1
2
3
4
5 package openpgp
6
7 import (
8 "bytes"
9 "crypto/sha512"
10 "encoding/base64"
11 "encoding/hex"
12 "io"
13 "io/ioutil"
14 "os"
15 "strings"
16 "testing"
17
18 "github.com/ProtonMail/go-crypto/openpgp/armor"
19 "github.com/ProtonMail/go-crypto/openpgp/errors"
20 "github.com/ProtonMail/go-crypto/openpgp/packet"
21 )
22
23 func readerFromHex(s string) io.Reader {
24 data, err := hex.DecodeString(s)
25 if err != nil {
26 panic("readerFromHex: bad input")
27 }
28 return bytes.NewBuffer(data)
29 }
30
31 func TestReadKeyRing(t *testing.T) {
32 kring, err := ReadKeyRing(readerFromHex(testKeys1And2Hex))
33 if err != nil {
34 t.Error(err)
35 return
36 }
37 if len(kring) != 2 || uint32(kring[0].PrimaryKey.KeyId) != 0xC20C31BB || uint32(kring[1].PrimaryKey.KeyId) != 0x1E35246B {
38 t.Errorf("bad keyring: %#v", kring)
39 }
40 }
41
42 func TestRereadKeyRing(t *testing.T) {
43 kring, err := ReadKeyRing(readerFromHex(testKeys1And2Hex))
44 if err != nil {
45 t.Errorf("error in initial parse: %s", err)
46 return
47 }
48 out := new(bytes.Buffer)
49 err = kring[0].Serialize(out)
50 if err != nil {
51 t.Errorf("error in serialization: %s", err)
52 return
53 }
54 kring, err = ReadKeyRing(out)
55 if err != nil {
56 t.Errorf("error in second parse: %s", err)
57 return
58 }
59
60 if len(kring) != 1 || uint32(kring[0].PrimaryKey.KeyId) != 0xC20C31BB {
61 t.Errorf("bad keyring: %#v", kring)
62 }
63 }
64
65 func TestReadPrivateKeyRing(t *testing.T) {
66 kring, err := ReadKeyRing(readerFromHex(testKeys1And2PrivateHex))
67 if err != nil {
68 t.Error(err)
69 return
70 }
71 if len(kring) != 2 || uint32(kring[0].PrimaryKey.KeyId) != 0xC20C31BB || uint32(kring[1].PrimaryKey.KeyId) != 0x1E35246B || kring[0].PrimaryKey == nil {
72 t.Errorf("bad keyring: %#v", kring)
73 }
74 }
75
76 func TestReadDSAKey(t *testing.T) {
77 kring, err := ReadKeyRing(readerFromHex(dsaTestKeyHex))
78 if err != nil {
79 t.Error(err)
80 return
81 }
82 if len(kring) != 1 || uint32(kring[0].PrimaryKey.KeyId) != 0x0CCC0360 {
83 t.Errorf("bad parse: %#v", kring)
84 }
85 }
86
87 func TestReadP256Key(t *testing.T) {
88 kring, err := ReadKeyRing(readerFromHex(p256TestKeyHex))
89 if err != nil {
90 t.Error(err)
91 return
92 }
93 if len(kring) != 1 || uint32(kring[0].PrimaryKey.KeyId) != 0x5918513E {
94 t.Errorf("bad parse: %#v", kring)
95 }
96 }
97
98 func TestDSAHashTruncatation(t *testing.T) {
99
100
101 _, err := ReadKeyRing(readerFromHex(dsaKeyWithSHA512))
102 if err != nil {
103 t.Error(err)
104 }
105 }
106
107 func TestGetKeyById(t *testing.T) {
108 kring, _ := ReadKeyRing(readerFromHex(testKeys1And2Hex))
109
110 keys := kring.KeysById(0xa34d7e18c20c31bb)
111 if len(keys) != 1 || keys[0].Entity != kring[0] {
112 t.Errorf("bad result for 0xa34d7e18c20c31bb: %#v", keys)
113 }
114
115 keys = kring.KeysById(0xfd94408d4543314f)
116 if len(keys) != 1 || keys[0].Entity != kring[0] {
117 t.Errorf("bad result for 0xa34d7e18c20c31bb: %#v", keys)
118 }
119 }
120
121 func checkSignedMessage(t *testing.T, signedHex, expected string) {
122 kring, _ := ReadKeyRing(readerFromHex(testKeys1And2Hex))
123
124 md, err := ReadMessage(readerFromHex(signedHex), kring, nil, nil)
125 if err != nil {
126 t.Error(err)
127 return
128 }
129
130 if !md.IsSigned || md.SignedByKeyId != 0xa34d7e18c20c31bb || md.SignedBy == nil || md.IsEncrypted || md.IsSymmetricallyEncrypted || len(md.EncryptedToKeyIds) != 0 || md.DecryptedWith.Entity != nil {
