Documentation ¶
Index ¶
- func CalculateExpiry(creationTime time.Time, lifetimeSecs *uint32) (bool, *time.Time)
- func SubkeyExpiry(subkey openpgp.Subkey) (bool, *time.Time)
- type ByCreated
- type BySubkeyCreated
- type IncorrectPassword
- type Loader
- type LoaderInterface
- type PgpKey
- func (key *PgpKey) Armor() (string, error)
- func (key *PgpKey) ArmorPrivate(passwordToEncryptWith string) (string, error)
- func (key *PgpKey) ArmorRevocationCertificate(now time.Time) (string, error)
- func (p *PgpKey) CertifyEmail(email string, certifier *PgpKey, now time.Time) error
- func (key *PgpKey) CreateNewEncryptionSubkey(validUntil time.Time, now time.Time, random io.Reader) error
- func (p *PgpKey) DecryptArmored(encrypted string) (io.Reader, *packet.LiteralData, error)
- func (p *PgpKey) DecryptArmoredToString(encrypted string) (string, *packet.LiteralData, error)
- func (key *PgpKey) Email() (string, error)
- func (key *PgpKey) Emails(allowUnbracketed bool) []string
- func (key *PgpKey) EncryptionSubkey(now time.Time) *openpgp.Subkey
- func (key *PgpKey) ExpireSubkey(subkeyId uint64, now time.Time) error
- func (key *PgpKey) Fingerprint() fpr.Fingerprint
- func (key *PgpKey) GetRevocationSignature(reason uint8, reasonText string, now time.Time) (*packet.Signature, error)
- func (p *PgpKey) MakeArmoredDetachedSignature(dataToSign []byte) (string, error)
- func (key *PgpKey) RefreshSubkeyBindingSignature(subkeyId uint64, now time.Time) error
- func (key *PgpKey) RefreshUserIdSelfSignatures(now time.Time) error
- func (key *PgpKey) SetPreferredCompressionAlgorithms(algos []compression.CompressionAlgorithm, now time.Time) error
- func (key *PgpKey) SetPreferredHashAlgorithms(algos []hash.HashAlgorithm, now time.Time) error
- func (key *PgpKey) SetPreferredSymmetricAlgorithms(algos []symmetric.SymmetricAlgorithm, now time.Time) error
- func (key *PgpKey) Slug() (string, error)
- func (key *PgpKey) Subkey(subkeyId uint64) (*openpgp.Subkey, error)
- func (key *PgpKey) UpdateExpiryForAllUserIds(validUntil time.Time, now time.Time) error
- func (key *PgpKey) UpdateSubkeyValidUntil(subkeyId uint64, validUntil time.Time, now time.Time) error
- type PgpKeyInterface
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CalculateExpiry ¶
CalculateExpiry takes a creationtime and a key lifetime in seconds (pointer) and returns a corresponding time.Time
From https://tools.ietf.org/html/rfc4880#section-5.2.3.6 "If this is not present or has a value of zero, the key never expires."
Types ¶
type ByCreated ¶
type ByCreated []PgpKey
ByCreated implements sort.Interface for []PgpKey based on the PrimaryKey.CreationTime field.
type BySubkeyCreated ¶
ByCreated implements sort.Interface for []openpgp.Subkey based on the PublicKey.CreationTime field.
func (BySubkeyCreated) Len ¶
func (a BySubkeyCreated) Len() int
func (BySubkeyCreated) Less ¶
func (a BySubkeyCreated) Less(i, j int) bool
func (BySubkeyCreated) Swap ¶
func (a BySubkeyCreated) Swap(i, j int)
type IncorrectPassword ¶
type IncorrectPassword struct {
// contains filtered or unexported fields
}
func (*IncorrectPassword) Error ¶
func (e *IncorrectPassword) Error() string
type Loader ¶
type Loader struct { }
Loader provides a simple accessor method for loading private keys
type LoaderInterface ¶ added in v1.0.0
type LoaderInterface interface {
LoadFromArmoredEncryptedPrivateKey(string, string) (*PgpKey, error)
}
LoaderInterface allows mocking Loader (not PgpKey) which itself wraps the package function pgpkey.LoadFromArmoredEncryptedPrivateKey
type PgpKey ¶
func LoadFromArmoredEncryptedPrivateKey ¶
LoadFromArmoredEncryptedPrivateKey takes a single ascii-armored, encrypted private key and returns PgpKey with:
* a decrypted PrivateKey. * all subkeys decrypted
If the password is wrong (at least, if .PrivateKey.Decrypt(password) returns an error), this function returns an error of type `IncorrectPassword`.
