packet

package
v0.0.0-...-f8c0f81 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 26, 2011 License: BSD-3-Clause Imports: 24 Imported by: 0

Documentation

Overview

Package packet implements parsing and serialization of OpenPGP packets, as specified in RFC 4880.

Index

Constants

View Source
const (
	SigTypeBinary        SignatureType = 0
	SigTypeText                        = 1
	SigTypeGenericCert                 = 0x10
	SigTypePersonaCert                 = 0x11
	SigTypeCasualCert                  = 0x12
	SigTypePositiveCert                = 0x13
	SigTypeSubkeyBinding               = 0x18
)

Variables

This section is empty.

Functions

func SerializeEncryptedKey

func SerializeEncryptedKey(w io.Writer, rand io.Reader, pub *PublicKey, cipherFunc CipherFunction, key []byte) os.Error

SerializeEncryptedKey serializes an encrypted key packet to w that contains key, encrypted to pub.

func SerializeLiteral

func SerializeLiteral(w io.WriteCloser, isBinary bool, fileName string, time uint32) (plaintext io.WriteCloser, err os.Error)

SerializeLiteral serializes a literal data packet to w and returns a WriteCloser to which the data itself can be written and which MUST be closed on completion. The fileName is truncated to 255 bytes.

func SerializeSymmetricKeyEncrypted

func SerializeSymmetricKeyEncrypted(w io.Writer, rand io.Reader, passphrase []byte, cipherFunc CipherFunction) (key []byte, err os.Error)

SerializeSymmetricKeyEncrypted serializes a symmetric key packet to w. The packet contains a random session key, encrypted by a key derived from the given passphrase. The session key is returned and must be passed to SerializeSymmetricallyEncrypted.

func SerializeSymmetricallyEncrypted

func SerializeSymmetricallyEncrypted(w io.Writer, c CipherFunction, key []byte) (contents io.WriteCloser, err os.Error)

SerializeSymmetricallyEncrypted serializes a symmetrically encrypted packet to w and returns a WriteCloser to which the to-be-encrypted packets can be written.

Types

type CipherFunction

type CipherFunction uint8

CipherFunction represents the different block ciphers specified for OpenPGP. See http://www.iana.org/assignments/pgp-parameters/pgp-parameters.xhtml#pgp-parameters-13

const (
	CipherCAST5  CipherFunction = 3
	CipherAES128 CipherFunction = 7
	CipherAES192 CipherFunction = 8
	CipherAES256 CipherFunction = 9
)

func (CipherFunction) KeySize

func (cipher CipherFunction) KeySize() int

KeySize returns the key size, in bytes, of cipher.

type Compressed

type Compressed struct {
	Body io.Reader
}

Compressed represents a compressed OpenPGP packet. The decompressed contents will contain more OpenPGP packets. See RFC 4880, section 5.6.

type EncryptedKey

type EncryptedKey struct {
	KeyId      uint64
	Algo       PublicKeyAlgorithm
	CipherFunc CipherFunction // only valid after a successful Decrypt
	Key        []byte         // only valid after a successful Decrypt
	// contains filtered or unexported fields
}

EncryptedKey represents a public-key encrypted session key. See RFC 4880, section 5.1.

func (*EncryptedKey) Decrypt

func (e *EncryptedKey) Decrypt(priv *PrivateKey) os.Error

Decrypt decrypts an encrypted session key with the given private key. The private key must have been decrypted first.

type LiteralData

type LiteralData struct {
	IsBinary bool
	FileName string
	Time     uint32 // Unix epoch time. Either creation time or modification time. 0 means undefined.
	Body     io.Reader
}

LiteralData represents an encrypted file. See RFC 4880, section 5.9.

func (*LiteralData) ForEyesOnly

func (l *LiteralData) ForEyesOnly() bool

ForEyesOnly returns whether the contents of the LiteralData have been marked as especially sensitive.

type OnePassSignature

type OnePassSignature struct {
	SigType    SignatureType
	Hash       crypto.Hash
	PubKeyAlgo PublicKeyAlgorithm
	KeyId      uint64
	IsLast     bool
}

OnePassSignature represents a one-pass signature packet. See RFC 4880, section 5.4.

func (*OnePassSignature) Serialize

func (ops *OnePassSignature) Serialize(w io.Writer) os.Error

Serialize marshals the given OnePassSignature to w.

type Packet

type Packet interface {
	// contains filtered or unexported methods
}

Packet represents an OpenPGP packet. Users are expected to try casting instances of this interface to specific packet types.

func Read

func Read(r io.Reader) (p Packet, err os.Error)

Read reads a single OpenPGP packet from the given io.Reader. If there is an error parsing a packet, the whole packet is consumed from the input.

type PrivateKey

type PrivateKey struct {
	PublicKey
	Encrypted bool // if true then the private key is unavailable until Decrypt has been called.