131 t.Errorf("bad MessageDetails: %#v", md)
132 }
133
134 contents, err := ioutil.ReadAll(md.UnverifiedBody)
135 if err != nil {
136 t.Errorf("error reading UnverifiedBody: %s", err)
137 }
138 if string(contents) != expected {
139 t.Errorf("bad UnverifiedBody got:%s want:%s", string(contents), expected)
140 }
141 if md.SignatureError != nil || md.Signature == nil {
142 t.Errorf("failed to validate: %s", md.SignatureError)
143 }
144 }
145
146 func TestSignedMessage(t *testing.T) {
147 checkSignedMessage(t, signedMessageHex, signedInput)
148 }
149
150 func TestTextSignedMessage(t *testing.T) {
151 checkSignedMessage(t, signedTextMessageHex, signedTextInput)
152 }
153
154
155
156
157
158
159 func TestCampbellQuine(t *testing.T) {
160 md, err := ReadMessage(readerFromHex(campbellQuine), nil, nil, nil)
161 if md != nil {
162 t.Errorf("Reading a compressed quine should not return any data: %#v", md)
163 }
164 structural, ok := err.(errors.StructuralError)
165 if !ok {
166 t.Fatalf("Unexpected class of error: %T", err)
167 }
168 if !strings.Contains(string(structural), "too many layers of packets") {
169 t.Fatalf("Unexpected error: %s", err)
170 }
171 }
172
173 func TestSignedEncryptedMessage(t *testing.T) {
174 var signedEncryptedMessageTests = []struct {
175 keyRingHex string
176 messageHex string
177 signedByKeyId uint64
178 encryptedToKeyId uint64
179 verifiedSigHex string
180 unverifiedSigHex string
181 }{
182 {
183 testKeys1And2PrivateHex,
184 signedEncryptedMessageHex,
185 0xa34d7e18c20c31bb,
186 0x2a67d68660df41c7,
187 verifiedSignatureEncryptedMessageHex,
188 unverifiedSignatureEncryptedMessageHex,
189 },
190 {
191 dsaElGamalTestKeysHex,
192 signedEncryptedMessage2Hex,
193 0x33af447ccd759b09,
194 0xcf6a7abcd43e3673,
195 signatureEncryptedMessage2Hex,
196 "",
197 },
198 }
199 for i, test := range signedEncryptedMessageTests {
200 expected := "Signed and encrypted message\n"
201 kring, _ := ReadKeyRing(readerFromHex(test.keyRingHex))
202 prompt := func(keys []Key, symmetric bool) ([]byte, error) {
203 if symmetric {
204 t.Errorf("prompt: message was marked as symmetrically encrypted")
205 return nil, errors.ErrKeyIncorrect
206 }
207
208 if len(keys) == 0 {
209 t.Error("prompt: no keys requested")
210 return nil, errors.ErrKeyIncorrect
211 }
212
213 err := keys[0].PrivateKey.Decrypt([]byte("passphrase"))
214 if err != nil {
215 t.Errorf("prompt: error decrypting key: %s", err)
216 return nil, errors.ErrKeyIncorrect
217 }
218
219 return nil, nil
220 }
221
222 md, err := ReadMessage(readerFromHex(test.messageHex), kring, prompt, nil)
223 if err != nil {
224 t.Errorf("#%d: error reading message: %s", i, err)
225 return
226 }
227
228 if !md.IsSigned || md.SignedByKeyId != test.signedByKeyId || md.SignedBy == nil || !md.IsEncrypted || md.IsSymmetricallyEncrypted || len(md.EncryptedToKeyIds) == 0 || md.EncryptedToKeyIds[0] != test.encryptedToKeyId {
229 t.Errorf("#%d: bad MessageDetails: %#v", i, md)
230 }
231
232 contents, err := ioutil.ReadAll(md.UnverifiedBody)
233 if err != nil {
234 t.Errorf("#%d: error reading UnverifiedBody: %s", i, err)
235 }
236 if string(contents) != expected {
237 t.Errorf("#%d: bad UnverifiedBody got:%s want:%s", i, string(contents), expected)
238 }
239
240 if md.SignatureError != nil || md.Signature == nil {
241 t.Errorf("#%d: failed to validate: %s", i, md.SignatureError)
242 }
243
244 if test.verifiedSigHex != "" {
245 var sig bytes.Buffer