func LoadFromArmoredPublicKey ¶
LoadFromArmoredPublicKey takes a single ascii-armored public key and returns a PgpKey
func (*PgpKey) Armor ¶
Armor returns the public part of a key in armored format. Adapted with thanks from https://github.com/alokmenghrajani/gpgeez/blob/master/gpgeez.go
func (*PgpKey) ArmorPrivate ¶
ArmorPrivate returns the private part of a key in armored format.
Note: if you want to protect the string against varous low-level attacks, you should look at https://github.com/stouset/go.secrets and https://github.com/worr/secstring and then re-implement this function.
Adapted with thanks from https://github.com/alokmenghrajani/gpgeez/blob/master/gpgeez.go
func (*PgpKey) ArmorRevocationCertificate ¶
func (*PgpKey) CertifyEmail ¶ added in v1.0.0
CertifyEmail finds user IDs which match the given email, and creates a certification signature using the unlocked key certifier.
func (*PgpKey) CreateNewEncryptionSubkey ¶
func (key *PgpKey) CreateNewEncryptionSubkey(validUntil time.Time, now time.Time, random io.Reader) error
CreateNewEncryptionSubkey creaates and signs a new encryption subkey for the primary key, valid until a specified time.
The `random` parameter provides a source of entropy. If `nil`, a cryptographically secure source is used.
func (*PgpKey) DecryptArmored ¶ added in v0.4.0
DecryptArmored takes an ascii armored encrypted PGP message and attempts to decrypt it against the key, returning an io.Reader
func (*PgpKey) DecryptArmoredToString ¶ added in v0.4.0
DecryptArmoredToString returns DecryptArmored as a UTF8 string. If the decrypted data does not decode as UTF-8, it will return an error.
func (*PgpKey) Emails ¶
Emails returns a list of email addresses parsed from user ids, sorted by 1. whether it's a primary user id (primary come first) 2. the self signature creation time (oldest first) 3. the email address (domain part followed by name part)
Set allowUnbracketed to true to accept (invalid) email-only UIDs from GnuPG.
A UID with the form `example@example.com` is technically not a valid `name-addr` (https://tools.ietf.org/html/rfc2822#section-3.4) as it should have angle brackets: `<example@example.com>`
Currently with GnuPG it's impossible to make a email-only UID that is a valid name-addr (it outputs as 'example@example.com' and won't allow you to force '<example@example.com>`
func (*PgpKey) EncryptionSubkey ¶
func (*PgpKey) ExpireSubkey ¶
ExpireSubkey prevents the given subkey from being usable.
func (*PgpKey) Fingerprint ¶
func (key *PgpKey) Fingerprint() fpr.Fingerprint
func (*PgpKey) GetRevocationSignature ¶
func (*PgpKey) MakeArmoredDetachedSignature ¶ added in v1.0.0
func (*PgpKey) RefreshSubkeyBindingSignature ¶
func (*PgpKey) RefreshUserIdSelfSignatures ¶
func (*PgpKey) SetPreferredCompressionAlgorithms ¶
func (key *PgpKey) SetPreferredCompressionAlgorithms(algos []compression.CompressionAlgorithm, now time.Time) error
func (*PgpKey) SetPreferredHashAlgorithms ¶
func (*PgpKey) SetPreferredSymmetricAlgorithms ¶
func (*PgpKey) UpdateExpiryForAllUserIds ¶
type PgpKeyInterface ¶ added in v1.0.0
type PgpKeyInterface interface { Armor() (string, error) ArmorPrivate(string) (string, error) Fingerprint() fingerprint.Fingerprint }
PgpKeyInterface allows mocking PgpKey