mirror of
https://github.com/henrybear327/Proton-API-Bridge.git
synced 2026-04-22 23:46:53 -04:00
Merge pull request #13 from henrybear327/protondrive/fix_signature_verification_bug
Select the address key according to the email address recorded at Link
This commit is contained in:
Chun-Hung Tseng
18
cache.go
18
cache.go
@@ -157,7 +157,11 @@ func (protonDrive *ProtonDrive) _getLinkKRByID(ctx context.Context, linkID strin
|
||||
/* The original non-caching version, which resolves the keyring recursively */
|
||||
func (protonDrive *ProtonDrive) _getLinkKR(ctx context.Context, link *proton.Link) (*crypto.KeyRing, error) {
|
||||
if link.ParentLinkID == "" { // link is rootLink
|
||||
nodeKR, err := link.GetKeyRing(protonDrive.MainShareKR, protonDrive.AddrKR)
|
||||
signatureVerificationKR, err := protonDrive.getSignatureVerificationKeyring([]string{link.SignatureEmail})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
nodeKR, err := link.GetKeyRing(protonDrive.MainShareKR, signatureVerificationKR)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -176,7 +180,11 @@ func (protonDrive *ProtonDrive) _getLinkKR(ctx context.Context, link *proton.Lin
|
||||
return nil, err
|
||||
}
|
||||
|
||||
nodeKR, err := link.GetKeyRing(parentNodeKR, protonDrive.AddrKR)
|
||||
signatureVerificationKR, err := protonDrive.getSignatureVerificationKeyring([]string{link.SignatureEmail})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
nodeKR, err := link.GetKeyRing(parentNodeKR, signatureVerificationKR)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -228,7 +236,11 @@ func (protonDrive *ProtonDrive) getLinkKR(ctx context.Context, link *proton.Link
|
||||
return nil, err
|
||||
}
|
||||
|
||||
kr, err := data.link.GetKeyRing(parentNodeKR, protonDrive.AddrKR)
|
||||
signatureVerificationKR, err := protonDrive.getSignatureVerificationKeyring([]string{data.link.SignatureEmail})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
kr, err := data.link.GetKeyRing(parentNodeKR, signatureVerificationKR)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
package common
|
||||
|
||||
import (
|
||||
"log"
|
||||
"os"
|
||||
"runtime"
|
||||
)
|
||||
@@ -44,8 +43,6 @@ type ReusableCredentialData struct {
|
||||
}
|
||||
|
||||
func NewConfigWithDefaultValues() *Config {
|
||||
log.Println("Number of CPUs", runtime.GOMAXPROCS(0))
|
||||
|
||||
return &Config{
|
||||
AppVersion: "",
|
||||
UserAgent: "",
|
||||
@@ -77,8 +74,6 @@ func NewConfigWithDefaultValues() *Config {
|
||||
}
|
||||
|
||||
func NewConfigForIntegrationTests() *Config {
|
||||
log.Println("Number of CPUs", runtime.GOMAXPROCS(0))
|
||||
|
||||
appVersion := os.Getenv("PROTON_API_BRIDGE_APP_VERSION")
|
||||
userAgent := os.Getenv("PROTON_API_BRIDGE_USER_AGENT")
|
||||
|
||||
|
||||
@@ -19,7 +19,7 @@ The address keyrings are encrypted with the primary user keyring at the time.
