoRSA, RSABits: bits, - Time: timeNow, + Time: o.getTimeGenerator(), DefaultHash: crypto.SHA256, DefaultCipher: packet.CipherAES256, } diff --git a/message.go b/message.go index 2c2166e..a8cf20a 100644 --- a/message.go +++ b/message.go @@ -54,7 +54,9 @@ func (o *OpenPGP) DecryptMessageBinKey(encryptedText string, privateKey []byte, } } - md, err := openpgp.ReadMessage(encryptedio.Body, privKeyEntries, nil, nil) + config := &packet.Config{ Time: o.getTimeGenerator() } + + md, err := openpgp.ReadMessage(encryptedio.Body, privKeyEntries, nil, config) if err != nil { return "", err } @@ -163,7 +165,7 @@ func (o *OpenPGP) decryptMessageVerifyAllBin(encryptedText string, veriferKey [] return nil, err } - config := &packet.Config{} + config := &packet.Config{ Time: o.getTimeGenerator() } if verifyTime > 0 { tm := time.Unix(verifyTime, 0) config.Time = func() time.Time { @@ -269,7 +271,7 @@ func (o *OpenPGP) EncryptMessageBinKey(plainText string, publicKey []byte, priva } } - config := &packet.Config{DefaultCipher: packet.CipherAES256} + config := &packet.Config{DefaultCipher: packet.CipherAES256, Time: o.getTimeGenerator() } ew, err := openpgp.Encrypt(w, pubKeyEntries, signEntity, nil, config) @@ -290,7 +292,8 @@ func (o *OpenPGP) EncryptMessageWithPassword(plainText string, password string) return "", err } - plaintext, err := openpgp.SymmetricallyEncrypt(w, []byte(password), nil, nil) + config := &packet.Config{ Time: o.getTimeGenerator() } + plaintext, err := openpgp.SymmetricallyEncrypt(w, []byte(password), nil, config) if err != nil { return "", err } @@ -321,7 +324,8 @@ func (o *OpenPGP) DecryptMessageWithPassword(encrypted string, password string) return []byte(password), nil } - md, err := openpgp.ReadMessage(encryptedio.Body, nil, prompt, nil) + config := &packet.Config{ Time: o.getTimeGenerator() } + md, err := openpgp.ReadMessage(encryptedio.Body, nil, prompt, config) if err != nil { return "", err } diff --git a/openpgp.go b/openpgp.go index d9619ef..f812722 100644 --- a/openpgp.go +++ b/openpgp.go @@ -1,11 +1,14 @@ package pm +import "time" + // OpenPGP structure to manage mutiple address keys and user keys type OpenPGP struct { addresses []*Address //latestServerTime unix time cache latestServerTime int64 + latestClientTime time.Time } // //AddAddress add a new address to key ring diff --git a/sign_detached.go b/sign_detached.go index e05bbe0..0d1be7c 100644 --- a/sign_detached.go +++ b/sign_detached.go @@ -52,7 +52,7 @@ func (o *OpenPGP) SignTextDetached(plainText string, privateKey string, passphra return "", errors.New("cannot sign message, signer key is not unlocked") } - config := &packet.Config{DefaultCipher: packet.CipherAES256} + config := &packet.Config{DefaultCipher: packet.CipherAES256, Time: o.getTimeGenerator() } att := strings.NewReader(plainText) @@ -97,7 +97,7 @@ func (o *OpenPGP) SignTextDetachedBinKey(plainText string, privateKey []byte, pa return "", errors.New("cannot sign message, singer key is not unlocked") } - config := &packet.Config{DefaultCipher: packet.CipherAES256} + config := &packet.Config{DefaultCipher: packet.CipherAES256, Time: o.getTimeGenerator() } att := strings.NewReader(plainText) @@ -138,7 +138,7 @@ func (o *OpenPGP) SignBinDetached(plainData []byte, privateKey string, passphras return "", errors.New("cannot sign message, singer key is not unlocked") } - config := &packet.Config{DefaultCipher: packet.CipherAES256} + config := &packet.Config{DefaultCipher: packet.CipherAES256, Time: o.getTimeGenerator() } att := bytes.NewReader(plainData) @@ -179,7 +179,7 @@ func (o *OpenPGP) SignBinDetachedBinKey(plainData []byte, privateKey []byte, pas return "", errors.New("cannot sign message, singer key is not unlocked") } - config := &packet.Config{DefaultCipher: packet.CipherAES256} + config := &packet.Config{DefaultCipher: packet.CipherAES256, Time: o.getTimeGenerator() } att := bytes.NewReader(plainData) @@ -208,7 +208,7 @@ func (o *OpenPGP) VerifyTextSignDetached(signature string, plainText string, pub origText := bytes.NewReader(bytes.NewBufferString(plainText).Bytes()) - config := &packet.Config{} + config := &packet.Config{ Time: o.getTimeGenerator() } if verifyTime > 0 { tm := time.Unix(verifyTime, 0) config.Time = func() time.Time { @@ -242,7 +242,7 @@ func (o *OpenPGP) VerifyTextSignDetachedBinKey(signature string, plainText strin signatureReader := strings.NewReader(signature) plainText = trimNewlines(plainText) origText := bytes.NewReader(bytes.NewBufferString(plainText).Bytes()) - config := &packet.Config{} + config := &packet.Config{ Time: o.getTimeGenerator() } if verifyTime > 0 { tm := time.Unix(verifyTime, 0) config.Time = func() time.Time { @@ -276,7 +276,7 @@ func (o *OpenPGP) VerifyBinSignDetached(signature string, plainData []byte, publ signatureReader := strings.NewReader(signature) origText := bytes.NewReader(plainData) - config := &packet.Config{} + config := &packet.Config{ Time: o.getTimeGenerator() } if verifyTime > 0 { tm := time.Unix(verifyTime, 0) config.Time = func() time.Time { @@ -310,7 +310,7 @@ func (o *OpenPGP) VerifyBinSignDetachedBinKey(signature string, plainData []byte origText := bytes.NewReader(plainData) - config := &packet.Config{} + config := &packet.Config{ Time: o.getTimeGenerator() } if verifyTime > 0 { tm := time.Unix(verifyTime, 0) config.Time = func() time.Time { diff --git a/time.go b/time.go index 61e0a28..458f452 100644 --- a/time.go +++ b/time.go @@ -7,18 +7,26 @@ import ( // UpdateTime update cached time func (o *OpenPGP) UpdateTime(newTime int64) { o.latestServerTime = newTime + o.latestClientTime = time.Now() } //GetTime get latest cached time func (o *OpenPGP) GetTime() int64 { - return o.latestServerTime + return o.getNow().Unix() } func (o *OpenPGP) getNow() time.Time { - - if o.latestServerTime > 0 { - return time.Unix(o.latestServerTime, 0) + if o.latestServerTime > 0 && !o.latestClientTime.IsZero() { + // Sub is monotome, it uses a monotime time clock in this case instead of the wall clock + extrapolate := int64(o.latestClientTime.Sub(time.Now()).Seconds()) + return time.Unix(o.latestServerTime + extrapolate, 0) } return time.Now() } + +func (o *OpenPGP) getTimeGenerator() func() time.Time { + return func() time.Time { + return o.getNow() + } +}