From 13300f06a047c8a3bfc12e598371935f793da927 Mon Sep 17 00:00:00 2001 From: Jan Dittberner Date: Sat, 26 Jun 2021 15:30:31 +0200 Subject: [PATCH] Switch to ProtonMail's openpgp implementation golang/x/crypto/openpgp is frozen. This commit switches to ProtonMail's fork github.com/ProtonMail/go-crypto/openpgp to have a version that is used and maintained by the upstream project. --- go.mod | 6 +++--- go.sum | 15 ++++++++++----- signer/openpgpops/openpgpops.go | 10 +++++----- 3 files changed, 18 insertions(+), 13 deletions(-) diff --git a/go.mod b/go.mod index f6f9b4d..3e907e3 100644 --- a/go.mod +++ b/go.mod @@ -3,12 +3,12 @@ module git.cacert.org/cacert-gosigner go 1.15 require ( + github.com/ProtonMail/go-crypto v0.0.0-20210512092938-c05353c2d58c github.com/longsleep/pkac v0.0.0-20191013204540-205111305195 github.com/sirupsen/logrus v1.7.0 go.bug.st/serial v1.1.1 - golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad - golang.org/x/sys v0.0.0-20200909081042-eff7692f9009 + golang.org/x/sys v0.0.0-20201119102817-f84b799fce68 gopkg.in/yaml.v2 v2.4.0 ) -replace golang.org/x/crypto => github.com/jandd/crypto v0.0.0-20210106144236-c3a8dd255ad6 +// replace golang.org/x/crypto => github.com/jandd/crypto v0.0.0-20210106144236-c3a8dd255ad6 diff --git a/go.sum b/go.sum index cfd49f5..7bbf767 100644 --- a/go.sum +++ b/go.sum @@ -1,10 +1,10 @@ +github.com/ProtonMail/go-crypto v0.0.0-20210512092938-c05353c2d58c h1:bNpaLLv2Y4kslsdkdCwAYu8Bak1aGVtxwi8Z/wy4Yuo= +github.com/ProtonMail/go-crypto v0.0.0-20210512092938-c05353c2d58c/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo= github.com/creack/goselect v0.1.1 h1:tiSSgKE1eJtxs1h/VgGQWuXUP0YS4CDIFMp6vaI1ls0= github.com/creack/goselect v0.1.1/go.mod h1:a/NhLweNvqIYMuxcMOuWY516Cimucms3DglDzQP3hKY= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/jandd/crypto v0.0.0-20210106144236-c3a8dd255ad6 h1:CfOE6Sr6BvfT6R90AgKcospJGP5+hwYhOjFR1XVb68Q= -github.com/jandd/crypto v0.0.0-20210106144236-c3a8dd255ad6/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= github.com/longsleep/pkac v0.0.0-20191013204540-205111305195 h1:Ze//Gia3DrTxmw6IiBCusbLcSobh7dBYceVkasDg2vA= github.com/longsleep/pkac v0.0.0-20191013204540-205111305195/go.mod h1:Ck+2Ip7E9leckac1Bt/z0fdjmGCmR87IQsISZX7/qE0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= @@ -19,12 +19,17 @@ github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJy github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= go.bug.st/serial v1.1.1 h1:5J1DpaIaSIruBi7jVnKXnhRS+YQ9+2PLJMtIZKoIgnc= go.bug.st/serial v1.1.1/go.mod h1:VmYBeyJWp5BnJ0tw2NUJHZdJTGl2ecBGABHlzRK1knY= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2 h1:It14KIkyBFYkHkwZ7k45minvA9aorojkyjGk9KJ5B/w= +golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= +golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200909081042-eff7692f9009 h1:W0lCpv29Hv0UaM1LXb9QlBHLNP8UFfcKjblhVCWftOM= golang.org/x/sys v0.0.0-20200909081042-eff7692f9009/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68 h1:nxC68pudNYkKU6jWhgrqdreuFiOQWj1Fs7T3VrH4Pjw= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= diff --git a/signer/openpgpops/openpgpops.go b/signer/openpgpops/openpgpops.go index 44cb3c1..f0faf4b 100644 --- a/signer/openpgpops/openpgpops.go +++ b/signer/openpgpops/openpgpops.go @@ -8,10 +8,10 @@ import ( "os" "time" + "github.com/ProtonMail/go-crypto/openpgp" + "github.com/ProtonMail/go-crypto/openpgp/armor" + "github.com/ProtonMail/go-crypto/openpgp/packet" log "github.com/sirupsen/logrus" - "golang.org/x/crypto/openpgp" - "golang.org/x/crypto/openpgp/armor" - "golang.org/x/crypto/openpgp/packet" ) const hoursInADay = 24 @@ -46,7 +46,7 @@ func (r *OpenPGPRoot) SignPublicKey(pubKey []byte, algorithm crypto.Hash, days u for _, i := range pe.Identities { expiry := calculateExpiry(i, days) - if !i.SelfSignature.KeyExpired(time.Now()) { + if !i.SelfSignature.SigExpired(time.Now()) { sig := &packet.Signature{ SigType: packet.SigTypeGenericCert, PubKeyAlgo: signingKey.PrivateKey.PubKeyAlgo, @@ -113,7 +113,7 @@ func (r *OpenPGPRoot) findSigningKey(identifier string) (*openpgp.Entity, error) log.Tracef("found %s", e.PrimaryKey.KeyIdString()) for _, i := range e.Identities { - if i.UserId.Email == identifier && len(e.Revocations) == 0 && !i.SelfSignature.KeyExpired(time.Now()) { + if i.UserId.Email == identifier && len(e.Revocations) == 0 && !i.SelfSignature.SigExpired(time.Now()) { return e, nil } }