-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathgpg.go
78 lines (71 loc) · 2.18 KB
/
gpg.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
package gitcrypt
import (
"bytes"
"errors"
"io"
"log"
"strings"
"github.com/ProtonMail/go-crypto/openpgp"
"github.com/ProtonMail/go-crypto/openpgp/armor"
"github.com/ProtonMail/go-crypto/openpgp/packet"
)
type rawKeyData []byte
func gpgArmoredKeyIngest(input rawKeyData) (*openpgp.Entity, error) {
block, err := armor.Decode(bytes.NewReader([]byte(input)))
if err != nil {
return nil, err
}
switch block.Type {
case openpgp.PublicKeyType:
// Handle public key block
log.Printf("gpgArmoredKeyIngest(): ingesting public key")
return openpgp.ReadEntity(packet.NewReader(block.Body))
case openpgp.PrivateKeyType:
// Handle private key block
log.Printf("gpgArmoredKeyIngest(): ingesting private key")
return openpgp.ReadEntity(packet.NewReader(block.Body))
default:
return nil, errors.New("gpgArmoredKeyIngest(): Error ingesting key, unsupported type " + block.Type)
}
}
func gpgDecrypt(in []byte, secretKeyring openpgp.EntityList) ([]byte, error) {
// Determine if there's any armoring going on
if strings.Contains(string(in), "BEGIN PGP MESSAGE") {
result, err := armor.Decode(bytes.NewReader(in))
if err != nil {
log.Printf("gpgDecrypt(): Decode(armored): %s", err.Error())
return []byte{}, err
}
md, err := openpgp.ReadMessage(result.Body, secretKeyring, nil, nil)
if err != nil {
log.Printf("gpgDecrypt(): ReadMessage(armored): %s", err.Error())
return []byte{}, err
}
return io.ReadAll(md.UnverifiedBody)
}
md, err := openpgp.ReadMessage(bytes.NewReader(in), secretKeyring, nil, nil)
if err != nil {
log.Printf("gpgDecrypt(): ReadMessage: %s", err.Error())
return []byte{}, err
}
return io.ReadAll(md.UnverifiedBody)
}
func gpgEncrypt(in []byte, secretKey *openpgp.Entity) ([]byte, error) {
buf := new(bytes.Buffer)
w, err := openpgp.Encrypt(buf, openpgp.EntityList{secretKey}, nil, nil, nil)
if err != nil {
log.Printf("gpgEncrypt(): Encrypt: %s", err.Error())
return []byte{}, err
}
_, err = w.Write(in)
if err != nil {
log.Printf("gpgEncrypt(): Write: %s", err.Error())
return []byte{}, err
}
err = w.Close()
if err != nil {
log.Printf("gpgEncrypt(): Close: %s", err.Error())
return []byte{}, err
}
return buf.Bytes(), nil
}