|
||||
|
||||
The primary address key is used to create (encrypt) and retrieve (decrypt) data, e.g. shares
|
||||
*/
|
||||
func getAccountKRs(ctx context.Context, c *proton.Client, keyPass, saltedKeyPass []byte) (*crypto.KeyRing, map[string]*crypto.KeyRing, []proton.Address, []byte, error) {
|
||||
func getAccountKRs(ctx context.Context, c *proton.Client, keyPass, saltedKeyPass []byte) (*crypto.KeyRing, map[string]*crypto.KeyRing, map[string]proton.Address, []byte, error) {
|
||||
/* Code taken and modified from proton-bridge */
|
||||
|
||||
user, err := c.GetUser(ctx)
|
||||
@@ -28,7 +28,7 @@ func getAccountKRs(ctx context.Context, c *proton.Client, keyPass, saltedKeyPass
|
||||
}
|
||||
// log.Printf("user %#v", user)
|
||||
|
||||
addr, err := c.GetAddresses(ctx)
|
||||
addrsArr, err := c.GetAddresses(ctx)
|
||||
if err != nil {
|
||||
return nil, nil, nil, nil, err
|
||||
}
|
||||
@@ -56,7 +56,7 @@ func getAccountKRs(ctx context.Context, c *proton.Client, keyPass, saltedKeyPass
|
||||
// log.Printf("saltedKeyPass ok")
|
||||
}
|
||||
|
||||
userKR, addrKRs, err := proton.Unlock(user, addr, saltedKeyPass, nil)
|
||||
userKR, addrKRs, err := proton.Unlock(user, addrsArr, saltedKeyPass, nil)
|
||||
if err != nil {
|
||||
return nil, nil, nil, nil, err
|
||||
|
||||
@@ -66,5 +66,10 @@ func getAccountKRs(ctx context.Context, c *proton.Client, keyPass, saltedKeyPass
|
||||
}
|
||||
}
|
||||
|
||||
return userKR, addrKRs, addr, saltedKeyPass, nil
|
||||
addrs := make(map[string]proton.Address)
|
||||
for _, addr := range addrsArr {
|
||||
addrs[addr.Email] = addr
|
||||
}
|
||||
|
||||
return userKR, addrKRs, addrs, saltedKeyPass, nil
|
||||
}
|
||||
|
||||
@@ -47,12 +47,12 @@ Log in methods
|
||||
Keyring decryption
|
||||
The password will be salted, and then used to decrypt the keyring. The salted password needs to be and can be cached, so the keyring can be re-decrypted when needed
|
||||
*/
|
||||
func Login(ctx context.Context, config *Config, authHandler proton.AuthHandler, deAuthHandler proton.Handler) (*proton.Manager, *proton.Client, *ProtonDriveCredential, *crypto.KeyRing, map[string]*crypto.KeyRing, []proton.Address, error) {
|
||||
func Login(ctx context.Context, config *Config, authHandler proton.AuthHandler, deAuthHandler proton.Handler) (*proton.Manager, *proton.Client, *ProtonDriveCredential, *crypto.KeyRing, map[string]*crypto.KeyRing, map[string]proton.Address, error) {
|
||||
var c *proton.Client
|
||||
var auth proton.Auth
|
||||
var userKR *crypto.KeyRing
|
||||
var addrKRs map[string]*crypto.KeyRing
|
||||
var addr []proton.Address
|
||||
var addrs map[string]proton.Address
|
||||
|
||||
// get manager
|
||||
m := getProtonManager(config.AppVersion, config.UserAgent)
|
||||
@@ -71,12 +71,12 @@ func Login(ctx context.Context, config *Config, authHandler proton.AuthHandler,
|
||||
if err != nil {
|
||||
return nil, nil, nil, nil, nil, nil, err
|
||||
}
|
||||
userKR, addrKRs, addr, _, err = getAccountKRs(ctx, c, nil, SaltedKeyPassByteArr)
|
||||
userKR, addrKRs, addrs, _, err = getAccountKRs(ctx, c, nil, SaltedKeyPassByteArr)
|
||||
if err != nil {
|
||||
return nil, nil, nil, nil, nil, nil, err
|
||||
}
|
||||
|
||||
return m, c, nil, userKR, addrKRs, addr, nil
|
||||
return m, c, nil, userKR, addrKRs, addrs, nil
|
||||
} else {
|
||||
username := config.FirstLoginCredential.Username
|
||||
password := config.FirstLoginCredential.Password
|
||||
@@ -119,7 +119,7 @@ func Login(ctx context.Context, config *Config, authHandler proton.AuthHandler,
|
||||
|
||||
// decrypt keyring
|
||||
var saltedKeyPassByteArr []byte
|
||||
userKR, addrKRs, addr, saltedKeyPassByteArr, err = getAccountKRs(ctx, c, keyPass, nil)
|
||||