246 err = md.Signature.Serialize(&sig)
247 if err != nil {
248 t.Errorf("#%d: error serializing verified signature: %s", i, err)
249 }
250
251 sigData, err := ioutil.ReadAll(&sig)
252 if err != nil {
253 t.Errorf("#%d: error reading verified signature: %s", i, err)
254 }
255
256 if hex.EncodeToString(sigData) != test.verifiedSigHex {
257 t.Errorf("#%d: verified signature does not match: %s, %s", i, hex.EncodeToString(sigData), test.verifiedSigHex)
258 }
259 }
260
261 if test.unverifiedSigHex != "" {
262 var sig bytes.Buffer
263 for i := range md.UnverifiedSignatures {
264 err = md.Signature.Serialize(&sig)
265 if err != nil {
266 t.Errorf("#%d: error serializing unverified signature: %s", i, err)
267 }
268 }
269
270 sigData, err := ioutil.ReadAll(&sig)
271 if err != nil {
272 t.Errorf("#%d: error reading unverified signature: %s", i, err)
273 }
274
275 if hex.EncodeToString(sigData) != test.verifiedSigHex {
276 t.Errorf("#%d: unverified signature does not match: %s, %s", i, hex.EncodeToString(sigData), test.verifiedSigHex)
277 }
278 }
279 }
280 }
281
282 func TestUnspecifiedRecipient(t *testing.T) {
283 expected := "Recipient unspecified\n"
284 kring, _ := ReadKeyRing(readerFromHex(testKeys1And2PrivateHex))
285
286 md, err := ReadMessage(readerFromHex(recipientUnspecifiedHex), kring, nil, nil)
287 if err != nil {
288 t.Errorf("error reading message: %s", err)
289 return
290 }
291
292 contents, err := ioutil.ReadAll(md.UnverifiedBody)
293 if err != nil {
294 t.Errorf("error reading UnverifiedBody: %s", err)
295 }
296 if string(contents) != expected {
297 t.Errorf("bad UnverifiedBody got:%s want:%s", string(contents), expected)
298 }
299 }
300
301 func TestSymmetricallyEncrypted(t *testing.T) {
302 firstTimeCalled := true
303
304 prompt := func(keys []Key, symmetric bool) ([]byte, error) {
305 if len(keys) != 0 {
306 t.Errorf("prompt: len(keys) = %d (want 0)", len(keys))
307 }
308
309 if !symmetric {
310 t.Errorf("symmetric is not set")
311 }
312
313 if firstTimeCalled {
314 firstTimeCalled = false
315 return []byte("wrongpassword"), nil
316 }
317
318 return []byte("password"), nil
319 }
320
321 md, err := ReadMessage(readerFromHex(symmetricallyEncryptedCompressedHex), nil, prompt, nil)
322 if err != nil {
323 t.Errorf("ReadMessage: %s", err)
324 return
325 }
326
327 contents, err := ioutil.ReadAll(md.UnverifiedBody)
328 if err != nil {
329 t.Errorf("ReadAll: %s", err)
330 }
331
332 expectedCreationTime := uint32(1555107469)
333 if md.LiteralData.Time != expectedCreationTime {
334 t.Errorf("LiteralData.Time is %d, want %d", md.LiteralData.Time, expectedCreationTime)
335 }
336
337 const expected = "Symmetrically encrypted.\r\n"
338 if string(contents) != expected {
339 t.Errorf("contents got: %s want: %s", string(contents), expected)
340 }
341 }
342
343 func testDetachedSignature(t *testing.T, kring KeyRing, signature io.Reader, sigInput, tag string, expectedSignerKeyId uint64) {
344 signed := bytes.NewBufferString(sigInput)
345 config := &packet.Config{}
346 signer, err := CheckDetachedSignature(kring, signed, signature, config)
347 if err != nil {
348 t.Errorf("%s: signature error: %s", tag, err)
349 return
350 }
351 if signer == nil {
352 t.Errorf("%s: signer is nil", tag)
353 return
354 }
355 if signer.PrimaryKey.KeyId != expectedSignerKeyId {
356 t.Errorf("%s: wrong signer: got %x, expected %x", tag, signer.PrimaryKey.KeyId, expectedSignerKeyId)
