A mail library that encrypts messages with PGP.
MIT
:lock: PGP-encrypted email library for Go
License: MIT License
Only for reading them.
I want to use your library of a PGP signature, but I don't quite understand how to use it in conjunction with go-message. Can you add an example to the repository?
@jbjjbjjbj and I tried the snippet below and Evolution said the resulting signature was BAD (i.e. the signature did not match the message.
var h textproto.Header
h.Add("From", n.sender)
h.Add("To", recipient)
h.Add("Subject", subject)
var hEmpty textproto.Header
wcSigned, err := pgpmail.Sign(wc, h, hEmpty, n.secretSigningKey, nil)
if err != nil {
return err
}
_, err = fmt.Fprintf(wcSigned, body)
if err != nil {
return err
}
err = wcSigned.Close()
if err != nil {
return err
}
Resulting email is attached (renamed from .eml
to .txt
), please let me know if you need more information, thank you :)
Either populate SignatureError
with an error before verification is complete, or switch to our own type.
MIME messages must specify the MIME-Version header at the top level of the message to be compliant with the rfc. However, the writer sets only the multipart MIME types, not the MIME-Version.
Users could set the MIME-Version in the header that is passed to pgpmail. But most are not aware of this. It would be helpful if pgpmail would set the MIME-Version directly.
Would it make sense to set the MIME-Version in the writer?
Sign
takes headers and writes them to the output. It expects the caller to write the message body to the returned io.WriteCloser
, but not the header. This doesn't play well with go-message.
I want to update github.com/ProtonMail/go-crypto
to version v0.0.0-20220407094043-a94812496cf5
in Debian but unfortunately this breaks go-pgpmail.
go test
go: downloading github.com/emersion/go-textwrapper v0.0.0-20200911093747-65d896831594
--- FAIL: TestEncrypt (0.00s)
writer_test.go:46: Encrypt() =
Content-Type: multipart/encrypted; boundary=foo;
protocol="application/pgp-encrypted"
To: John Doe <[email protected]>
From: John Doe <[email protected]>
--foo
Content-Type: application/pgp-encrypted
Version: 1
--foo
Content-Type: application/octet-stream
-----BEGIN PGP MESSAGE-----
wcBMAxF0jxulHQ8+AQf+MKEqgZA3ZR6K79wGFa67rAxC9NudHUXFaXKAxOZqKmt9
dSH+jIbVrnM/5+/noaHY+3/YbPcow/E0XIfb/G0TDfLI1y5NyLRN5u8ms293ONqL
xbEBp1f/mert3UTvi3ewCd4V/bP7+s2XcwgpRFZE6wYV+iFHS1IgMdqNHR2lNhNW