userKR, addrKRs, addrs, saltedKeyPassByteArr, err = getAccountKRs(ctx, c, keyPass, nil)
|
||||
if err != nil {
|
||||
return nil, nil, nil, nil, nil, nil, err
|
||||
}
|
||||
@@ -140,7 +140,7 @@ func Login(ctx context.Context, config *Config, authHandler proton.AuthHandler,
|
||||
AccessToken: auth.AccessToken,
|
||||
RefreshToken: auth.RefreshToken,
|
||||
SaltedKeyPass: saltedKeyPass,
|
||||
}, userKR, addrKRs, addr, nil
|
||||
}, userKR, addrKRs, addrs, nil
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
51
drive.go
51
drive.go
@@ -15,8 +15,8 @@ type ProtonDrive struct {
|
||||
MainShare *proton.Share
|
||||
RootLink *proton.Link
|
||||
|
||||
MainShareKR *crypto.KeyRing
|
||||
AddrKR *crypto.KeyRing
|
||||
MainShareKR *crypto.KeyRing
|
||||
DefaultAddrKR *crypto.KeyRing
|
||||
|
||||
Config *common.Config
|
||||
|
||||
@@ -24,7 +24,7 @@ type ProtonDrive struct {
|
||||
m *proton.Manager
|
||||
userKR *crypto.KeyRing
|
||||
addrKRs map[string]*crypto.KeyRing
|
||||
addrData []proton.Address
|
||||
addrData map[string]proton.Address
|
||||
signatureAddress string
|
||||
|
||||
cache *cache
|
||||
@@ -121,10 +121,10 @@ func NewProtonDrive(ctx context.Context, config *common.Config, authHandler prot
|
||||
// log.Printf("rootLink %#v", rootLink)
|
||||
|
||||
// log.Printf("addrKRs %#v", addrKRs)=
|
||||
addrKR := addrKRs[mainShare.AddressID]
|
||||
mainShareAddrKR := addrKRs[mainShare.AddressID]
|
||||
// log.Println("addrKR CountDecryptionEntities", addrKR.CountDecryptionEntities())
|
||||
|
||||
mainShareKR, err := mainShare.GetKeyRing(addrKR)
|
||||
mainShareKR, err := mainShare.GetKeyRing(mainShareAddrKR)
|
||||
if err != nil {
|
||||
return nil, nil, err
|
||||
}
|
||||
@@ -134,8 +134,8 @@ func NewProtonDrive(ctx context.Context, config *common.Config, authHandler prot
|
||||
MainShare: mainShare,
|
||||
RootLink: &rootLink,
|
||||
|
||||
MainShareKR: mainShareKR,
|
||||
AddrKR: addrKR,
|
||||
MainShareKR: mainShareKR,
|
||||
DefaultAddrKR: mainShareAddrKR,
|
||||
|
||||
Config: config,
|
||||
|
||||
@@ -168,3 +168,40 @@ func (protonDrive *ProtonDrive) About(ctx context.Context) (*proton.User, error)
|
||||
func (protonDrive *ProtonDrive) GetLink(ctx context.Context, linkID string) (*proton.Link, error) {
|
||||
return protonDrive.getLink(ctx, linkID)
|
||||
}
|
||||
|
||||
func addKeysFromKR(kr *crypto.KeyRing, newKRs ...*crypto.KeyRing) error {
|
||||
for i := range newKRs {
|
||||
for _, key := range newKRs[i].GetKeys() {
|
||||
err := kr.AddKey(key)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (protonDrive *ProtonDrive) getSignatureVerificationKeyring(emailAddresses []string, verificationAddrKRs ...*crypto.KeyRing) (*crypto.KeyRing, error) {
|
||||
ret, err := crypto.NewKeyRing(nil)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
for _, emailAddress := range emailAddresses {
|
||||
if addr, ok := protonDrive.addrData[emailAddress]; ok {
|
||||
if err := addKeysFromKR(ret, protonDrive.addrKRs[addr.ID]); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if err := addKeysFromKR(ret, verificationAddrKRs...); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if ret.CountEntities() == 0 {
|
||||
return nil, ErrNoKeyringForSignatureVerification
|
||||
}
|
||||
return ret, nil
|
||||
}
|
||||
|
||||
1
error.go
1
error.go
@@ -20,4 +20,5 @@ var (
|
||||
ErrWrongUsageOfGetLinkKR = errors.New("internal error for GetLinkKR - nil passed in for link")
|
||||
ErrWrongUsageOfGetLink = errors.New("internal error for getLink - empty linkID passed in")
|
||||
ErrSeekOffsetAfterSkippingBlocks = errors.New("internal error for download seek - the offset after skipping blocks is wrong")
|
||||
ErrNoKeyringForSignatureVerification = errors.New(("internal error for signature verification - no keyring is generated"))