357 }
358 }
359
360 func TestDetachedSignature(t *testing.T) {
361 kring, _ := ReadKeyRing(readerFromHex(testKeys1And2Hex))
362 testDetachedSignature(t, kring, readerFromHex(detachedSignatureHex), signedInput, "binary", testKey1KeyId)
363 testDetachedSignature(t, kring, readerFromHex(detachedSignatureTextHex), signedInput, "text", testKey1KeyId)
364
365 incorrectSignedInput := signedInput + "X"
366 config := &packet.Config{}
367 _, err := CheckDetachedSignature(kring, bytes.NewBufferString(incorrectSignedInput), readerFromHex(detachedSignatureHex), config)
368 if err == nil {
369 t.Fatal("CheckDetachedSignature returned without error for bad signature")
370 }
371 if err == errors.ErrUnknownIssuer {
372 t.Fatal("CheckDetachedSignature returned ErrUnknownIssuer when the signer was known, but the signature invalid")
373 }
374 }
375
376 func TestDetachedSignatureDSA(t *testing.T) {
377 kring, _ := ReadKeyRing(readerFromHex(dsaTestKeyHex))
378 testDetachedSignature(t, kring, readerFromHex(detachedSignatureDSAHex), signedInput, "binary", testKey3KeyId)
379 }
380
381 func TestMultipleSignaturePacketsDSA(t *testing.T) {
382 kring, _ := ReadKeyRing(readerFromHex(dsaTestKeyHex))
383 testDetachedSignature(t, kring, readerFromHex(missingHashFunctionHex+detachedSignatureDSAHex), signedInput, "binary", testKey3KeyId)
384 }
385
386 func TestDetachedSignatureP256(t *testing.T) {
387 kring, _ := ReadKeyRing(readerFromHex(p256TestKeyHex))
388 testDetachedSignature(t, kring, readerFromHex(detachedSignatureP256Hex), signedInput, "binary", testKeyP256KeyId)
389 }
390
391 func testHashFunctionError(t *testing.T, signatureHex string) {
392 kring, _ := ReadKeyRing(readerFromHex(testKeys1And2Hex))
393 config := &packet.Config{}
394 _, err := CheckDetachedSignature(kring, nil, readerFromHex(signatureHex), config)
395 if err == nil {
396 t.Fatal("Packet with bad hash type was correctly parsed")
397 }
398 if err != errors.ErrUnknownIssuer {
399 t.Fatalf("Unexpected class of error: %s", err)
400 }
401 }
402
403 func TestUnknownHashFunction(t *testing.T) {
404
405
406
407 testHashFunctionError(t, unknownHashFunctionHex)
408 }
409
410 func TestMissingHashFunction(t *testing.T) {
411
412
413
414 testHashFunctionError(t, missingHashFunctionHex)
415 }
416
417 func TestRSASignatureBadMPILength(t *testing.T) {
418 kring, _ := ReadKeyRing(readerFromHex(testKeys1And2Hex))
419 config := &packet.Config{}
420 _, err := CheckDetachedSignature(kring, nil, readerFromHex(rsaSignatureBadMPIlength), config)
421 if err == nil {
422 t.Fatal("RSA Signature with malformed MPI was correctly parsed")
423 }
424 }
425
426 func TestDetachedSignatureExpiredCrossSig(t *testing.T) {
427 kring, _ := ReadArmoredKeyRing(bytes.NewBufferString(keyWithExpiredCrossSig))
428 config := &packet.Config{}
429 _, err := CheckArmoredDetachedSignature(kring, bytes.NewBufferString("Hello World :)"), bytes.NewBufferString(sigFromKeyWithExpiredCrossSig), config)
430 if err == nil {
431 t.Fatal("Signature from key with expired subkey binding embedded signature was accepted")
432 }
433 if err != errors.ErrSignatureExpired {
434 t.Fatalf("Unexpected class of error: %s", err)
435 }
436 }
437
438 func TestSignatureUnknownNotation(t *testing.T) {
439 el, err := ReadArmoredKeyRing(bytes.NewBufferString(criticalNotationSigner))
440 if err != nil {
441 t.Error(err)
442 }
443 raw, err := armor.Decode(strings.NewReader(signedMessageWithCriticalNotation))
