ProtonMail · zugzwang · Aug 28, 2019 · Aug 28, 2019 · Aug 28, 2019 · Aug 28, 2019
diff --git a/openpgp/armor/armor.go b/openpgp/armor/armor.go
@@ -35,6 +35,7 @@ type Block struct {
 	oReader openpgpReader
 }
 
+// ArmorCorrupt is returned if an armor is invalid.
 var ArmorCorrupt error = errors.StructuralError("armor invalid")
 
 const crc24Init = 0xb704ce

diff --git a/openpgp/armor/encode.go b/openpgp/armor/encode.go
@@ -87,7 +87,6 @@ func (l *lineBreaker) Close() (err error) {
 			return
 		}
 	}
-
 	return
 }
 
@@ -115,7 +114,10 @@ func (e *encoding) Close() (err error) {
 	if err != nil {
 		return
 	}
-	e.breaker.Close()
+	closeErr := e.breaker.Close()
+	if closeErr != nil {
+		return
+	}
 
 	var checksumBytes [3]byte
 	checksumBytes[0] = byte(e.crc >> 16)

diff --git a/openpgp/canonical_text.go b/openpgp/canonical_text.go
@@ -30,16 +30,21 @@ func writeCanonical(cw io.Writer, buf []byte, s *int) (int, error) {
 			if c == '\r' {
 				*s = 1
 			} else if c == '\n' {
-				cw.Write(buf[start:i])
-				cw.Write(newline)
+				_, err1 := cw.Write(buf[start:i])
+				_, err2 := cw.Write(newline)
+				if err1 != nil || err2 != nil {
+					panic("Error writing to io.Writer instance")
+				}
 				start = i + 1
 			}
 		case 1:
 			*s = 0
 		}
 	}
-
-	cw.Write(buf[start:])
+	_, err := cw.Write(buf[start:])
+	if err != nil {
+		panic("Error writing to io.Writer instance")
+	}
 	return len(buf), nil
 }
 

diff --git a/openpgp/clearsign/clearsign.go b/openpgp/clearsign/clearsign.go
@@ -222,7 +222,9 @@ func (d *dashEscaper) Write(data []byte) (n int, err error) {
 			// The final CRLF isn't included in the hash so we have to wait
 			// until this point (the start of the next line) before writing it.
 			if !d.isFirstLine {
-				d.toHash.Write(crlf)
+				if _, err = d.toHash.Write(crlf); err != nil {
+					return
+				}
 			}
 			d.isFirstLine = false
 		}
@@ -243,12 +245,16 @@ func (d *dashEscaper) Write(data []byte) (n int, err error) {
 				if _, err = d.buffered.Write(dashEscape); err != nil {
 					return
 				}
-				d.toHash.Write(d.byteBuf)
+				if _, err = d.toHash.Write(d.byteBuf); err != nil {
+					return
+				}
 				d.atBeginningOfLine = false
 			} else if b == '\n' {
 				// Nothing to do because we delay writing CRLF to the hash.
 			} else {
-				d.toHash.Write(d.byteBuf)
+				if _, err = d.toHash.Write(d.byteBuf); err != nil {
+					return
+				}
 				d.atBeginningOfLine = false
 			}
 			if err = d.buffered.WriteByte(b); err != nil {
@@ -269,13 +275,17 @@ func (d *dashEscaper) Write(data []byte) (n int, err error) {
 				// Any buffered whitespace wasn't at the end of the line so
 				// we need to write it out.
 				if len(d.whitespace) > 0 {
-					d.toHash.Write(d.whitespace)
+					if _, err = d.toHash.Write(d.whitespace); err != nil {
+						return
+					}
 					if _, err = d.buffered.Write(d.whitespace); err != nil {
 						return
 					}
 					d.whitespace = d.whitespace[:0]
 				}
-				d.toHash.Write(d.byteBuf)
+				if _, err = d.toHash.Write(d.byteBuf); err != nil {
+					return
+				}
 				if err = d.buffered.WriteByte(b); err != nil {
 					return
 				}

diff --git a/openpgp/ecdh/ecdh.go b/openpgp/ecdh/ecdh.go
@@ -18,23 +18,27 @@ import (
 	"golang.org/x/crypto/openpgp/internal/ecc"
 )
 