|
||||
)
|
||||
|
||||
12
file.go
12
file.go
@@ -62,7 +62,11 @@ func (protonDrive *ProtonDrive) GetActiveRevisionAttrs(ctx context.Context, link
|
||||
return nil, err
|
||||
}
|
||||
|
||||
revisionXAttrCommon, err := revisionsMetadata[0].GetDecXAttrString(protonDrive.AddrKR, nodeKR)
|
||||
signatureVerificationKR, err := protonDrive.getSignatureVerificationKeyring([]string{link.FileProperties.ActiveRevision.SignatureEmail})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
revisionXAttrCommon, err := revisionsMetadata[0].GetDecXAttrString(signatureVerificationKR, nodeKR)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -115,7 +119,11 @@ func (protonDrive *ProtonDrive) GetActiveRevisionWithAttrs(ctx context.Context,
|
||||
return nil, nil, err
|
||||
}
|
||||
|
||||
revisionXAttrCommon, err := revision.GetDecXAttrString(protonDrive.AddrKR, nodeKR)
|
||||
signatureVerificationKR, err := protonDrive.getSignatureVerificationKeyring([]string{link.FileProperties.ActiveRevision.SignatureEmail})
|
||||
if err != nil {
|
||||
return nil, nil, err
|
||||
}
|
||||
revisionXAttrCommon, err := revision.GetDecXAttrString(signatureVerificationKR, nodeKR)
|
||||
if err != nil {
|
||||
return nil, nil, err
|
||||
}
|
||||
|
||||
@@ -14,6 +14,7 @@ type FileDownloadReader struct {
|
||||
protonDrive *ProtonDrive
|
||||
ctx context.Context
|
||||
|
||||
link *proton.Link
|
||||
data *bytes.Buffer
|
||||
nodeKR *crypto.KeyRing
|
||||
sessionKey *crypto.SessionKey
|
||||
@@ -67,7 +68,11 @@ func (reader *FileDownloadReader) populateBufferOnRead() error {
|
||||
}
|
||||
defer blockReader.Close()
|
||||
|
||||
err = decryptBlockIntoBuffer(reader.sessionKey, reader.protonDrive.AddrKR, reader.nodeKR, reader.revision.Blocks[i].Hash, reader.revision.Blocks[i].EncSignature, reader.data, blockReader)
|
||||
signatureVerificationKR, err := reader.protonDrive.getSignatureVerificationKeyring([]string{reader.link.SignatureEmail}, reader.nodeKR)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
err = decryptBlockIntoBuffer(reader.sessionKey, signatureVerificationKR, reader.nodeKR, reader.revision.Blocks[i].Hash, reader.revision.Blocks[i].EncSignature, reader.data, blockReader)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@@ -100,7 +105,11 @@ func (protonDrive *ProtonDrive) DownloadFile(ctx context.Context, link *proton.L
|
||||
return nil, 0, nil, err
|
||||
}
|
||||
|
||||
nodeKR, err := link.GetKeyRing(parentNodeKR, protonDrive.AddrKR)
|
||||
signatureVerificationKR, err := protonDrive.getSignatureVerificationKeyring([]string{link.SignatureEmail})
|
||||
if err != nil {
|
||||
return nil, 0, nil, err
|
||||
}
|
||||
nodeKR, err := link.GetKeyRing(parentNodeKR, signatureVerificationKR)
|
||||
if err != nil {
|
||||
return nil, 0, nil, err
|
||||
}
|
||||
@@ -119,6 +128,7 @@ func (protonDrive *ProtonDrive) DownloadFile(ctx context.Context, link *proton.L
|
||||
protonDrive: protonDrive,
|
||||
ctx: ctx,
|
||||
|
||||
link: link,
|
||||
data: bytes.NewBuffer(nil),
|
||||
nodeKR: nodeKR,
|
||||
sessionKey: sessionKey,
|
||||
|
||||
@@ -80,7 +80,11 @@ func (protonDrive *ProtonDrive) createFileUploadDraft(ctx context.Context, paren
|
||||
return "", "", nil, nil, err
|
||||
}
|
||||
|
||||
newNodeKey, newNodePassphraseEnc, newNodePassphraseSignature, err := generateNodeKeys(parentNodeKR, protonDrive.AddrKR)
|
||||
/*
|
||||
Encryption: parent link's node key
|
||||
Signature: share's signature address keys
|
||||
*/
|
||||
newNodeKey, newNodePassphraseEnc, newNodePassphraseSignature, err := generateNodeKeys(parentNodeKR, protonDrive.DefaultAddrKR)
|
||||
if err != nil {
|
||||
return "", "", nil, nil, err
|
||||
}
|
||||
