Documentation ¶
Overview ¶
Package packet implements parsing and serialization of OpenPGP packets, as specified in RFC 4880.
Index ¶
- Constants
- func SerializeEncryptedKey(w io.Writer, rand io.Reader, pub *PublicKey, cipherFunc CipherFunction, ...) os.Error
- func SerializeLiteral(w io.WriteCloser, isBinary bool, fileName string, time uint32) (plaintext io.WriteCloser, err os.Error)
- func SerializeSymmetricKeyEncrypted(w io.Writer, rand io.Reader, passphrase []byte, cipherFunc CipherFunction) (key []byte, err os.Error)
- func SerializeSymmetricallyEncrypted(w io.Writer, c CipherFunction, key []byte) (contents io.WriteCloser, err os.Error)
- type CipherFunction
- type Compressed
- type EncryptedKey
- type LiteralData
- type OnePassSignature
- type Packet
- type PrivateKey
- type PublicKey
- func (pk *PublicKey) CanSign() bool
- func (pk *PublicKey) KeyIdShortString() string
- func (pk *PublicKey) KeyIdString() string
- func (pk *PublicKey) Serialize(w io.Writer) (err os.Error)
- func (pk *PublicKey) SerializeSignaturePrefix(h hash.Hash)
- func (pk *PublicKey) VerifyKeySignature(signed *PublicKey, sig *Signature) (err os.Error)
- func (pk *PublicKey) VerifySignature(signed hash.Hash, sig *Signature) (err os.Error)
- func (pk *PublicKey) VerifyUserIdSignature(id string, sig *Signature) (err os.Error)
- type PublicKeyAlgorithm
- type Reader
- type Signature
- type SignatureType
- type SymmetricKeyEncrypted
- type SymmetricallyEncrypted
- type UserId
Constants ¶
const ( SigTypeBinary SignatureType = 0 SigTypeText = 1 SigTypeGenericCert = 0x10 SigTypePersonaCert = 0x11 SigTypeCasualCert = 0x12 SigTypePositiveCert = 0x13 SigTypeSubkeyBinding = 0x18 )
Variables ¶
This section is empty.
Functions ¶
func SerializeEncryptedKey ¶
func SerializeEncryptedKey(w io.Writer, rand io.Reader, pub *PublicKey, cipherFunc CipherFunction, key []byte) os.Error
SerializeEncryptedKey serializes an encrypted key packet to w that contains key, encrypted to pub.
func SerializeLiteral ¶
func SerializeLiteral(w io.WriteCloser, isBinary bool, fileName string, time uint32) (plaintext io.WriteCloser, err os.Error)
SerializeLiteral serializes a literal data packet to w and returns a WriteCloser to which the data itself can be written and which MUST be closed on completion. The fileName is truncated to 255 bytes.
func SerializeSymmetricKeyEncrypted ¶
func SerializeSymmetricKeyEncrypted(w io.Writer, rand io.Reader, passphrase []byte, cipherFunc CipherFunction) (key []byte, err os.Error)
SerializeSymmetricKeyEncrypted serializes a symmetric key packet to w. The packet contains a random session key, encrypted by a key derived from the given passphrase. The session key is returned and must be passed to SerializeSymmetricallyEncrypted.
func SerializeSymmetricallyEncrypted ¶
func SerializeSymmetricallyEncrypted(w io.Writer, c CipherFunction, key []byte) (contents io.WriteCloser, err os.Error)
SerializeSymmetricallyEncrypted serializes a symmetrically encrypted packet to w and returns a WriteCloser to which the to-be-encrypted packets can be written.
