Skip to content

Commit

Permalink
fix: Address rebase on version 2 issues
Browse files Browse the repository at this point in the history
  • Loading branch information
lubux committed Oct 1, 2024
1 parent c602a74 commit 0e6a359
Show file tree
Hide file tree
Showing 3 changed files with 15 additions and 49 deletions.
13 changes: 7 additions & 6 deletions openpgp/forwarding.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ package openpgp

import (
goerrors "errors"

"github.com/ProtonMail/go-crypto/openpgp/ecdh"
"github.com/ProtonMail/go-crypto/openpgp/errors"
"github.com/ProtonMail/go-crypto/openpgp/packet"
Expand Down Expand Up @@ -51,7 +52,7 @@ func (e *Entity) NewForwardingEntity(
Subkeys: []Subkey{},
}

err = forwardeeKey.addUserId(name, comment, email, config, now, keyLifetimeSecs)
err = forwardeeKey.addUserId(name, comment, email, config, now, keyLifetimeSecs, true)
if err != nil {
return nil, nil, err
}
Expand Down Expand Up @@ -91,15 +92,15 @@ func (e *Entity) NewForwardingEntity(
return nil, nil, err
}

forwardeeSubKey := forwardeeKey.Subkeys[len(forwardeeKey.Subkeys) - 1]
forwardeeSubKey := forwardeeKey.Subkeys[len(forwardeeKey.Subkeys)-1]

forwardeeEcdhKey, ok := forwardeeSubKey.PrivateKey.PrivateKey.(*ecdh.PrivateKey)
if !ok {
return nil, nil, goerrors.New("wrong forwarding sub key generation")
}

instance := packet.ForwardingInstance{
KeyVersion: 4,
KeyVersion: 4,
ForwarderFingerprint: forwarderSubKey.PublicKey.Fingerprint,
}

Expand All @@ -109,9 +110,9 @@ func (e *Entity) NewForwardingEntity(
}

kdf := ecdh.KDF{
Version: ecdh.KDFVersionForwarding,
Hash: forwarderEcdhKey.KDF.Hash,
Cipher: forwarderEcdhKey.KDF.Cipher,
Version: ecdh.KDFVersionForwarding,
Hash: forwarderEcdhKey.KDF.Hash,
Cipher: forwarderEcdhKey.KDF.Cipher,
}

// If deriving a forwarding key from a forwarding key
Expand Down
46 changes: 7 additions & 39 deletions openpgp/packet/encrypted_key.go
Original file line number Diff line number Diff line change
Expand Up @@ -410,7 +410,7 @@ func SerializeEncryptedKeyAEADwithHiddenOption(w io.Writer, pub *PublicKey, ciph

var keyBlock []byte
switch pub.PubKeyAlgo {
case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly, PubKeyAlgoElGamal, PubKeyAlgoECDH:
case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly, PubKeyAlgoElGamal, PubKeyAlgoECDH, ExperimentalPubKeyAlgoAEAD:
lenKeyBlock := len(key) + 2
if version < 6 {
lenKeyBlock += 1 // cipher type included
Expand Down Expand Up @@ -439,7 +439,7 @@ func SerializeEncryptedKeyAEADwithHiddenOption(w io.Writer, pub *PublicKey, ciph
case PubKeyAlgoX448:
return serializeEncryptedKeyX448(w, config.Random(), buf[:lenHeaderWritten], pub.PublicKey.(*x448.PublicKey), keyBlock, byte(cipherFunc), version)
case ExperimentalPubKeyAlgoAEAD:
return serializeEncryptedKeyAEAD(w, config.Random(), buf, pub.PublicKey.(*symmetric.AEADPublicKey), keyBlock, config.AEAD())
return serializeEncryptedKeyAEAD(w, config.Random(), buf[:lenHeaderWritten], pub.PublicKey.(*symmetric.AEADPublicKey), keyBlock, config.AEAD())
case PubKeyAlgoDSA, PubKeyAlgoRSASignOnly, ExperimentalPubKeyAlgoHMAC:
return errors.InvalidArgumentError("cannot encrypt to public key of type " + strconv.Itoa(int(pub.PubKeyAlgo)))
}
Expand Down Expand Up @@ -483,8 +483,9 @@ func (e *EncryptedKey) ProxyTransform(instance ForwardingInstance) (transformed
copy(copiedWrappedKey, wrappedKey)

transformed = &EncryptedKey{
KeyId: instance.getForwardeeKeyIdOrZero(e.KeyId),
Algo: e.Algo,
Version: e.Version,
KeyId: instance.getForwardeeKeyIdOrZero(e.KeyId),
Algo: e.Algo,
encryptedMPI1: encoding.NewMPI(transformedEphemeral),
encryptedMPI2: encoding.NewOID(copiedWrappedKey),
}
Expand Down Expand Up @@ -608,7 +609,7 @@ func serializeEncryptedKeyX448(w io.Writer, rand io.Reader, header []byte, pub *
return x448.EncodeFields(w, ephemeralPublicX448, ciphertext, cipherFunc, version == 6)
}

func serializeEncryptedKeyAEAD(w io.Writer, rand io.Reader, header [10]byte, pub *symmetric.AEADPublicKey, keyBlock []byte, config *AEADConfig) error {
func serializeEncryptedKeyAEAD(w io.Writer, rand io.Reader, header []byte, pub *symmetric.AEADPublicKey, keyBlock []byte, config *AEADConfig) error {
mode := algorithm.AEADMode(config.Mode())
iv, ciphertextRaw, err := pub.Encrypt(rand, keyBlock, mode)
if err != nil {
Expand All @@ -620,7 +621,7 @@ func serializeEncryptedKeyAEAD(w io.Writer, rand io.Reader, header [10]byte, pub
buffer := append([]byte{byte(mode)}, iv...)
buffer = append(buffer, ciphertextShortByteString.EncodedBytes()...)

