Mike/pop
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

FRE-682: Add folder/label management, search, and fix PGP build

Browse Source 
- Add pop mail search CLI command with pagination support
- Create internal/labels package with types and API client
- Add folder list/create/update/delete CLI commands
- Add label list/create/update/delete/apply/remove CLI commands
- Register folder and label commands in root.go
- Fix gopenpgp v2 API mismatches in pgp.go (NewPlainMessage, Armor,
  KeyRing.Encrypt/Decrypt, SessionKey)
- Fix NewSessionManager error handling across cmd files
- Fix variable shadowing bug in mail/client.go
This commit is contained in:
Paperclip
2026-04-28 06:37:47 -04:00
committed by Michael Freno
parent 35d47733ea
commit af25fd5575
12 changed files with 1033 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
internal/mail/client.go
View File

@@ -238,7 +238,7 @@ func (c *Client) SaveDraft(draft Draft, passphrase string) (string, error) {
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
respBody, err := io.ReadAll(resp.Body)
if err != nil {
return "", fmt.Errorf("failed to read response: %w", err)
}
@@ -248,7 +248,7 @@ func (c *Client) SaveDraft(draft Draft, passphrase string) (string, error) {
MessageID string `json:"MessageID"`
} `json:"Data"`
}
if err := json.Unmarshal(body, &result); err != nil {
if err := json.Unmarshal(respBody, &result); err != nil {
return "", fmt.Errorf("failed to parse response: %w", err)
}