Types ¶
type CipherFunction ¶
type CipherFunction uint8
CipherFunction represents the different block ciphers specified for OpenPGP. See http://www.iana.org/assignments/pgp-parameters/pgp-parameters.xhtml#pgp-parameters-13
const ( CipherCAST5 CipherFunction = 3 CipherAES128 CipherFunction = 7 CipherAES192 CipherFunction = 8 CipherAES256 CipherFunction = 9 )
func (CipherFunction) KeySize ¶
func (cipher CipherFunction) KeySize() int
KeySize returns the key size, in bytes, of cipher.
type Compressed ¶
Compressed represents a compressed OpenPGP packet. The decompressed contents will contain more OpenPGP packets. See RFC 4880, section 5.6.
type EncryptedKey ¶
type EncryptedKey struct { KeyId uint64 Algo PublicKeyAlgorithm CipherFunc CipherFunction // only valid after a successful Decrypt Key []byte // only valid after a successful Decrypt // contains filtered or unexported fields }
EncryptedKey represents a public-key encrypted session key. See RFC 4880, section 5.1.
func (*EncryptedKey) Decrypt ¶
func (e *EncryptedKey) Decrypt(priv *PrivateKey) os.Error
Decrypt decrypts an encrypted session key with the given private key. The private key must have been decrypted first.
type LiteralData ¶
type LiteralData struct { IsBinary bool FileName string Time uint32 // Unix epoch time. Either creation time or modification time. 0 means undefined. Body io.Reader }
LiteralData represents an encrypted file. See RFC 4880, section 5.9.
func (*LiteralData) ForEyesOnly ¶
func (l *LiteralData) ForEyesOnly() bool
ForEyesOnly returns whether the contents of the LiteralData have been marked as especially sensitive.
type OnePassSignature ¶
type OnePassSignature struct { SigType SignatureType Hash crypto.Hash PubKeyAlgo PublicKeyAlgorithm KeyId uint64 IsLast bool }
OnePassSignature represents a one-pass signature packet. See RFC 4880, section 5.4.
type Packet ¶
type Packet interface {
// contains filtered or unexported methods
}
Packet represents an OpenPGP packet. Users are expected to try casting instances of this interface to specific packet types.
type PrivateKey ¶
type PrivateKey struct { PublicKey Encrypted bool // if true then the private key is unavailable until Decrypt has been called. PrivateKey interface{} // An *rsa.PrivateKey. // contains filtered or unexported fields }
PrivateKey represents a possibly encrypted private key. See RFC 4880, section 5.5.3.
func NewRSAPrivateKey ¶
func NewRSAPrivateKey(currentTimeSecs uint32, priv *rsa.PrivateKey, isSubkey bool) *PrivateKey
type PublicKey ¶
type PublicKey struct { CreationTime uint32 // seconds since the epoch PubKeyAlgo PublicKeyAlgorithm PublicKey interface{} // Either a *rsa.PublicKey or *dsa.PublicKey Fingerprint [20]byte KeyId uint64 IsSubkey bool // contains filtered or unexported fields }
PublicKey represents an OpenPGP public key. See RFC 4880, section 5.5.2.
func NewRSAPublicKey ¶
NewRSAPublicKey returns a PublicKey that wraps the given rsa.PublicKey.
func (*PublicKey) KeyIdShortString ¶
KeyIdShortString returns the short form of public key's fingerprint in capital hex, as shown by gpg --list-keys (e.g. "621CC013").
func (*PublicKey) KeyIdString ¶
KeyIdString returns the public key's fingerprint in capital hex (e.g. "6C7EE1B8621CC013").
func (*PublicKey) SerializeSignaturePrefix ¶
SerializeSignaturePrefix writes the prefix for this public key to the given Writer. The prefix is used when calculating a signature over this public key. See RFC 4880, section 5.2.4.
func (*PublicKey) VerifyKeySignature ¶
VerifyKeySignature returns nil iff sig is a valid signature, made by this public key, of signed.
func (*PublicKey) VerifySignature ¶
VerifySignature returns nil iff sig is a valid signature, made by this public key, of the data hashed into signed. signed is mutated by this call.
type PublicKeyAlgorithm ¶
type PublicKeyAlgorithm uint8
PublicKeyAlgorithm represents the different public key system specified for OpenPGP. See http://www.iana.org/assignments/pgp-parameters/pgp-parameters.xhtml#pgp-parameters-12
const ( PubKeyAlgoRSA PublicKeyAlgorithm = 1 PubKeyAlgoRSAEncryptOnly PublicKeyAlgorithm = 2 PubKeyAlgoRSASignOnly PublicKeyAlgorithm = 3 PubKeyAlgoElGamal PublicKeyAlgorithm = 16 PubKeyAlgoDSA PublicKeyAlgorithm = 17 )
func (PublicKeyAlgorithm) CanEncrypt ¶
func (pka PublicKeyAlgorithm) CanEncrypt() bool
CanEncrypt returns true if it's possible to encrypt a message to a public key of the given type.