444 if err != nil {
445 t.Error(err)
446 return
447 }
448 md, err := ReadMessage(raw.Body, el, nil, nil)
449 if err != nil {
450 t.Error(err)
451 return
452 }
453 _, err = ioutil.ReadAll(md.UnverifiedBody)
454 if err != nil {
455 t.Error(err)
456 return
457 }
458 const expectedErr string = "openpgp: invalid signature: unknown critical notation: test@example.com"
459 if md.SignatureError == nil || md.SignatureError.Error() != expectedErr {
460 t.Errorf("Expected error '%s', but got error '%s'", expectedErr, md.SignatureError)
461 }
462 }
463
464 func TestSignatureKnownNotation(t *testing.T) {
465 el, err := ReadArmoredKeyRing(bytes.NewBufferString(criticalNotationSigner))
466 if err != nil {
467 t.Error(err)
468 }
469 raw, err := armor.Decode(strings.NewReader(signedMessageWithCriticalNotation))
470 if err != nil {
471 t.Error(err)
472 return
473 }
474 config := &packet.Config{
475 KnownNotations: map[string]bool{
476 "test@example.com": true,
477 },
478 }
479 md, err := ReadMessage(raw.Body, el, nil, config)
480 if err != nil {
481 t.Error(err)
482 return
483 }
484 _, err = ioutil.ReadAll(md.UnverifiedBody)
485 if err != nil {
486 t.Error(err)
487 return
488 }
489 if md.SignatureError != nil {
490 t.Error(md.SignatureError)
491 return
492 }
493 }
494
495 func TestReadingArmoredPrivateKey(t *testing.T) {
496 el, err := ReadArmoredKeyRing(bytes.NewBufferString(armoredPrivateKeyBlock))
497 if err != nil {
498 t.Error(err)
499 }
500 if len(el) != 1 {
501 t.Errorf("got %d entities, wanted 1\n", len(el))
502 }
503 }
504
505 func TestReadingArmoredPublicKey(t *testing.T) {
506 el, err := ReadArmoredKeyRing(bytes.NewBufferString(e2ePublicKey))
507 if err != nil {
508 t.Error(err)
509 }
510 if len(el) != 1 {
511 t.Errorf("didn't get a valid entity")
512 }
513 }
514
515 func TestNoArmoredData(t *testing.T) {
516 _, err := ReadArmoredKeyRing(bytes.NewBufferString("foo"))
517 if _, ok := err.(errors.InvalidArgumentError); !ok {
518 t.Errorf("error was not an InvalidArgumentError: %s", err)
519 }
520 }
521
522 func testReadMessageError(t *testing.T, messageHex string) {
523 buf, err := hex.DecodeString(messageHex)
524 if err != nil {
525 t.Errorf("hex.DecodeString(): %v", err)
526 }
527
528 kr, err := ReadKeyRing(new(bytes.Buffer))
529 if err != nil {
530 t.Errorf("ReadKeyring(): %v", err)
531 }
532
533 _, err = ReadMessage(bytes.NewBuffer(buf), kr,
534 func([]Key, bool) ([]byte, error) {
535 return []byte("insecure"), nil
536 }, nil)
537
538 if err == nil {
539 t.Errorf("ReadMessage(): Unexpected nil error")
540 }
541 }
542
543 func TestIssue11503(t *testing.T) {
544 testReadMessageError(t, "8c040402000aa430aa8228b9248b01fc899a91197130303030")
545 }
546
547 func TestIssue11504(t *testing.T) {
548 testReadMessageError(t, "9303000130303030303030303030983002303030303030030000000130")
549 }
550
551
552
553
554 func TestSignatureV3Message(t *testing.T) {
555 sig, err := armor.Decode(strings.NewReader(signedMessageV3))
556 if err != nil {
557 t.Error(err)
558 return
559 }
560 key, err := ReadArmoredKeyRing(strings.NewReader(keyV4forVerifyingSignedMessageV3))
561 if err != nil {
562 t.Error(err)
563 return
564 }
565 md, err := ReadMessage(sig.Body, key, nil, nil)
566 if err != nil {
567 t.Error(err)
568 return
569 }
570
571 _, err = ioutil.ReadAll(md.UnverifiedBody)
572 if err != nil {
573 t.Error(err)
574 return
575 }
576
577
578
579 if err = md.SignatureError; err == nil {
