speatzle/go-passbolt
1
0
Fork 0
mirror of https://github.com/passbolt/go-passbolt.git synced 2025-05-09 09:48:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

allow empty Client for Registration

Browse source
This commit is contained in:
Samuel Lorch 2021-09-02 13:31:23 +02:00
parent 279d245d86
commit 3f4ed25a83
3 changed files with 39 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
api/auth.go
View file

@ -57,6 +57,10 @@ func (c *Client) CheckSession(ctx context.Context) bool {
// Login gets a Session and CSRF Token from Passbolt and Stores them in the Clients Cookie Jar // Login gets a Session and CSRF Token from Passbolt and Stores them in the Clients Cookie Jar
func (c *Client) Login(ctx context.Context) error { func (c *Client) Login(ctx context.Context) error {
if c.userPrivateKey == "" {
return fmt.Errorf("Client has no Private Key")
}
privateKeyObj, err := crypto.NewKeyFromArmored(c.userPrivateKey) privateKeyObj, err := crypto.NewKeyFromArmored(c.userPrivateKey)
if err != nil { if err != nil {
return fmt.Errorf("Parsing User Private Key: %w", err) return fmt.Errorf("Parsing User Private Key: %w", err)

34
api/client.go
View file

@ -36,6 +36,8 @@ type Client struct {
// NewClient Returns a new Passbolt Client. // NewClient Returns a new Passbolt Client.
// if httpClient is nil http.DefaultClient will be used. // if httpClient is nil http.DefaultClient will be used.
// if UserAgent is "" "goPassboltClient/1.0" will be used. // if UserAgent is "" "goPassboltClient/1.0" will be used.
// if UserPrivateKey is "" Key Setup is Skipped to Enable using the Client for User Registration, Most other function will be broken.
// After Registration a new Client Should be Created.
func NewClient(httpClient *http.Client, UserAgent, BaseURL, UserPrivateKey, UserPassword string) (*Client, error) { func NewClient(httpClient *http.Client, UserAgent, BaseURL, UserPrivateKey, UserPassword string) (*Client, error) {
if httpClient == nil { if httpClient == nil {
httpClient = http.DefaultClient httpClient = http.DefaultClient
@ -49,22 +51,24 @@ func NewClient(httpClient *http.Client, UserAgent, BaseURL, UserPrivateKey, User
return nil, fmt.Errorf("Parsing Base URL: %w", err) return nil, fmt.Errorf("Parsing Base URL: %w", err)
} }
// Verify that the Given Privatekey and Password are valid and work Together // Verify that the Given Privatekey and Password are valid and work Together if we were provieded one
privateKeyObj, err := crypto.NewKeyFromArmored(UserPrivateKey) if UserPrivateKey != "" {
if err != nil { privateKeyObj, err := crypto.NewKeyFromArmored(UserPrivateKey)
return nil, fmt.Errorf("Unable to Create Key From UserPrivateKey string: %w", err) if err != nil {
} return nil, fmt.Errorf("Unable to Create Key From UserPrivateKey string: %w", err)
unlockedKeyObj, err := privateKeyObj.Unlock([]byte(UserPassword)) }
if err != nil { unlockedKeyObj, err := privateKeyObj.Unlock([]byte(UserPassword))
return nil, fmt.Errorf("Unable to Unlock UserPrivateKey using UserPassword: %w", err) if err != nil {
} return nil, fmt.Errorf("Unable to Unlock UserPrivateKey using UserPassword: %w", err)
privateKeyRing, err := crypto.NewKeyRing(unlockedKeyObj) }
if err != nil { privateKeyRing, err := crypto.NewKeyRing(unlockedKeyObj)
return nil, fmt.Errorf("Unable to Create a new Key Ring using the unlocked UserPrivateKey: %w", err) if err != nil {
} return nil, fmt.Errorf("Unable to Create a new Key Ring using the unlocked UserPrivateKey: %w", err)
}
// Cleanup Secrets // Cleanup Secrets
privateKeyRing.ClearPrivateParams() privateKeyRing.ClearPrivateParams()
}
// Create Client Object // Create Client Object
c := &Client{ c := &Client{

17
api/encryption.go
View file

@ -1,19 +1,34 @@
package api package api
import "github.com/ProtonMail/gopenpgp/v2/helper" import (
"fmt"
"github.com/ProtonMail/gopenpgp/v2/helper"
)
// EncryptMessage encrypts a message using the users public key and then signes the message using the users private key // EncryptMessage encrypts a message using the users public key and then signes the message using the users private key
func (c *Client) EncryptMessage(message string) (string, error) { func (c *Client) EncryptMessage(message string) (string, error) {
if c.userPrivateKey == "" {
return "", fmt.Errorf("Client has no Private Key")
} else if c.userPublicKey == "" {
return "", fmt.Errorf("Client has no Public Key")
}
return helper.EncryptSignMessageArmored(c.userPublicKey, c.userPrivateKey, c.userPassword, message) return helper.EncryptSignMessageArmored(c.userPublicKey, c.userPrivateKey, c.userPassword, message)
} }
// EncryptMessageWithPublicKey encrypts a message using the provided public key and then signes the message using the users private key // EncryptMessageWithPublicKey encrypts a message using the provided public key and then signes the message using the users private key
func (c *Client) EncryptMessageWithPublicKey(publickey, message string) (string, error) { func (c *Client) EncryptMessageWithPublicKey(publickey, message string) (string, error) {
if c.userPrivateKey == "" {
return "", fmt.Errorf("Client has no Private Key")
}
return helper.EncryptSignMessageArmored(publickey, c.userPrivateKey, c.userPassword, message) return helper.EncryptSignMessageArmored(publickey, c.userPrivateKey, c.userPassword, message)
} }
// DecryptMessage decrypts a message using the users Private Key // DecryptMessage decrypts a message using the users Private Key
func (c *Client) DecryptMessage(message string) (string, error) { func (c *Client) DecryptMessage(message string) (string, error) {
if c.userPrivateKey == "" {
return "", fmt.Errorf("Client has no Private Key")
}
// We cant Verify the signature as we don't store other users public keys locally and don't know which user did encrypt it // We cant Verify the signature as we don't store other users public keys locally and don't know which user did encrypt it
//return helper.DecryptVerifyMessageArmored(c.userPublicKey, c.userPrivateKey, c.userPassword, message) //return helper.DecryptVerifyMessageArmored(c.userPublicKey, c.userPrivateKey, c.userPassword, message)
return helper.DecryptMessageArmored(c.userPrivateKey, c.userPassword, message) return helper.DecryptMessageArmored(c.userPrivateKey, c.userPassword, message)