func (PublicKeyAlgorithm) CanSign ¶
func (pka PublicKeyAlgorithm) CanSign() bool
CanSign returns true if it's possible for a public key of the given type to sign a message.
type Reader ¶
type Reader struct {
// contains filtered or unexported fields
}
Reader reads packets from an io.Reader and allows packets to be 'unread' so that they result from the next call to Next.
func (*Reader) Next ¶
Next returns the most recently unread Packet, or reads another packet from the top-most io.Reader. Unknown packet types are skipped.
type Signature ¶
type Signature struct { SigType SignatureType PubKeyAlgo PublicKeyAlgorithm Hash crypto.Hash // HashSuffix is extra data that is hashed in after the signed data. HashSuffix []byte // HashTag contains the first two bytes of the hash for fast rejection // of bad signed data. HashTag [2]byte CreationTime uint32 // Unix epoch time RSASignature parsedMPI DSASigR, DSASigS parsedMPI SigLifetimeSecs, KeyLifetimeSecs *uint32 PreferredSymmetric, PreferredHash, PreferredCompression []uint8 IssuerKeyId *uint64 IsPrimaryId *bool // FlagsValid is set if any flags were given. See RFC 4880, section // 5.2.3.21 for details. FlagsValid bool FlagCertify, FlagSign, FlagEncryptCommunications, FlagEncryptStorage bool // contains filtered or unexported fields }
Signature represents a signature. See RFC 4880, section 5.2.
func (*Signature) Serialize ¶
Serialize marshals sig to w. SignRSA or SignDSA must have been called first.
func (*Signature) Sign ¶
Sign signs a message with a private key. The hash, h, must contain the hash of the message to be signed and will be mutated by this function. On success, the signature is stored in sig. Call Serialize to write it out.
func (*Signature) SignKey ¶
func (sig *Signature) SignKey(pub *PublicKey, priv *PrivateKey) os.Error
SignKey computes a signature from priv, asserting that pub is a subkey. On success, the signature is stored in sig. Call Serialize to write it out.
func (*Signature) SignUserId ¶
SignUserId computes a signature from priv, asserting that pub is a valid key for the identity id. On success, the signature is stored in sig. Call Serialize to write it out.
type SignatureType ¶
type SignatureType uint8
SignatureType represents the different semantic meanings of an OpenPGP signature. See RFC 4880, section 5.2.1.
type SymmetricKeyEncrypted ¶
type SymmetricKeyEncrypted struct { CipherFunc CipherFunction Encrypted bool Key []byte // Empty unless Encrypted is false. // contains filtered or unexported fields }
SymmetricKeyEncrypted represents a passphrase protected session key. See RFC 4880, section 5.3.
type SymmetricallyEncrypted ¶
type SymmetricallyEncrypted struct { MDC bool // true iff this is a type 18 packet and thus has an embedded MAC. // contains filtered or unexported fields }
SymmetricallyEncrypted represents a symmetrically encrypted byte string. The encrypted contents will consist of more OpenPGP packets. See RFC 4880, sections 5.7 and 5.13.
func (*SymmetricallyEncrypted) Decrypt ¶
func (se *SymmetricallyEncrypted) Decrypt(c CipherFunction, key []byte) (io.ReadCloser, os.Error)
Decrypt returns a ReadCloser, from which the decrypted contents of the packet can be read. An incorrect key can, with high probability, be detected immediately and this will result in a KeyIncorrect error being returned.
type UserId ¶
type UserId struct { Id string // By convention, this takes the form "Full Name (Comment) <email@example.com>" which is split out in the fields below. Name, Comment, Email string }
UserId contains text that is intended to represent the name and email address of the key holder. See RFC 4880, section 5.11. By convention, this takes the form "Full Name (Comment) <email@example.com>"