@@ -102,27 +106,47 @@ func (protonDrive *ProtonDrive) createFileUploadDraft(ctx context.Context, paren
|
||||
SignatureAddress: protonDrive.signatureAddress, // Signature email address used to sign passphrase and name
|
||||
}
|
||||
|
||||
/* Name is encrypted using the parent's keyring, and signed with address key */
|
||||
err = createFileReq.SetName(filename, protonDrive.AddrKR, parentNodeKR)
|
||||
/*
|
||||
Encryption: parent link's node key
|
||||
Signature: share's signature address keys
|
||||
*/
|
||||
err = createFileReq.SetName(filename, protonDrive.DefaultAddrKR, parentNodeKR)
|
||||
if err != nil {
|
||||
return "", "", nil, nil, err
|
||||
}
|
||||
|
||||
parentHashKey, err := parentLink.GetHashKey(parentNodeKR)
|
||||
if err != nil {
|
||||
return "", "", nil, nil, err
|
||||
}
|
||||
|
||||
newNodeKR, err := getKeyRing(parentNodeKR, protonDrive.AddrKR, newNodeKey, newNodePassphraseEnc, newNodePassphraseSignature)
|
||||
/*
|
||||
Encryption: parent link's node key
|
||||
Signature: parent link's node key
|
||||
*/
|
||||
signatureVerificationKR, err := protonDrive.getSignatureVerificationKeyring([]string{parentLink.SignatureEmail}, parentNodeKR)
|
||||
if err != nil {
|
||||
return "", "", nil, nil, err
|
||||
}
|
||||
parentHashKey, err := parentLink.GetHashKey(parentNodeKR, signatureVerificationKR)
|
||||
if err != nil {
|
||||
return "", "", nil, nil, err
|
||||
}
|
||||
|
||||
/* Use parent's hash key */
|
||||
err = createFileReq.SetHash(filename, parentHashKey)
|
||||
if err != nil {
|
||||
return "", "", nil, nil, err
|
||||
}
|
||||
|
||||
/*
|
||||
Encryption: parent link's node key
|
||||
Signature: share's signature address keys
|
||||
*/
|
||||
newNodeKR, err := getKeyRing(parentNodeKR, protonDrive.DefaultAddrKR, newNodeKey, newNodePassphraseEnc, newNodePassphraseSignature)
|
||||
if err != nil {
|
||||
return "", "", nil, nil, err
|
||||
}
|
||||
|
||||
/*
|
||||
Encryption: current link's node key
|
||||
Signature: share's signature address keys
|
||||
*/
|
||||
newSessionKey, err := createFileReq.SetContentKeyPacketAndSignature(newNodeKR)
|
||||
if err != nil {
|
||||
return "", "", nil, nil, err
|
||||
@@ -192,12 +216,16 @@ func (protonDrive *ProtonDrive) createFileUploadDraft(ctx context.Context, paren
|
||||
if link != nil {
|
||||
linkID = link.LinkID
|
||||
|
||||
// get original newSessionKey and newNodeKR
|
||||
// get original sessionKey and nodeKR for the current link
|
||||
parentNodeKR, err = protonDrive.getLinkKRByID(ctx, link.ParentLinkID)
|
||||
if err != nil {
|
||||
return "", "", nil, nil, err
|
||||
}
|
||||
newNodeKR, err = link.GetKeyRing(parentNodeKR, protonDrive.AddrKR)
|
||||
signatureVerificationKR, err := protonDrive.getSignatureVerificationKeyring([]string{link.SignatureEmail})
|
||||
if err != nil {
|
||||
return "", "", nil, nil, err
|
||||
}
|
||||
newNodeKR, err = link.GetKeyRing(parentNodeKR, signatureVerificationKR)
|
||||
if err != nil {
|
||||
return "", "", nil, nil, err
|
||||
}
|
||||
@@ -308,14 +336,18 @@ func (protonDrive *ProtonDrive) uploadAndCollectBlockData(ctx context.Context, n
|
||||
sha1Digests.Write(data)
|
||||
blockSizes = append(blockSizes, int64(readBytes))
|
||||
|
||||
// encrypt data
|
||||
// encrypt block data
|
||||
/*
|
||||
Encryption: current link's session key
|
||||
Signature: share's signature address keys
|
||||
*/
|
||||
dataPlainMessage := crypto.NewPlainMessage(data)
|
||||
encData, err := newSessionKey.Encrypt(dataPlainMessage)
|
||||
if err != nil {
|
||||
return nil, 0, nil, "", err
|
||||
}
|
||||
|
||||
encSignature, err := protonDrive.AddrKR.SignDetachedEncrypted(dataPlainMessage, newNodeKR)
|
||||
encSignature, err := protonDrive.DefaultAddrKR.SignDetachedEncrypted(dataPlainMessage, newNodeKR)