+// KDF is the Key Derivation Function as Specified in RFC 6637, section 7.
 type KDF struct {
 	Hash   algorithm.Hash
 	Cipher algorithm.Cipher
 }
 
+// PublicKey represents an ECDH public key.
 type PublicKey struct {
 	ecc.CurveType
 	elliptic.Curve
 	X, Y *big.Int
 	KDF
 }
 
+// PrivateKey represents an ECDH private key.
 type PrivateKey struct {
-	PublicKey
 	D []byte
+	PublicKey
 }
 
+// GenerateKey returns a PrivateKey object and an eventual error.
 func GenerateKey(c elliptic.Curve, kdf KDF, rand io.Reader) (priv *PrivateKey, err error) {
 	priv = new(PrivateKey)
 	priv.PublicKey.Curve = c
@@ -43,6 +47,10 @@ func GenerateKey(c elliptic.Curve, kdf KDF, rand io.Reader) (priv *PrivateKey, e
 	return
 }
 
+// Encrypt encrypts the given message to the given key. It first generates the
+// shared secret from the given random reader, and proceeds to encrypt. It
+// returns the generated key pair in compressed form, the ciphertext, and an
+// eventual error.
 func Encrypt(random io.Reader, pub *PublicKey, msg, curveOID, fingerprint []byte) (vsG, c []byte, err error) {
 	if len(msg) > 40 {
 		return nil, nil, errors.New("ecdh: message too long")
@@ -86,6 +94,8 @@ func Encrypt(random io.Reader, pub *PublicKey, msg, curveOID, fingerprint []byte
 
 }
 
+// Decrypt decrypts the given message with the given private key. It returns a
+// plaintext and an eventual error.
 func Decrypt(priv *PrivateKey, vsG, m, curveOID, fingerprint []byte) (msg []byte, err error) {
 	if priv.PublicKey.CurveType == ecc.Curve25519 {
 		return X25519Decrypt(priv, vsG, m, curveOID, fingerprint)

diff --git a/openpgp/ecdh/x25519.go b/openpgp/ecdh/x25519.go
@@ -16,6 +16,8 @@ import (
 	"golang.org/x/crypto/openpgp/internal/ecc"
 )
 
+// X25519GenerateParams generates and returns the parameters specified in RFC
+// 6637, section 8, with the given random reader.
 func X25519GenerateParams(rand io.Reader) (priv [32]byte, x [32]byte, err error) {
 	var n, helper = new (big.Int), new (big.Int)
 	n.SetUint64(1)
@@ -43,6 +45,8 @@ func X25519GenerateParams(rand io.Reader) (priv [32]byte, x [32]byte, err error)
 	return
 }
 
+// X25519GenerateKey generates and returns a private key from the given random
+// reader and KDF, along with an eventual error.
 func X25519GenerateKey(rand io.Reader, kdf KDF) (priv *PrivateKey, err error) {
 	ci := ecc.FindByName("Curve25519")
 	priv = new(PrivateKey)
@@ -69,6 +73,8 @@ func X25519GenerateKey(rand io.Reader, kdf KDF) (priv *PrivateKey, err error) {
 	return priv, nil
 }
 
+// X25519Encrypt is the Encrypt procedure of the ecdh package when the public
+// key is set with curve 25519.
 func X25519Encrypt(random io.Reader, pub *PublicKey, msg, curveOID, fingerprint []byte) (vsG, c []byte, err error) {
 	d, ephemeralKey, err := X25519GenerateParams(random)
 	if err != nil {
@@ -101,6 +107,8 @@ func X25519Encrypt(random io.Reader, pub *PublicKey, msg, curveOID, fingerprint
 	return vsg[:], c, nil
 }
 
+// X25519Decrypt is the Encrypt procedure of the ecdh package when the public
+// key is set with curve 25519.
 func X25519Decrypt(priv *PrivateKey, vsG, m, curveOID, fingerprint []byte) (msg []byte, err error) {
 	var zb, d, ephemeralKey[32]byte
 	if len(vsG) != 33 || vsG[0] != 0x40 {
@@ -141,4 +149,4 @@ func copyReversed(out []byte, in []byte) {
 	for i := 0; i < l; i++ {
 		out[i] = in[l-i-1]
 	}
-}
+}