580 t.Errorf("Expected a signature error")
581 return
582 }
583
584 if md.Signature != nil {
585 t.Errorf("Did not expect a signature V4 back")
586 return
587 }
588 return
589 }
590
591 func TestSymmetricDecryptionArgon2(t *testing.T) {
592
593 passphrase := []byte("password")
594 file, err := os.Open("test_data/argon2-sym-message.asc")
595 if err != nil {
596 t.Fatal(err)
597 }
598 armoredEncryptedMessage, err := ioutil.ReadAll(file)
599 if err != nil {
600 t.Fatal(err)
601 }
602
603 raw, err := armor.Decode(strings.NewReader(string(armoredEncryptedMessage)))
604 if err != nil {
605 t.Error(err)
606 return
607 }
608
609 promptFunc := func(keys []Key, symmetric bool) ([]byte, error) {
610 return passphrase, nil
611 }
612
613 md, err := ReadMessage(raw.Body, nil, promptFunc, nil)
614 if err != nil {
615 t.Error(err)
616 return
617 }
618 contents, err := ioutil.ReadAll(md.UnverifiedBody)
619 if err != nil {
620 t.Errorf("error reading UnverifiedBody: %s", err)
621 }
622
623 if "Hello, world!" != string(contents) {
624 t.Fatal("Did not decrypt Argon message correctly")
625 }
626 }
627
628 func TestAsymmestricAeadOcbOpenPGPjsCompressedMessage(t *testing.T) {
629
630 armored, err := os.Open("test_data/aead-ocb-asym-key.asc")
631 if err != nil {
632 t.Fatal(err)
633 }
634 el, err := ReadArmoredKeyRing(armored)
635
636 ciphertext, err := os.Open("test_data/aead-ocb-asym-message.asc")
637 if err != nil {
638 t.Fatal(err)
639 }
640 armoredEncryptedMessage, err := ioutil.ReadAll(ciphertext)
641 if err != nil {
642 t.Fatal(err)
643 }
644
645 raw, err := armor.Decode(strings.NewReader(string(armoredEncryptedMessage)))
646 if err != nil {
647 t.Error(err)
648 return
649 }
650
651 md, err := ReadMessage(raw.Body, el, nil, nil)
652 if err != nil {
653 t.Error(err)
654 return
655 }
656
657 contents, err := ioutil.ReadAll(md.UnverifiedBody)
658 if err != nil && err != io.ErrUnexpectedEOF {
659 t.Errorf("error reading UnverifiedBody: %s", err)
660 }
661
662 wantHash := modestProposalSha512
663 gotHashRaw := sha512.Sum512(contents)
664 gotHash := base64.StdEncoding.EncodeToString(gotHashRaw[:])
665
666 if wantHash != gotHash {
667 t.Fatal("Did not decrypt OpenPGPjs message correctly")
668 }
669 }
670
671 func TestSymmetricAeadEaxOpenPGPJsMessage(t *testing.T) {
672 key := []byte{79, 41, 206, 112, 224, 133, 140, 223, 27, 61, 227, 57, 114,
673 118, 64, 60, 177, 26, 42, 174, 151, 5, 186, 74, 226, 97, 214, 63, 114, 77,
674 215, 121}
675
676 file, err := os.Open("test_data/aead-eax-packet.b64")
677 if err != nil {
678 t.Fatal(err)
679 }
680 fileBytes, err := ioutil.ReadAll(file)
681 if err != nil {
682 t.Fatal(err)
683 }
684
685 raw, err := base64.StdEncoding.DecodeString(string(fileBytes))
686 r := bytes.NewBuffer(raw)
687
688 p, err := packet.Read(r)
689 if err != nil {
690 panic(err)
691 }
692
693
694 var edp packet.EncryptedDataPacket
695 edp = p.(*packet.AEADEncrypted)
696 rc, err := edp.Decrypt(packet.CipherFunction(0), key)
697 if err != nil {
698 panic(err)
699 }
700
701 p, err = packet.Read(rc)
702 ld := p.(*packet.LiteralData)
703
704
705 contents, err := ioutil.ReadAll(ld.Body)
706 if err != nil && err != io.ErrUnexpectedEOF {
707 t.Errorf("error reading UnverifiedBody: %s", err)
708 }
709
710 wantHash := modestProposalSha512
711 gotHashRaw := sha512.Sum512(contents)
712 gotHash := base64.StdEncoding.EncodeToString(gotHashRaw[:])
713
714 if wantHash != gotHash {
