mirror of
https://github.com/passbolt/go-passbolt.git
synced 2025-05-09 01:38:21 +00:00
allow empty Client for Registration
This commit is contained in:
Samuel Lorch
parent
279d245d86
commit
3f4ed25a83
3 changed files with 39 additions and 16 deletions
|
|
@ -57,6 +57,10 @@ func (c *Client) CheckSession(ctx context.Context) bool {
|
|||
// Login gets a Session and CSRF Token from Passbolt and Stores them in the Clients Cookie Jar
|
||||
func (c *Client) Login(ctx context.Context) error {
|
||||
|
||||
if c.userPrivateKey == "" {
|
||||
return fmt.Errorf("Client has no Private Key")
|
||||
}
|
||||
|
||||
privateKeyObj, err := crypto.NewKeyFromArmored(c.userPrivateKey)
|
||||
if err != nil {
|
||||
return fmt.Errorf("Parsing User Private Key: %w", err)
|
||||
|
|
|
|||
|
|
@ -36,6 +36,8 @@ type Client struct {
|
|||
// NewClient Returns a new Passbolt Client.
|
||||
// if httpClient is nil http.DefaultClient will be used.
|
||||
// if UserAgent is "" "goPassboltClient/1.0" will be used.
|
||||
// if UserPrivateKey is "" Key Setup is Skipped to Enable using the Client for User Registration, Most other function will be broken.
|
||||
// After Registration a new Client Should be Created.
|
||||
func NewClient(httpClient *http.Client, UserAgent, BaseURL, UserPrivateKey, UserPassword string) (*Client, error) {
|
||||
if httpClient == nil {
|
||||
httpClient = http.DefaultClient
|
||||
|
|
@ -49,22 +51,24 @@ func NewClient(httpClient *http.Client, UserAgent, BaseURL, UserPrivateKey, User
|
|||
return nil, fmt.Errorf("Parsing Base URL: %w", err)
|
||||
}
|
||||
|
||||
// Verify that the Given Privatekey and Password are valid and work Together
|
||||
privateKeyObj, err := crypto.NewKeyFromArmored(UserPrivateKey)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("Unable to Create Key From UserPrivateKey string: %w", err)
|
||||
}
|
||||
unlockedKeyObj, err := privateKeyObj.Unlock([]byte(UserPassword))
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("Unable to Unlock UserPrivateKey using UserPassword: %w", err)
|
||||
}
|
||||
privateKeyRing, err := crypto.NewKeyRing(unlockedKeyObj)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("Unable to Create a new Key Ring using the unlocked UserPrivateKey: %w", err)
|
||||
}
|
||||
// Verify that the Given Privatekey and Password are valid and work Together if we were provieded one
|
||||
if UserPrivateKey != "" {
|
||||
privateKeyObj, err := crypto.NewKeyFromArmored(UserPrivateKey)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("Unable to Create Key From UserPrivateKey string: %w", err)
|
||||
}
|
||||
unlockedKeyObj, err := privateKeyObj.Unlock([]byte(UserPassword))
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("Unable to Unlock UserPrivateKey using UserPassword: %w", err)
|
||||
}
|
||||
privateKeyRing, err := crypto.NewKeyRing(unlockedKeyObj)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("Unable to Create a new Key Ring using the unlocked UserPrivateKey: %w", err)
|
||||
}
|
||||
|
||||
// Cleanup Secrets
|
||||
privateKeyRing.ClearPrivateParams()
|
||||
// Cleanup Secrets
|
||||
privateKeyRing.ClearPrivateParams()
|
||||
}
|
||||
|
||||
// Create Client Object
|
||||
c := &Client{
|
||||
|
|
|
|||
|
|
@ -1,19 +1,34 @@
|
|||
package api
|
||||
|
||||
import "github.com/ProtonMail/gopenpgp/v2/helper"
|
||||
import (
|
||||
"fmt"
|
||||
|
||||
"github.com/ProtonMail/gopenpgp/v2/helper"
|
||||
)
|
||||
|
||||
// EncryptMessage encrypts a message using the users public key and then signes the message using the users private key
|
||||
func (c *Client) EncryptMessage(message string) (string, error) {
|
||||
if c.userPrivateKey == "" {
|
||||
return "", fmt.Errorf("Client has no Private Key")
|
||||
} else if c.userPublicKey == "" {
|
||||
return "", fmt.Errorf("Client has no Public Key")
|
||||
}
|
||||
return helper.EncryptSignMessageArmored(c.userPublicKey, c.userPrivateKey, c.userPassword, message)
|
||||
}
|
||||
|
||||
// EncryptMessageWithPublicKey encrypts a message using the provided public key and then signes the message using the users private key
|
||||
func (c *Client) EncryptMessageWithPublicKey(publickey, message string) (string, error) {
|
||||
if c.userPrivateKey == "" {
|
||||
return "", fmt.Errorf("Client has no Private Key")
|
||||
}
|
||||
return helper.EncryptSignMessageArmored(publickey, c.userPrivateKey, c.userPassword, message)
|
||||
}
|
||||
|
||||
// DecryptMessage decrypts a message using the users Private Key
|
||||
func (c *Client) DecryptMessage(message string) (string, error) {
|
||||
if c.userPrivateKey == "" {
|
||||
return "", fmt.Errorf("Client has no Private Key")
|
||||
}
|
||||
// We cant Verify the signature as we don't store other users public keys locally and don't know which user did encrypt it
|
||||
//return helper.DecryptVerifyMessageArmored(c.userPublicKey, c.userPrivateKey, c.userPassword, message)
|
||||
return helper.DecryptMessageArmored(c.userPrivateKey, c.userPassword, message)
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue