redwood: Don't armor encrypted files/messages

We didn't have GPG armor ciphertext, so we don't need redwood to either. This will result in a noticable speedup during encryption (c.f. #7022). We do need to adjust tests now that we can no longer easily look for the "-----BEGIN PGP MESSAGE-----" string.
freedomofpress · Oct 20, 2023 · 0c1db4b · 0c1db4b
1 parent f6d9bd0
commit 0c1db4b
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 31 deletions.
diff --git a/redwood/src/lib.rs b/redwood/src/lib.rs
@@ -8,7 +8,7 @@ use sequoia_openpgp::crypto::Password;
 use sequoia_openpgp::parse::{stream::DecryptorBuilder, Parse};
 use sequoia_openpgp::policy::StandardPolicy;
 use sequoia_openpgp::serialize::{
-    stream::{Armorer, Encryptor, LiteralWriter, Message},
+    stream::{Encryptor, LiteralWriter, Message},
     SerializeInto,
 };
 use sequoia_openpgp::Cert;
@@ -165,7 +165,6 @@ fn encrypt(
         .open(destination)?;
     let mut writer = BufWriter::new(sink);
     let message = Message::new(&mut writer);
-    let message = Armorer::new(message).build()?;
     let message = Encryptor::for_recipients(message, recipient_keys).build()?;
     let mut message = LiteralWriter::new(message).build()?;
 
@@ -327,40 +326,28 @@ mod tests {
             tmp.clone(),
         )
         .unwrap();
-        let ciphertext = std::fs::read_to_string(tmp).unwrap();
-        // Verify ciphertext looks like an encrypted message
-        assert!(ciphertext.starts_with("-----BEGIN PGP MESSAGE-----\n"));
+        let ciphertext = std::fs::read(tmp).unwrap();
         // Decrypt as key 1
-        let plaintext = decrypt(
-            ciphertext.clone().into_bytes(),
-            secret_key1,
-            PASSPHRASE.to_string(),
-        )
-        .unwrap();
+        let plaintext =
+            decrypt(ciphertext.clone(), secret_key1, PASSPHRASE.to_string())
+                .unwrap();
         // Verify message is what we put in originally
         assert_eq!(
             SECRET_MESSAGE,
             String::from_utf8(plaintext.to_vec()).unwrap()
         );
         // Decrypt as key 2
-        let plaintext = decrypt(
-            ciphertext.clone().into_bytes(),
-            secret_key2,
-            PASSPHRASE.to_string(),
-        )
-        .unwrap();
+        let plaintext =
+            decrypt(ciphertext.clone(), secret_key2, PASSPHRASE.to_string())
+                .unwrap();
         // Verify message is what we put in originally
         assert_eq!(
             SECRET_MESSAGE,
             String::from_utf8(plaintext.to_vec()).unwrap()
         );
         // Try to decrypt as key 3, expect an error
-        let err = decrypt(
-            ciphertext.into_bytes(),
-            secret_key3,
-            PASSPHRASE.to_string(),
-        )
-        .unwrap_err();
+        let err = decrypt(ciphertext, secret_key3, PASSPHRASE.to_string())
+            .unwrap_err();
         assert_eq!(
             err.to_string(),
             "OpenPGP error: no matching pkesk, wrong secret key provided?"

diff --git a/securedrop/tests/test_encryption.py b/securedrop/tests/test_encryption.py
@@ -114,9 +114,9 @@ def test_encrypt_source_message(self, config, tmp_path):
             message_in=message, encrypted_message_path_out=encrypted_message_path
         )
 
-        # And the output file contains the encrypted data
+        # And the output file doesn't contain the message plaintext
         encrypted_message = encrypted_message_path.read_bytes()
-        assert encrypted_message.startswith(b"-----BEGIN PGP MESSAGE-----")
+        assert message.encode() not in encrypted_message
 
         # And the journalist is able to decrypt the message
         decrypted_message = utils.decrypt_as_journalist(encrypted_message).decode()
@@ -138,9 +138,9 @@ def test_encrypt_source_file(self, config, tmp_path):
                 encrypted_file_path_out=encrypted_file_path,
             )
 
-        # And the output file contains the encrypted data
+        # And the output file doesn't contain the file plaintext
         encrypted_file = encrypted_file_path.read_bytes()
-        assert encrypted_file.startswith(b"-----BEGIN PGP MESSAGE-----")
+        assert file_to_encrypt_path.read_bytes() not in encrypted_file
 
         # And the journalist is able to decrypt the file
         decrypted_file = utils.decrypt_as_journalist(encrypted_file)
@@ -173,9 +173,9 @@ def test_encrypt_and_decrypt_journalist_reply(
             encrypted_reply_path_out=encrypted_reply_path,
         )
 
-        # And the output file contains the encrypted data
+        # And the output file doesn't contain the reply plaintext
         encrypted_reply = encrypted_reply_path.read_bytes()
-        assert encrypted_reply.startswith(b"-----BEGIN PGP MESSAGE-----")
+        assert journalist_reply.encode() not in encrypted_reply
 
         # And source1 is able to decrypt the reply
         decrypted_reply = encryption_mgr.decrypt_journalist_reply(
@@ -224,9 +224,9 @@ def test_gpg_encrypt_and_decrypt_journalist_reply(
                 encrypted_reply_path_out=encrypted_reply_path,
             )
 
-            # And the output file contains the encrypted data
+            # And the output file doesn't contain the reply plaintext
             encrypted_reply = encrypted_reply_path.read_bytes()
-            assert encrypted_reply.startswith(b"-----BEGIN PGP MESSAGE-----")
+            assert journalist_reply.encode() not in encrypted_reply
 
             # And source1 is able to decrypt the reply
             decrypted_reply = encryption_mgr.decrypt_journalist_reply(