wszcVy6rRCdhiYsgz56YASPfJmGroPARzh1LIPoTKwXisLnAaM0JUb6f2E2/K2Jp
Z6OMrPfiGPl/XGhr80B9UaQjSkMZx8cH3L7Av3Q+q7llRmBK2Y5Skgl96RDDX0Pr
x/6tBxa96LXINovCGS/BZ1jbv9xL175G7x4iXH9VYNLA7wFm6UvU74osO4hM+lnK
NCsu95V5R1HjltYjoQY7HR4k2KplLD7fqWrm/dj8IrwqSrSa6ZgHZCEpROx/goiQ
oqyhtF3XXohwM0C6Mr+ojdmXbBNdOmv3sm+isdFGCIGgiYhcAyBRDMehx3sBLWLY
8oeqR759MhzKztHC0sZaU8OMeAWpD7XVrVHX1JKxfVxHG8FEE2uKXI2YP5TJNv0N
YZc/QtfY/+X4U70zER1DwZM8ZVIgJrFrhLhFjqYwE3CfKw14GqZxTxxL1VwI3VSJ
/zTsUgrfGoG7JLb3z5sgobN2sNSCWuJMMLZq59vLbOph1/DwHe/E1IzlEb5fmKy8
xqEZwkoLpGhfFKi5Db3l28sxeGqVWTz1INeX8A6yfGgLwXlp3+G/3XgdbU69frH2
TjoTdGoJqOq4o6UMsFYuxXuFe6Z/ncXLHgsDiosBGPEsEbby2SEB3aJyCl5o/Z47
eKc13ezboR8W88a2movSZhFVlGDDyvdgxL9rJPS4K5/sLjmFG9o3xgft9im1QAss
c7eWsEhiiJjje6IIPFa+rYaiNUsy7n2syyFMCocLjAbq
=eow+
-----END PGP MESSAGE-----
--foo--
but want
Content-Type: multipart/encrypted; boundary=foo;
protocol="application/pgp-encrypted"
To: John Doe <[email protected]>
From: John Doe <[email protected]>
--foo
Content-Type: application/pgp-encrypted
Version: 1
--foo
Content-Type: application/octet-stream
-----BEGIN PGP MESSAGE-----
wcBMAxF0jxulHQ8+AQf+MKEqgZA3ZR6K79wGFa67rAxC9NudHUXFaXKAxOZqKmt9
dSH+jIbVrnM/5+/noaHY+3/YbPcow/E0XIfb/G0TDfLI1y5NyLRN5u8ms293ONqL
xbEBp1f/mert3UTvi3ewCd4V/bP7+s2XcwgpRFZE6wYV+iFHS1IgMdqNHR2lNhNW
wszcVy6rRCdhiYsgz56YASPfJmGroPARzh1LIPoTKwXisLnAaM0JUb6f2E2/K2Jp
Z6OMrPfiGPl/XGhr80B9UaQjSkMZx8cH3L7Av3Q+q7llRmBK2Y5Skgl96RDDX0Pr
x/6tBxa96LXINovCGS/BZ1jbv9xL175G7x4iXH9VYNLA7wFm6UvU74osO4hM+lnK
NCsu95V5R1HjltYjoQY7HR4k2KplLD7fqWrm/dj8IrwqSrSa6ZgHZCEpROx/goiQ
oqyhtF3XXohwM0C6Mr+ojdmXbBNdOmv3sm+isdFGCIGgiYhcAyBRDMehx3sBLWLY
8oeqR759MhzKztHC0sZa08OMeIpCEINy4eDEAQdbWDg1l+J9W9Bqd5vqx9FI82np
FMueiumFwi+zjV17M/taOLeLGVJudwsH9eWcX2NdyHvTfNWRfx20Z50GB0nwkb9n
4vTfow0vXbcT+1ajnOyrOljwBGfgvcpBG1/9WEQxMoA5tvH3i7y9T4SxpJ2+DjqG
dxGdo+sj0PiQObhCj3sHVIoRHYSCLWid78VY8GUZrBdBA6NAlxj6Pk36Lkp66/55
JaJo2G7ZVnezLkPlr9gFbdc4kkel5ABAD8/1zLIG4LcrCHBBgH5lIP7uv+dAwtsE
jQfrJzA1FD4ZRprc7qhbcIq6NRBIj8amu/KHvBBi+zNOUW4QtrC23LHOGYldrcu1
o3q42OYigPcRIYlmmqkyBmj16Kj5jPnjDry9iv68Z6ot
=TtuG
-----END PGP MESSAGE-----
--foo--
--- FAIL: TestSign (0.00s)
writer_test.go:78: Encrypt() =
Content-Type: multipart/signed; boundary=foo; micalg=pgp-sha256;
protocol="application/pgp-signature"
To: John Doe <[email protected]>
From: John Doe <[email protected]>
--foo
Content-Type: text/plain
This is a signed message!