|
||||
if err != nil {
|
||||
return nil, 0, nil, "", err
|
||||
}
|
||||
@@ -354,7 +386,7 @@ func (protonDrive *ProtonDrive) uploadAndCollectBlockData(ctx context.Context, n
|
||||
}
|
||||
|
||||
func (protonDrive *ProtonDrive) commitNewRevision(ctx context.Context, nodeKR *crypto.KeyRing, xAttrCommon *proton.RevisionXAttrCommon, manifestSignatureData []byte, linkID, revisionID string) error {
|
||||
manifestSignature, err := protonDrive.AddrKR.SignDetached(crypto.NewPlainMessage(manifestSignatureData))
|
||||
manifestSignature, err := protonDrive.DefaultAddrKR.SignDetached(crypto.NewPlainMessage(manifestSignatureData))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@@ -368,7 +400,7 @@ func (protonDrive *ProtonDrive) commitNewRevision(ctx context.Context, nodeKR *c
|
||||
SignatureAddress: protonDrive.signatureAddress,
|
||||
}
|
||||
|
||||
err = commitRevisionReq.SetEncXAttrString(protonDrive.AddrKR, nodeKR, xAttrCommon)
|
||||
err = commitRevisionReq.SetEncXAttrString(protonDrive.DefaultAddrKR, nodeKR, xAttrCommon)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
34
folder.go
34
folder.go
@@ -34,7 +34,11 @@ func (protonDrive *ProtonDrive) ListDirectory(
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
folderLinkKR, err := folderLink.GetKeyRing(folderParentKR, protonDrive.AddrKR)
|
||||
signatureVerificationKR, err := protonDrive.getSignatureVerificationKeyring([]string{folderLink.SignatureEmail})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
folderLinkKR, err := folderLink.GetKeyRing(folderParentKR, signatureVerificationKR)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -44,7 +48,11 @@ func (protonDrive *ProtonDrive) ListDirectory(
|
||||
continue
|
||||
}
|
||||
|
||||
name, err := childrenLinks[i].GetName(folderLinkKR, protonDrive.AddrKR)
|
||||
signatureVerificationKR, err := protonDrive.getSignatureVerificationKeyring([]string{childrenLinks[i].NameSignatureEmail, childrenLinks[i].SignatureEmail})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
name, err := childrenLinks[i].GetName(folderLinkKR, signatureVerificationKR)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -78,7 +86,7 @@ func (protonDrive *ProtonDrive) CreateNewFolder(ctx context.Context, parentLink
|
||||
return "", err
|
||||
}
|
||||
|
||||
newNodeKey, newNodePassphraseEnc, newNodePassphraseSignature, err := generateNodeKeys(parentNodeKR, protonDrive.AddrKR)
|
||||
newNodeKey, newNodePassphraseEnc, newNodePassphraseSignature, err := generateNodeKeys(parentNodeKR, protonDrive.DefaultAddrKR)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
@@ -99,12 +107,16 @@ func (protonDrive *ProtonDrive) CreateNewFolder(ctx context.Context, parentLink
|
||||
}
|
||||
|
||||
/* Name is encrypted using the parent's keyring, and signed with address key */
|
||||
err = createFolderReq.SetName(folderName, protonDrive.AddrKR, parentNodeKR)
|
||||
err = createFolderReq.SetName(folderName, protonDrive.DefaultAddrKR, parentNodeKR)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
parentHashKey, err := parentLink.GetHashKey(parentNodeKR)
|
||||
signatureVerificationKR, err := protonDrive.getSignatureVerificationKeyring([]string{parentLink.SignatureEmail}, parentNodeKR)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
parentHashKey, err := parentLink.GetHashKey(parentNodeKR, signatureVerificationKR)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
@@ -113,7 +125,7 @@ func (protonDrive *ProtonDrive) CreateNewFolder(ctx context.Context, parentLink
|
||||
return "", err
|
||||
}
|
||||
|
||||
newNodeKR, err := getKeyRing(parentNodeKR, protonDrive.AddrKR, newNodeKey, newNodePassphraseEnc, newNodePassphraseSignature)
|
||||
