lysann/passforios-gopenpgp
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'fix/server-time' into 'master'

Browse source 
Use server time as a default everywhere

See merge request ProtonMail/go-crypto-wrapper!1
This commit is contained in:
Kay Lukas 2018-07-30 23:01:32 +00:00
commit dcd96f512c
6 changed files with 47 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

18
attachment.go
View file

@ -27,7 +27,11 @@ func (o *OpenPGP) EncryptAttachmentBinKey(plainData []byte, fileName string, pub
hints := &openpgp.FileHints{
FileName: fileName,
}
config := &packet.Config{DefaultCipher: packet.CipherAES256}
config := &packet.Config{
DefaultCipher: packet.CipherAES256,
Time: o.getTimeGenerator(),
}
ew, err := openpgp.Encrypt(w, pubKeyEntries, nil, hints, config)
@ -82,7 +86,9 @@ func (o *OpenPGP) DecryptAttachmentBinKey(keyPacket []byte, dataPacket []byte, p
encryptedReader := io.MultiReader(keyReader, dataReader)
md, err := openpgp.ReadMessage(encryptedReader, privKeyEntries, nil, nil)
config := &packet.Config{ Time: o.getTimeGenerator() }
md, err := openpgp.ReadMessage(encryptedReader, privKeyEntries, nil, config)
if err != nil {
return nil, err
}
@ -114,7 +120,9 @@ func (o *OpenPGP) EncryptAttachmentWithPassword(plainData []byte, password strin
return "", err
}
plaintext, err := openpgp.SymmetricallyEncrypt(w, []byte(password), nil, nil)
config := &packet.Config{ Time: o.getTimeGenerator() }
plaintext, err := openpgp.SymmetricallyEncrypt(w, []byte(password), nil, config)
if err != nil {
return "", err
}
@ -143,7 +151,9 @@ func (o *OpenPGP) DecryptAttachmentWithPassword(keyPacket []byte, dataPacket []b
return []byte(password), nil
}
md, err := openpgp.ReadMessage(encryptedReader, nil, prompt, nil)
config := &packet.Config{ Time: o.getTimeGenerator() }
md, err := openpgp.ReadMessage(encryptedReader, nil, prompt, config)
if err != nil {
return nil, err
}

5
key.go
View file

@ -155,14 +155,11 @@ func (o *OpenPGP) generateKey(userName string, domain string, passphrase string,
}
comments := ""
timeNow := func() time.Time {
return o.getNow()
}
cfg := &packet.Config{
Algorithm: packet.PubKeyAlgoRSA,
RSABits: bits,
Time: timeNow,
Time: o.getTimeGenerator(),
DefaultHash: crypto.SHA256,
DefaultCipher: packet.CipherAES256,
}

14
message.go
View file

@ -54,7 +54,9 @@ func (o *OpenPGP) DecryptMessageBinKey(encryptedText string, privateKey []byte,
}
}
md, err := openpgp.ReadMessage(encryptedio.Body, privKeyEntries, nil, nil)
config := &packet.Config{ Time: o.getTimeGenerator() }
md, err := openpgp.ReadMessage(encryptedio.Body, privKeyEntries, nil, config)
if err != nil {
return "", err
}
@ -163,7 +165,7 @@ func (o *OpenPGP) decryptMessageVerifyAllBin(encryptedText string, veriferKey []
return nil, err
}
config := &packet.Config{}
config := &packet.Config{ Time: o.getTimeGenerator() }
if verifyTime > 0 {
tm := time.Unix(verifyTime, 0)
config.Time = func() time.Time {
@ -269,7 +271,7 @@ func (o *OpenPGP) EncryptMessageBinKey(plainText string, publicKey []byte, priva
}
}
config := &packet.Config{DefaultCipher: packet.CipherAES256}
config := &packet.Config{DefaultCipher: packet.CipherAES256, Time: o.getTimeGenerator() }
ew, err := openpgp.Encrypt(w, pubKeyEntries, signEntity, nil, config)
@ -290,7 +292,8 @@ func (o *OpenPGP) EncryptMessageWithPassword(plainText string, password string)
return "", err
}
plaintext, err := openpgp.SymmetricallyEncrypt(w, []byte(password), nil, nil)
config := &packet.Config{ Time: o.getTimeGenerator() }
plaintext, err := openpgp.SymmetricallyEncrypt(w, []byte(password), nil, config)
if err != nil {
return "", err
}
@ -321,7 +324,8 @@ func (o *OpenPGP) DecryptMessageWithPassword(encrypted string, password string)
return []byte(password), nil
}
md, err := openpgp.ReadMessage(encryptedio.Body, nil, prompt, nil)
config := &packet.Config{ Time: o.getTimeGenerator() }
md, err := openpgp.ReadMessage(encryptedio.Body, nil, prompt, config)
if err != nil {
return "", err
}