107
internal/mail/pgp.go
View File

@@ -36,50 +36,69 @@ func NewPGPService(privateKeyArmored string) (*PGPService, error) {
}
func (s *PGPService) Encrypt(plaintext string, recipientPublicKey *crypto.Key) (string, error) {
pgpMessage, err := crypto.NewPlainMessage([]byte(plaintext))
pgpMessage := crypto.NewPlainMessage([]byte(plaintext))
recipientKeyRing, err := crypto.NewKeyRing(recipientPublicKey)
if err != nil {
return "", fmt.Errorf("failed to create PGP message: %w", err)
return "", fmt.Errorf("failed to create recipient key ring: %w", err)
}
encrypted, err := pgpMessage.Encrypt(recipientPublicKey)
encrypted, err := recipientKeyRing.Encrypt(pgpMessage, nil)
if err != nil {
return "", fmt.Errorf("failed to encrypt: %w", err)
}
return encrypted.GetArmored()
armored, err := encrypted.GetArmored()
if err != nil {
return "", fmt.Errorf("failed to armor encrypted message: %w", err)
}
return armored, nil
}
func (s *PGPService) EncryptAndSign(plaintext string, recipientPublicKey *crypto.Key, passphrase string) (string, error) {
pgpMessage, err := crypto.NewPlainMessage([]byte(plaintext))
pgpMessage := crypto.NewPlainMessage([]byte(plaintext))
recipientKeyRing, err := crypto.NewKeyRing(recipientPublicKey)
if err != nil {
return "", fmt.Errorf("failed to create PGP message: %w", err)
return "", fmt.Errorf("failed to create recipient key ring: %w", err)
}
encrypted, err := pgpMessage.EncryptAndSign(recipientPublicKey, s.keyRing.PrivateKey, []byte(passphrase))
signingKeyRing, err := crypto.NewKeyRing(s.keyRing.PrivateKey)
if err != nil {
return "", fmt.Errorf("failed to create signing key ring: %w", err)
}
encrypted, err := recipientKeyRing.Encrypt(pgpMessage, signingKeyRing)
if err != nil {
return "", fmt.Errorf("failed to encrypt and sign: %w", err)
}
return encrypted.GetArmored()
armored, err := encrypted.GetArmored()
if err != nil {
return "", fmt.Errorf("failed to armor encrypted message: %w", err)
}
return armored, nil
}
func (s *PGPService) Decrypt(encrypted string, passphrase string) (string, error) {
armoredKey, err := crypto.NewKeyFromArmored(encrypted)
if err != nil {
return "", fmt.Errorf("failed to parse armored key: %w", err)
}
pgpMessage, err := crypto.NewPlainMessageFromString(armoredKey.GetArmored())
pgpMessage, err := crypto.NewPGPMessageFromArmored(encrypted)
if err != nil {
return "", fmt.Errorf("failed to parse encrypted message: %w", err)
}
decrypted, err := pgpMessage.Decrypt(s.keyRing.PrivateKey, []byte(passphrase))
decryptionKeyRing, err := crypto.NewKeyRing(s.keyRing.PrivateKey)
if err != nil {
return "", fmt.Errorf("failed to create decryption key ring: %w", err)
}
decrypted, err := decryptionKeyRing.Decrypt(pgpMessage, nil, 0)
if err != nil {
return "", fmt.Errorf("failed to decrypt: %w", err)
}
return string(decrypted.GetBinary()), nil
return decrypted.GetString(), nil
}
func (s *PGPService) GenerateKeyPair(email string, passphrase string) (privateKey, publicKey string, err error) {
@@ -100,7 +119,7 @@ func (s *PGPService) GenerateKeyPair(email string, passphrase string) (privateKe
pubArmor := string(pubKeyBytes)
return string(privateArmor), pubArmor, nil
return privateArmor, pubArmor, nil
}
func (s *PGPService) GetFingerprint() (string, error) {
@@ -112,17 +131,24 @@ func (s *PGPService) GetFingerprint() (string, error) {
}
func (s *PGPService) SignData(data []byte, passphrase string) (string, error) {
pgpMessage, err := crypto.NewPlainMessage(data)
pgpMessage := crypto.NewPlainMessage(data)
signingKeyRing, err := crypto.NewKeyRing(s.keyRing.PrivateKey)
if err != nil {
return "", fmt.Errorf("failed to create PGP message: %w", err)
return "", fmt.Errorf("failed to create signing key ring: %w", err)
}
signed, err := pgpMessage.Sign(s.keyRing.PrivateKey, []byte(passphrase))
signed, err := signingKeyRing.SignDetached(pgpMessage)
if err != nil {
return "", fmt.Errorf("failed to sign data: %w", err)
}
return signed.GetArmored()
armored, err := signed.GetArmored()
if err != nil {
return "", fmt.Errorf("failed to armor signed data: %w", err)
}
return armored, nil
}
func (s *PGPService) EncryptAttachment(data []byte, recipientPublicKey *crypto.Key) (*Attachment, error) {
@@ -131,32 +157,30 @@ func (s *PGPService) EncryptAttachment(data []byte, recipientPublicKey *crypto.K
return nil, fmt.Errorf("failed to generate symmetric key: %w", err)
}
symKeyRing, err := crypto.NewKeyFromArmored(recipientPublicKey.GetArmored())
if err != nil {
return nil, fmt.Errorf("failed to parse recipient key: %w", err)
}
pgpMessage := crypto.NewPlainMessage(data)
pgpMessage, err := crypto.NewPlainMessage(data)
if err != nil {
return nil, fmt.Errorf("failed to create PGP message: %w", err)
}
encrypted, err := pgpMessage.Encrypt(symKeyRing)
sk, err := crypto.NewSessionKeyFromToken(symKey, "AES256").Encrypt(pgpMessage)
if err != nil {
return nil, fmt.Errorf("failed to encrypt attachment: %w", err)
}
encData := []byte(encrypted.GetBinary())
// Encrypt the symmetric key with recipient's public key
recipientKeyRing, err := crypto.NewKeyRing(recipientPublicKey)
if err != nil {
return nil, fmt.Errorf("failed to create recipient key ring: %w", err)
}
encryptedSymKey, err := symKeyRing.Encrypt(symKey)
encryptedSymKey, err := recipientKeyRing.EncryptSessionKey(
crypto.NewSessionKeyFromToken(symKey, "AES256"),
)
if err != nil {
return nil, fmt.Errorf("failed to encrypt symmetric key: %w", err)
}
return &Attachment{
DataEnc: string(encData),
DataEnc: string(sk),
Keys: []AttachmentKey{{
DataEnc: string(encryptedSymKey.GetBinary()),
DataEnc: string(encryptedSymKey),
}},
}, nil
}
@@ -166,22 +190,17 @@ func (s *PGPService) DecryptAttachment(attachment *Attachment, passphrase string
return nil, fmt.Errorf("no keys available for attachment decryption")
}
encryptedSymKey, err := crypto.NewKeyFromArmored(string(attachment.Keys[0].DataEnc))
decryptionKeyRing, err := crypto.NewKeyRing(s.keyRing.PrivateKey)
if err != nil {
return nil, fmt.Errorf("failed to parse encrypted symmetric key: %w", err)
return nil, fmt.Errorf("failed to create decryption key ring: %w", err)
}
symKey, err := encryptedSymKey.Decrypt([]byte(passphrase))
sk, err := decryptionKeyRing.DecryptSessionKey([]byte(attachment.Keys[0].DataEnc))
if err != nil {
return nil, fmt.Errorf("failed to decrypt symmetric key: %w", err)
}
pgpMessage, err := crypto.NewPlainMessage([]byte(attachment.DataEnc))
if err != nil {
return nil, fmt.Errorf("failed to create PGP message: %w", err)
}
decrypted, err := pgpMessage.DecryptWithKey(s.keyRing.PrivateKey, symKey)
decrypted, err := sk.Decrypt([]byte(attachment.DataEnc))
if err != nil {
return nil, fmt.Errorf("failed to decrypt attachment: %w", err)
}