newNodeKR, err := getKeyRing(parentNodeKR, protonDrive.DefaultAddrKR, newNodeKey, newNodePassphraseEnc, newNodePassphraseSignature)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
@@ -200,12 +212,16 @@ func (protonDrive *ProtonDrive) moveLink(ctx context.Context, srcLink *proton.Li
|
||||
return err
|
||||
}
|
||||
|
||||
err = req.SetName(dstName, protonDrive.AddrKR, dstParentKR)
|
||||
err = req.SetName(dstName, protonDrive.DefaultAddrKR, dstParentKR)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
dstParentHashKey, err := dstParentLink.GetHashKey(dstParentKR)
|
||||
signatureVerificationKR, err := protonDrive.getSignatureVerificationKeyring([]string{dstParentLink.SignatureEmail}, dstParentKR)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
dstParentHashKey, err := dstParentLink.GetHashKey(dstParentKR, signatureVerificationKR)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@@ -218,7 +234,7 @@ func (protonDrive *ProtonDrive) moveLink(ctx context.Context, srcLink *proton.Li
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
nodePassphrase, err := reencryptKeyPacket(srcParentKR, dstParentKR, protonDrive.AddrKR, srcLink.NodePassphrase)
|
||||
nodePassphrase, err := reencryptKeyPacket(srcParentKR, dstParentKR, protonDrive.DefaultAddrKR, srcLink.NodePassphrase)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
@@ -31,7 +31,11 @@ func (protonDrive *ProtonDrive) listDirectoriesRecursively(
|
||||
var currentPath = ""
|
||||
|
||||
if !(excludeRoot && curDepth == 0) {
|
||||
name, err := link.GetName(parentNodeKR, protonDrive.AddrKR)
|
||||
signatureVerificationKR, err := protonDrive.getSignatureVerificationKeyring([]string{link.NameSignatureEmail, link.SignatureEmail})
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
name, err := link.GetName(parentNodeKR, signatureVerificationKR)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@@ -88,7 +92,11 @@ func (protonDrive *ProtonDrive) listDirectoriesRecursively(
|
||||
|
||||
if childrenLinks != nil {
|
||||
// get current node's keyring
|
||||
linkKR, err := link.GetKeyRing(parentNodeKR, protonDrive.AddrKR)
|
||||
signatureVerificationKR, err := protonDrive.getSignatureVerificationKeyring([]string{link.SignatureEmail})
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
linkKR, err := link.GetKeyRing(parentNodeKR, signatureVerificationKR)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
2
go.mod
2
go.mod
@@ -5,7 +5,7 @@ go 1.18
|
||||
require (
|
||||
github.com/ProtonMail/gluon v0.17.1-0.20230724134000-308be39be96e
|
||||
github.com/ProtonMail/gopenpgp/v2 v2.7.3
|
||||
github.com/henrybear327/go-proton-api v0.0.0-20230905210903-1d7952498156
|
||||
github.com/henrybear327/go-proton-api v0.0.0-20230907193451-e563407504ce
|
||||
github.com/relvacode/iso8601 v1.3.0
|
||||
golang.org/x/sync v0.3.0
|
||||
)
|
||||
|
||||
4
go.sum
4
go.sum
@@ -50,8 +50,8 @@ github.com/go-resty/resty/v2 v2.7.0/go.mod h1:9PWDzw47qPphMRFfhsyk0NnSgvluHcljSM
|
||||
github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU=
|
||||
github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4=
|
||||
github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||
github.com/henrybear327/go-proton-api v0.0.0-20230905210903-1d7952498156 h1:4AneKd+c3c1Jq9X5FRrbJwqhn5M0lkc38xDuP+nl8M8=
|
||||
github.com/henrybear327/go-proton-api v0.0.0-20230905210903-1d7952498156/go.mod h1:w63MZuzufKcIZ93pwRgiOtxMXYafI8H74D77AxytOBc=
|
||||
github.com/henrybear327/go-proton-api v0.0.0-20230907193451-e563407504ce h1:n1URi7VYiwX/3akX51keQXi6Huy4lJdVc4biJHYk3iw=
|
||||
github.com/henrybear327/go-proton-api v0.0.0-20230907193451-e563407504ce/go.mod h1:w63MZuzufKcIZ93pwRgiOtxMXYafI8H74D77AxytOBc=
|
||||
github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
|
||||