--foo
Content-Type: application/pgp-signature
-----BEGIN PGP MESSAGE-----
wsBzBAEBCAAnBQJeTcwACZAwchXBPfepZBYhBLGoZpNUFTt5nyIXvzByFcE996lk
AAA7mAgAmxg6jbnvME1ndnuI/O6ZF/tzz8iJDPnwMAyCvfyr8+oMwHMcjAIUOoID
KcS8Q3+qcH7g7S9k2KJkXBC1mUUC0EpWO77UeC8JhAsMpnw021v0OnNJsY6YLBf3
HwZzx9Zd960/AMuwtJGApwoKGraYXN8eRjg/8/qoR8qV3k0mSXy3NTg6+tO9UIZb
iOk52p5B9uHbbrA9TAeKw6rWoyt9xn0TfY5xtk3m/jiMv/gbkDPWBqiL5I51bigY
36kH4II2f3V4ddETwScIVEGNqG7NcV5za38DZwZIPyvcmZ0H3i2tw5ybvRUu2X5T
zOT+98ChRnkuEUAH/Stiw2QSbLCMQg==
=QtD4
-----END PGP MESSAGE-----
--foo--
but want
Content-Type: multipart/signed; boundary=foo; micalg=pgp-sha256;
protocol="application/pgp-signature"
To: John Doe <[email protected]>
From: John Doe <[email protected]>
--foo
Content-Type: text/plain
This is a signed message!
--foo
Content-Type: application/pgp-signature
-----BEGIN PGP MESSAGE-----
wsBzBAEBCAAnBQJeTcwACZAwchXBPfepZBahBLGoZpNUFTt5nyIXvzByFcE996lk
AACmXQgAiu/yJb2o3AX/GYt/GUSEWkYb1GI41ogLpoicrX6UPoUhuIwzNQHvSG62
DDsMrNBKUZfymp6iYFRBEs9Au0o8WwqMFGWWgaDxvI2144gSDN4CDKtyCVRGNcIf
PeL+vfpZIEV1JzzRKLl3nGlFbnSTfpxUg3EYNy51RHNmbvJGRzi43CTYJUp7Lh+/
ibogULsL0ZH3M6QtGhUNcujjqUmVAvAqVxwf7BjBta/G2hOPPCQeVjFsOgcWuIQr
GudsXpoK1FQ+NUrGcXJGgV+bq6r9IGEUafjGJ3087q9hz5drBoUgqlyl62wn7krB
Ql3Afgbl74/eTZO7Mr5cx3us80F3AQ==
=6GTz
-----END PGP MESSAGE-----
--foo--
FAIL
exit status 1
FAIL github.com/emersion/go-pgpmail 0.011s
Sometimes the test TestEncrypt
fails with the following message:
=== RUN TestEncrypt
--- FAIL: TestEncrypt (0.00s)
writer_test.go:82: Encrypt() =
Content-Type: multipart/encrypted; boundary=foo;
protocol="application/pgp-encrypted"
To: John Doe <[email protected]>
From: John Doe <[email protected]>
--foo
Content-Type: application/pgp-encrypted
Version: 1
--foo
Content-Type: application/octet-stream
-----BEGIN PGP MESSAGE-----
wcBMAxF0jxulHQ8+AQgAl/xRyFjnmqOu46Hztqh5nIqAkZsDQ7UJJFEgeDW6YVB+
/tYHeDLiO3yDDx5yTZwB2OUKtE2HJGLUa2zWt24taOVKF11crS+c0n+Avf8ZkFLG
d2bMCVy1uGjjHrw8n09Xpoakg/yUN7QWmu/ck7Ai9rf1EM9ojVrnd8NO6mE7Nh4B
wd1KJK850HXSFNYNaZ1XBjRYKfWFLRpfUfS5j3GtsM0P+FUC9qSCWepvuOHYMyUi
lVEE9iCTylm/lnzG0F8LfMQ7BRp2RP2GztAbMnQMJgOKsTGo9OP+GUPfWC1YFFoc
tIR7NuaAT+eoh9sx1EHWLjU6GtuxKjWlP0jdHoVFI9LgAeQN8+/e7kNNaZmve2uv
