e65ed17b41
* Refactor library, remove duplicates * Rebuild structure to use Messages and Signature models * Use PGPSplitMessage * Remove signature model * Various fixes * Add helpers with tests * Fixes, add some docs, add tests * Add attachment helpers * Add helpers Symmetric encryption * Edit docs + examples * Rename kr to keyRing * Various fixes for documentation * Edit JSON handling functions, add decrypt keyring via token * Add proposal changes doc * Fix CI * Drop *Message functions, join CleartextMessage and BinaryMessage * Change canonicalization and trimming only to text signatures * Add cleartextsignature, detach signature from message model, move helpers * Documentation, remove optional parameters * Move verification to separate model * Don't return message in VerifyDetached * Update table of contents in readme * Appease golint * Run go fmt * Rename Encrypt/DecryptMessageWithPassword to ..WithToken These functions shouldn't be used with user-provided passwords, as they don't do any key-stretching. * Change key generation usernames
104 lines
3.5 KiB
Go
104 lines
3.5 KiB
Go
package crypto
|
|
|
|
import (
|
|
"encoding/base64"
|
|
"strings"
|
|
"testing"
|
|
|
|
"github.com/ProtonMail/gopenpgp/constants"
|
|
"github.com/stretchr/testify/assert"
|
|
)
|
|
|
|
func TestTextMessageEncryptionWithSymmetricKey(t *testing.T) {
|
|
var message = NewPlainMessageFromString("The secret code is... 1, 2, 3, 4, 5")
|
|
|
|
// Encrypt data with password
|
|
encrypted, err := testSymmetricKey.Encrypt(message)
|
|
if err != nil {
|
|
t.Fatal("Expected no error when encrypting, got:", err)
|
|
}
|
|
// Decrypt data with wrong password
|
|
_, err = testWrongSymmetricKey.Decrypt(encrypted)
|
|
assert.NotNil(t, err)
|
|
|
|
// Decrypt data with the good password
|
|
decrypted, err := testSymmetricKey.Decrypt(encrypted)
|
|
if err != nil {
|
|
t.Fatal("Expected no error when decrypting, got:", err)
|
|
}
|
|
assert.Exactly(t, message.GetString(), decrypted.GetString())
|
|
}
|
|
|
|
func TestBinaryMessageEncryptionWithSymmetricKey(t *testing.T) {
|
|
binData, _ := base64.StdEncoding.DecodeString("ExXmnSiQ2QCey20YLH6qlLhkY3xnIBC1AwlIXwK/HvY=")
|
|
var message = NewPlainMessage(binData)
|
|
|
|
// Encrypt data with password
|
|
encrypted, err := testSymmetricKey.Encrypt(message)
|
|
if err != nil {
|
|
t.Fatal("Expected no error when encrypting, got:", err)
|
|
}
|
|
// Decrypt data with wrong password
|
|
_, err = testWrongSymmetricKey.Decrypt(encrypted)
|
|
assert.NotNil(t, err)
|
|
|
|
// Decrypt data with the good password
|
|
decrypted, err := testSymmetricKey.Decrypt(encrypted)
|
|
if err != nil {
|
|
t.Fatal("Expected no error when decrypting, got:", err)
|
|
}
|
|
assert.Exactly(t, message, decrypted)
|
|
}
|
|
|
|
func TestTextMessageEncryption(t *testing.T) {
|
|
var message = NewPlainMessageFromString("plain text")
|
|
|
|
testPublicKeyRing, _ = ReadArmoredKeyRing(strings.NewReader(readTestFile("keyring_publicKey", false)))
|
|
testPrivateKeyRing, err = ReadArmoredKeyRing(strings.NewReader(readTestFile("keyring_privateKey", false)))
|
|
|
|
// Password defined in keyring_test
|
|
err = testPrivateKeyRing.UnlockWithPassphrase(testMailboxPassword)
|
|
if err != nil {
|
|
t.Fatal("Expected no error unlocking privateKey, got:", err)
|
|
}
|
|
|
|
ciphertext, err := testPublicKeyRing.Encrypt(message, testPrivateKeyRing)
|
|
if err != nil {
|
|
t.Fatal("Expected no error when encrypting, got:", err)
|
|
}
|
|
|
|
decrypted, ver, err := testPrivateKeyRing.Decrypt(ciphertext, testPublicKeyRing, pgp.GetUnixTime())
|
|
if err != nil {
|
|
t.Fatal("Expected no error when decrypting, got:", err)
|
|
}
|
|
assert.Exactly(t, message.GetString(), decrypted.GetString())
|
|
assert.Exactly(t, constants.SIGNATURE_OK, ver.GetVerification())
|
|
assert.Exactly(t, true, ver.IsValid())
|
|
}
|
|
|
|
func TestBinaryMessageEncryption(t *testing.T) {
|
|
binData, _ := base64.StdEncoding.DecodeString("ExXmnSiQ2QCey20YLH6qlLhkY3xnIBC1AwlIXwK/HvY=")
|
|
var message = NewPlainMessage(binData)
|
|
|
|
testPublicKeyRing, _ = ReadArmoredKeyRing(strings.NewReader(readTestFile("keyring_publicKey", false)))
|
|
testPrivateKeyRing, err = ReadArmoredKeyRing(strings.NewReader(readTestFile("keyring_privateKey", false)))
|
|
|
|
// Password defined in keyring_test
|
|
err = testPrivateKeyRing.UnlockWithPassphrase(testMailboxPassword)
|
|
if err != nil {
|
|
t.Fatal("Expected no error unlocking privateKey, got:", err)
|
|
}
|
|
|
|
ciphertext, err := testPublicKeyRing.Encrypt(message, testPrivateKeyRing)
|
|
if err != nil {
|
|
t.Fatal("Expected no error when encrypting, got:", err)
|
|
}
|
|
|
|
decrypted, ver, err := testPrivateKeyRing.Decrypt(ciphertext, testPublicKeyRing, pgp.GetUnixTime())
|
|
if err != nil {
|
|
t.Fatal("Expected no error when decrypting, got:", err)
|
|
}
|
|
assert.Exactly(t, message.GetBinary(), decrypted.GetBinary())
|
|
assert.Exactly(t, constants.SIGNATURE_OK, ver.GetVerification())
|
|
assert.Exactly(t, true, ver.IsValid())
|
|
}
|