github.com/klauspost/cpuid/v2 v2.2.4 h1:acbojRNwl3o09bUq+yDCtZFc1aiwaAAxtcn8YkZXnvk=
|
||||
github.com/leodido/go-urn v1.2.4 h1:XlAE/cm/ms7TE/VMVoduSpNBoyc2dOxHs5MZSwAN63Q=
|
||||
|
||||
8
mail.go
8
mail.go
@@ -79,7 +79,7 @@ func (protonDrive *ProtonDrive) createDraft(ctx context.Context, config *MailSen
|
||||
},
|
||||
}
|
||||
|
||||
createDraftResp, err := protonDrive.c.CreateDraft(ctx, protonDrive.AddrKR, createDraftReq)
|
||||
createDraftResp, err := protonDrive.c.CreateDraft(ctx, protonDrive.DefaultAddrKR, createDraftReq)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -96,7 +96,7 @@ func (protonDrive *ProtonDrive) getAttachmentSessionKeyMap(attachments []*proton
|
||||
return nil, err
|
||||
}
|
||||
|
||||
key, err := protonDrive.AddrKR.DecryptSessionKey(keyPacket)
|
||||
key, err := protonDrive.DefaultAddrKR.DecryptSessionKey(keyPacket)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -127,7 +127,7 @@ func (protonDrive *ProtonDrive) uploadAttachments(ctx context.Context, createDra
|
||||
Body: fileByteArray,
|
||||
}
|
||||
|
||||
uploadAttachmentResp, err := protonDrive.c.UploadAttachment(ctx, protonDrive.AddrKR, req)
|
||||
uploadAttachmentResp, err := protonDrive.c.UploadAttachment(ctx, protonDrive.DefaultAddrKR, req)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -172,7 +172,7 @@ func (protonDrive *ProtonDrive) sendDraft(ctx context.Context, messageID string,
|
||||
}
|
||||
|
||||
// for each of the recipient, we encrypt body for them
|
||||
if err = sendReq.AddTextPackage(protonDrive.AddrKR,
|
||||
if err = sendReq.AddTextPackage(protonDrive.DefaultAddrKR,
|
||||
string(htmlTemplate),
|
||||
rfc822.TextHTML,
|
||||
map[string]proton.SendPreferences{config.RecipientEmailAddress: {
|
||||
|
||||
12
search.go
12
search.go
@@ -51,12 +51,20 @@ func (protonDrive *ProtonDrive) SearchByNameInActiveFolder(
|
||||
return nil, err
|
||||
}
|
||||
|
||||
folderLinkKR, err := folderLink.GetKeyRing(parentNodeKR, protonDrive.AddrKR)
|
||||
signatureVerificationKR, err := protonDrive.getSignatureVerificationKeyring([]string{folderLink.SignatureEmail})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
folderLinkKR, err := folderLink.GetKeyRing(parentNodeKR, signatureVerificationKR)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
folderHashKey, err := folderLink.GetHashKey(folderLinkKR)
|
||||
signatureVerificationKR, err = protonDrive.getSignatureVerificationKeyring([]string{folderLink.SignatureEmail}, folderLinkKR)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
folderHashKey, err := folderLink.GetHashKey(folderLinkKR, signatureVerificationKR)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
@@ -73,7 +73,11 @@ func (protonDrive *ProtonDrive) performSearchByNameRecursively(
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
name, err := link.GetName(parentNodeKR, protonDrive.AddrKR)
|
||||
signatureVerificationKR, err := protonDrive.getSignatureVerificationKeyring([]string{link.NameSignatureEmail, link.SignatureEmail})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
name, err := link.GetName(parentNodeKR, signatureVerificationKR)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -90,7 +94,11 @@ func (protonDrive *ProtonDrive) performSearchByNameRecursively(
|
||||
// log.Printf("childrenLinks len = %v, %#v", len(childrenLinks), childrenLinks)
|
||||
|
||||
// get current node's keyring
|
||||
linkKR, err := link.GetKeyRing(parentNodeKR, protonDrive.AddrKR)
|
||||
signatureVerificationKR, err := protonDrive.getSignatureVerificationKeyring([]string{link.SignatureEmail})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
linkKR, err := link.GetKeyRing(parentNodeKR, signatureVerificationKR)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user