5O5y4WSm4a9F4+vHuk9Zfl5M4spm+qDgBuAi4ALhUwngUOIE6Urt4MDkB32+GwYp
1crJC8BYkehfvOA644vPFVo92sAP4F7hUXXgk+FexeCS5KggUWxBg1K1VPJYl/u1
j2TgbeNIAeLWvG3cR+Am4i9CStvgc+Dr4BjhQCXgDeS4PKrqIfGSIKTj8pBBGP5g
4ki0oS7hBjnhWbrhbS3hCYDouYmeskxgU/3mKsXfmCnL/XoR54VBeciQNdg6vzhX
dpO+wA+4qBQUTrLHqOcIZ6wJgNVLDbd2Ekupw+BZmgQgpZ+6sDRtI1UP1NYdmhku
EvydfGLcXBluEAzxTHMZpqrjlhemlG8hvj1tKoazzyHUhWQZq+/qAcwh4pQKjAvY
RL625tZvr65wuXJMOwhjWZW06pZGulyQH9lpoBcvxTZ5Oli+/eP1nW7ojF+c3NMy
nH9vCSIhBxkQhKlz/eKnFQQGT3gdc2GHv0JmqH1pIPtZIOBRt7ADT9kVsItF3+h2
1S4LEyaiarJdZUSqn2mDPr83cO1oUj87L3JWHeqsACmJ8eSZulsKGtDe7VGYNVit
HIlG4pb5cFXhDj0A
=jQ8O
-----END PGP MESSAGE-----
--foo--
but want
Content-Type: multipart/encrypted; boundary=foo;
protocol="application/pgp-encrypted"
To: John Doe <[email protected]>
From: John Doe <[email protected]>
--foo
Content-Type: application/pgp-encrypted
Version: 1
--foo
Content-Type: application/octet-stream
-----BEGIN PGP MESSAGE-----
wcBMAxF0jxulHQ8+AQgAWezllQtm+CSyURcujyHC3bX7PkkhjSj0OHIleBgaeokO
Fvl6FrOt/tWWll6hmeIRqG0w+9RHqELc6uIxRX4Z0kEE8mBVQm14XbD1pF89UcUm
Dr+7aFN41qxITyfgpueVKK8NUdRqwEo+hCZuglWJvrP8886URjTGwZXZK8igAWPK
nmh9Y9fh2gQu1uh8KS+xa1WmsP5k5rnVgxCalY8GKdQgxb+M4M53g/MsTZiax4zB
LNXAtucrImDrgX3tbIg3DJMlJ6/OQOzxrTIz+kAsPYGYRAQmYn8Vl+7+MlwCAFGa
2oL+hE3UvLzIcBKgLSrMPrHrW9AFqSCrZq3DS8n00tLgAeSLN8xZwb2Sx0IfQTK8
Ov5C4crK4VN24+xe7AmNjvVn4gBISH3g4+AQ4MDhTNvgZ+IcsPyF4DLk5hS8mQLm
aE9LD8sQmC6kxuBY42mTL8KEwV3o4MbhZtfgcOGDk+DB5HAWJTIXDlJQDPtMex5M
RgPgjuOZnM9BWf8L2uCo4kD12hDgR+DU4IDhgMvg2uQGpFM3OxTxRhoYkASx2RIt
4mHv4N/hnuPh9EPhnSjhb4joHJW0sFglMOqObXajFbKTrwUafDRbjaEQrCSX1d3l
Gm6Z7B52z/3EAVeQhAnkPDy6AeDk6y7+1S5PK6BCe1xrmVGvnXew0oAOLbiVGpWK
KzUMM1d2bOkdqECHEBKud1j1/dpn4fEz6WfM2w9lPl0hqgs/eMe0gtDA8rzAac+u
uBGs+2cD3PE9eCHwuP6uUkh4ghNXvHrqZXlPPfkUXgpax3l9LwQUJvExcfHzoj14
AGZcCp4vLtfeEptARBIotvcLMAxUhE7B8k5kW731EPex7vglmvqZeQVOTduxtY8w
HOeQ5sDIkcuxainHiFQXGJgt6UXADLSWo/8qNX9QwNN9TuRo013UV/MVJlJdfm29
ZULA4lZzQyjhfWYA
=fWkt
-----END PGP MESSAGE-----
--foo--
The failure occurs nondeterministically, but is deterministic in nature (it is always the same wrong encryption).
Both go 1.13 and go 1.14 exhibit this behaviour - I have not tested other versions.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.