715 t.Fatal("Did not decrypt OpenPGPjs message correctly")
716 }
717 }
718
719 func TestCorruptedMessageInvalidSigHeader(t *testing.T) {
720
721
722 passphrase := []byte("password")
723 file, err := os.Open("test_data/sym-corrupted-message-invalid-sig-header.asc")
724 if err != nil {
725 t.Fatal(err)
726 }
727 armoredEncryptedMessage, err := ioutil.ReadAll(file)
728 if err != nil {
729 t.Fatal(err)
730 }
731
732 raw, err := armor.Decode(strings.NewReader(string(armoredEncryptedMessage)))
733 if err != nil {
734 t.Error(err)
735 return
736 }
737
738 promptFunc := func(keys []Key, symmetric bool) ([]byte, error) {
739 return passphrase, nil
740 }
741 const expectedErr string = "openpgp: invalid data: parsing error"
742 _, observedErr := ReadMessage(raw.Body, nil, promptFunc, nil)
743 if observedErr.Error() != expectedErr {
744 t.Errorf("Expected error '%s', but got error '%s'", expectedErr, observedErr)
745 }
746 }
747
748 func TestCorruptedMessageWrongLength(t *testing.T) {
749
750
751 passphrase := []byte("password")
752 promptFunc := func(keys []Key, symmetric bool) ([]byte, error) {
753 return passphrase, nil
754 }
755 const expectedErr string = "openpgp: invalid data: parsing error"
756
757 file, err := os.Open("test_data/sym-corrupted-message-long-length.asc")
758 if err != nil {
759 t.Fatal(err)
760 }
761 armoredEncryptedMessage, err := ioutil.ReadAll(file)
762 if err != nil {
763 t.Fatal(err)
764 }
765 raw, err := armor.Decode(strings.NewReader(string(armoredEncryptedMessage)))
766 if err != nil {
767 t.Error(err)
768 return
769 }
770 md, err := ReadMessage(raw.Body, nil, promptFunc, nil)
771 if err != nil {
772 t.Error(err)
773 return
774 }
775 _, err = ioutil.ReadAll(md.UnverifiedBody)
776 if err == nil {
777 t.Fatal("Parsing error expected")
778 }
779 if err.Error() != expectedErr {
780 t.Errorf("Expected error '%s', but got error '%s'", expectedErr, err)
781 }
782 }
783
784 func TestMessageWithoutMdc(t *testing.T) {
785 armored, err := os.Open("test_data/aead-ocb-asym-key.asc")
786 if err != nil {
787 t.Fatal(err)
788 }
789 defer armored.Close()
790
791 el, err := ReadArmoredKeyRing(armored)
792 if err != nil {
793 t.Fatal(err)
794 }
795
796 armoredMessageWithoutMdc, err := ioutil.ReadFile("test_data/sym-message-without-mdc.asc")
797 if err != nil {
798 t.Fatal(err)
799 }
800
801 t.Run("fails with InsecureAllowUnauthenticatedMessages disabled", func(t *testing.T) {
802 messageWithoutMdc, err := armor.Decode(bytes.NewReader(armoredMessageWithoutMdc))
803 if err != nil {
804 t.Fatal(err)
805 }
806
807 _, err = ReadMessage(messageWithoutMdc.Body, el, nil, nil)
808 if err == nil {
809 t.Fatal("reading the message should have failed")
810 }
811 })
812
813 t.Run("succeeds with InsecureAllowUnauthenticatedMessages enabled", func(t *testing.T) {
814 messageWithoutMdc, err := armor.Decode(bytes.NewReader(armoredMessageWithoutMdc))
815 if err != nil {
816 t.Fatal(err)
817 }
818
819 md, err := ReadMessage(messageWithoutMdc.Body, el, nil, &packet.Config{
820 InsecureAllowUnauthenticatedMessages: true,
821 })
822 if err != nil {
823 t.Fatal("reading the message should have worked")
824 }
825
826 b, err := ioutil.ReadAll(md.UnverifiedBody)
827 if err != nil {
828 t.Fatal("reading the message should have worked")
829 }
830
831 if !bytes.Equal(b, []byte("message without mdc\n")) {
832 t.Error("unexpected message content")
833 }
834 })
835 }
836
View as plain text