3
openpgp.go
View file

@ -1,11 +1,14 @@
package pm
import "time"
// OpenPGP structure to manage mutiple address keys and user keys
type OpenPGP struct {
addresses []*Address
//latestServerTime unix time cache
latestServerTime int64
latestClientTime time.Time
}
// //AddAddress add a new address to key ring

16
sign_detached.go
View file

@ -52,7 +52,7 @@ func (o *OpenPGP) SignTextDetached(plainText string, privateKey string, passphra
return "", errors.New("cannot sign message, signer key is not unlocked")
}
config := &packet.Config{DefaultCipher: packet.CipherAES256}
config := &packet.Config{DefaultCipher: packet.CipherAES256, Time: o.getTimeGenerator() }
att := strings.NewReader(plainText)
@ -97,7 +97,7 @@ func (o *OpenPGP) SignTextDetachedBinKey(plainText string, privateKey []byte, pa
return "", errors.New("cannot sign message, singer key is not unlocked")
}
config := &packet.Config{DefaultCipher: packet.CipherAES256}
config := &packet.Config{DefaultCipher: packet.CipherAES256, Time: o.getTimeGenerator() }
att := strings.NewReader(plainText)
@ -138,7 +138,7 @@ func (o *OpenPGP) SignBinDetached(plainData []byte, privateKey string, passphras
return "", errors.New("cannot sign message, singer key is not unlocked")
}
config := &packet.Config{DefaultCipher: packet.CipherAES256}
config := &packet.Config{DefaultCipher: packet.CipherAES256, Time: o.getTimeGenerator() }
att := bytes.NewReader(plainData)
@ -179,7 +179,7 @@ func (o *OpenPGP) SignBinDetachedBinKey(plainData []byte, privateKey []byte, pas
return "", errors.New("cannot sign message, singer key is not unlocked")
}
config := &packet.Config{DefaultCipher: packet.CipherAES256}
config := &packet.Config{DefaultCipher: packet.CipherAES256, Time: o.getTimeGenerator() }
att := bytes.NewReader(plainData)
@ -208,7 +208,7 @@ func (o *OpenPGP) VerifyTextSignDetached(signature string, plainText string, pub
origText := bytes.NewReader(bytes.NewBufferString(plainText).Bytes())
config := &packet.Config{}
config := &packet.Config{ Time: o.getTimeGenerator() }
if verifyTime > 0 {
tm := time.Unix(verifyTime, 0)
config.Time = func() time.Time {
@ -242,7 +242,7 @@ func (o *OpenPGP) VerifyTextSignDetachedBinKey(signature string, plainText strin
signatureReader := strings.NewReader(signature)
plainText = trimNewlines(plainText)
origText := bytes.NewReader(bytes.NewBufferString(plainText).Bytes())
config := &packet.Config{}
config := &packet.Config{ Time: o.getTimeGenerator() }
if verifyTime > 0 {
tm := time.Unix(verifyTime, 0)
config.Time = func() time.Time {
@ -276,7 +276,7 @@ func (o *OpenPGP) VerifyBinSignDetached(signature string, plainData []byte, publ
signatureReader := strings.NewReader(signature)
origText := bytes.NewReader(plainData)
config := &packet.Config{}
config := &packet.Config{ Time: o.getTimeGenerator() }
if verifyTime > 0 {
tm := time.Unix(verifyTime, 0)
config.Time = func() time.Time {
@ -310,7 +310,7 @@ func (o *OpenPGP) VerifyBinSignDetachedBinKey(signature string, plainData []byte
origText := bytes.NewReader(plainData)
config := &packet.Config{}
config := &packet.Config{ Time: o.getTimeGenerator() }
if verifyTime > 0 {
tm := time.Unix(verifyTime, 0)
config.Time = func() time.Time {

16
time.go
View file

@ -7,18 +7,26 @@ import (
// UpdateTime update cached time
func (o *OpenPGP) UpdateTime(newTime int64) {
o.latestServerTime = newTime
o.latestClientTime = time.Now()
}
//GetTime get latest cached time
func (o *OpenPGP) GetTime() int64 {
return o.latestServerTime
return o.getNow().Unix()
}
func (o *OpenPGP) getNow() time.Time {
if o.latestServerTime > 0 {
return time.Unix(o.latestServerTime, 0)
if o.latestServerTime > 0 && !o.latestClientTime.IsZero() {
// Sub is monotome, it uses a monotime time clock in this case instead of the wall clock
extrapolate := int64(o.latestClientTime.Sub(time.Now()).Seconds())
return time.Unix(o.latestServerTime + extrapolate, 0)
}
return time.Now()
}
func (o *OpenPGP) getTimeGenerator() func() time.Time {
return func() time.Time {
return o.getNow()
}
}