packetLen := 10 /* header length */
packetLen := len(header) /* header length */
packetLen += int(len(buffer))

err = serializeHeader(w, packetTypeEncryptedKey, packetLen)
Expand All @@ -637,60 +638,27 @@ func serializeEncryptedKeyAEAD(w io.Writer, rand io.Reader, header [10]byte, pub
return err
}

<<<<<<< HEAD
func checksumKeyMaterial(key []byte) uint16 {
var checksum uint16
for _, v := range key {
checksum += uint16(v)
=======
func (e *EncryptedKey) ProxyTransform(instance ForwardingInstance) (transformed *EncryptedKey, err error) {
if e.Algo != PubKeyAlgoECDH {
return nil, errors.InvalidArgumentError("invalid PKESK")
>>>>>>> edf1961 (Use fingerprints instead of KeyIDs)
}
return checksum
}

<<<<<<< HEAD
func decodeChecksumKey(msg []byte) (key []byte, err error) {
key = msg[:len(msg)-2]
expectedChecksum := uint16(msg[len(msg)-2])<<8 | uint16(msg[len(msg)-1])
checksum := checksumKeyMaterial(key)
if checksum != expectedChecksum {
err = errors.StructuralError("session key checksum is incorrect")
=======
if e.KeyId != 0 && e.KeyId != instance.GetForwarderKeyId() {
return nil, errors.InvalidArgumentError("invalid key id in PKESK")
>>>>>>> edf1961 (Use fingerprints instead of KeyIDs)
}
return
}

<<<<<<< HEAD
func encodeChecksumKey(buffer []byte, key []byte) {
copy(buffer, key)
checksum := checksumKeyMaterial(key)
buffer[len(key)] = byte(checksum >> 8)
buffer[len(key)+1] = byte(checksum)
}
=======
ephemeral := e.encryptedMPI1.Bytes()
transformedEphemeral, err := ecdh.ProxyTransform(ephemeral, instance.ProxyParameter)
if err != nil {
return nil, err
}

wrappedKey := e.encryptedMPI2.Bytes()
copiedWrappedKey := make([]byte, len(wrappedKey))
copy(copiedWrappedKey, wrappedKey)

transformed = &EncryptedKey{
KeyId: instance.getForwardeeKeyIdOrZero(e.KeyId),
Algo: e.Algo,
encryptedMPI1: encoding.NewMPI(transformedEphemeral),
encryptedMPI2: encoding.NewOID(copiedWrappedKey),
}

return transformed, nil
}
>>>>>>> edf1961 (Use fingerprints instead of KeyIDs)
5 changes: 1 addition & 4 deletions openpgp/packet/private_key.go
Original file line number Diff line number Diff line change
Expand Up @@ -28,10 +28,10 @@ import (
"github.com/ProtonMail/go-crypto/openpgp/errors"
"github.com/ProtonMail/go-crypto/openpgp/internal/encoding"
"github.com/ProtonMail/go-crypto/openpgp/s2k"
"github.com/ProtonMail/go-crypto/openpgp/symmetric"
"github.com/ProtonMail/go-crypto/openpgp/x25519"
"github.com/ProtonMail/go-crypto/openpgp/x448"
"golang.org/x/crypto/hkdf"
"github.com/ProtonMail/go-crypto/openpgp/symmetric"
)

// PrivateKey represents a possibly encrypted private key. See RFC 4880,
Expand Down Expand Up @@ -186,15 +186,12 @@ func NewDecrypterPrivateKey(creationTime time.Time, decrypter interface{}) *Priv
pk.PublicKey = *NewElGamalPublicKey(creationTime, &priv.PublicKey)
case *ecdh.PrivateKey:
pk.PublicKey = *NewECDHPublicKey(creationTime, &priv.PublicKey)
<<<<<<< HEAD
case *x25519.PrivateKey:
pk.PublicKey = *NewX25519PublicKey(creationTime, &priv.PublicKey)
case *x448.PrivateKey:
pk.PublicKey = *NewX448PublicKey(creationTime, &priv.PublicKey)
=======
case *symmetric.AEADPrivateKey:
pk.PublicKey = *NewAEADPublicKey(creationTime, &priv.PublicKey)
>>>>>>> 3731c9c (openpgp: Add support for symmetric subkeys (#74))
default:
panic("openpgp: unknown decrypter type in NewDecrypterPrivateKey")
}
Expand Down

0 comments on commit 0e6a359

Please sign in to comment.