protonmail: make SRP modulus signature failures fatal

In 93c8007, SRP signature errors were made non-fatal because many
users got the following error:

    openpgp: unsupported feature: public key algorithm 22

This is because Protonmail started signing these messages with an
EDDSA key, an algorithm which the Go OpenPGP library does not
support. The switch to github.com/protonmail/crypto introduces this
algorithm, so messages that haven't been tampered with should pass
the verification.

Author: BertalanD

protonmail/srp.go

@@ -8,12 +8,10 @@ import (
 	"errors"
 	"fmt"
 	"io"
-	"log"
 	"math/big"
 
 	"golang.org/x/crypto/openpgp"
 	"golang.org/x/crypto/openpgp/clearsign"
-	openpgperrors "golang.org/x/crypto/openpgp/errors"
 )
 
 var randReader io.Reader = rand.Reader
@@ -45,9 +43,8 @@ func decodeModulus(msg string) ([]byte, error) {
 	}
 
 	_, err = openpgp.CheckDetachedSignature(modulusKeyring, bytes.NewReader(block.Bytes), block.ArmoredSignature.Body, nil)
-	if err != nil && err != openpgperrors.ErrUnknownIssuer {
-		//return nil, fmt.Errorf("failed to decode modulus: %v", err)
-		log.Println("warning: failed to check SRP modulus signature:", err)
+	if err != nil {
+		return nil, fmt.Errorf("failed to check modulus signature: %v", err)
 	}
 
 	b, err := base64.StdEncoding.DecodeString(string(block.Plaintext))