	PrivateKey interface{} // An *rsa.PrivateKey.
	// contains filtered or unexported fields
}

PrivateKey represents a possibly encrypted private key. See RFC 4880, section 5.5.3.

func NewRSAPrivateKey

func NewRSAPrivateKey(currentTimeSecs uint32, priv *rsa.PrivateKey, isSubkey bool) *PrivateKey

func (*PrivateKey) Decrypt

func (pk *PrivateKey) Decrypt(passphrase []byte) os.Error

Decrypt decrypts an encrypted private key using a passphrase.

func (*PrivateKey) Serialize

func (pk *PrivateKey) Serialize(w io.Writer) (err os.Error)

type PublicKey

type PublicKey struct {
	CreationTime uint32 // seconds since the epoch
	PubKeyAlgo   PublicKeyAlgorithm
	PublicKey    interface{} // Either a *rsa.PublicKey or *dsa.PublicKey
	Fingerprint  [20]byte
	KeyId        uint64
	IsSubkey     bool
	// contains filtered or unexported fields
}

PublicKey represents an OpenPGP public key. See RFC 4880, section 5.5.2.

func NewRSAPublicKey

func NewRSAPublicKey(creationTimeSecs uint32, pub *rsa.PublicKey, isSubkey bool) *PublicKey

NewRSAPublicKey returns a PublicKey that wraps the given rsa.PublicKey.

func (*PublicKey) CanSign

func (pk *PublicKey) CanSign() bool

CanSign returns true iff this public key can generate signatures

func (*PublicKey) KeyIdShortString

func (pk *PublicKey) KeyIdShortString() string

KeyIdShortString returns the short form of public key's fingerprint in capital hex, as shown by gpg --list-keys (e.g. "621CC013").

func (*PublicKey) KeyIdString

func (pk *PublicKey) KeyIdString() string

KeyIdString returns the public key's fingerprint in capital hex (e.g. "6C7EE1B8621CC013").

func (*PublicKey) Serialize

func (pk *PublicKey) Serialize(w io.Writer) (err os.Error)

func (*PublicKey) SerializeSignaturePrefix

func (pk *PublicKey) SerializeSignaturePrefix(h hash.Hash)

SerializeSignaturePrefix writes the prefix for this public key to the given Writer. The prefix is used when calculating a signature over this public key. See RFC 4880, section 5.2.4.

func (*PublicKey) VerifyKeySignature

func (pk *PublicKey) VerifyKeySignature(signed *PublicKey, sig *Signature) (err os.Error)

VerifyKeySignature returns nil iff sig is a valid signature, made by this public key, of signed.

func (*PublicKey) VerifySignature

func (pk *PublicKey) VerifySignature(signed hash.Hash, sig *Signature) (err os.Error)

VerifySignature returns nil iff sig is a valid signature, made by this public key, of the data hashed into signed. signed is mutated by this call.

func (*PublicKey) VerifyUserIdSignature

func (pk *PublicKey) VerifyUserIdSignature(id string, sig *Signature) (err os.Error)

VerifyUserIdSignature returns nil iff sig is a valid signature, made by this public key, of id.

type PublicKeyAlgorithm

type PublicKeyAlgorithm uint8

PublicKeyAlgorithm represents the different public key system specified for OpenPGP. See http://www.iana.org/assignments/pgp-parameters/pgp-parameters.xhtml#pgp-parameters-12

const (
	PubKeyAlgoRSA            PublicKeyAlgorithm = 1
	PubKeyAlgoRSAEncryptOnly PublicKeyAlgorithm = 2
	PubKeyAlgoRSASignOnly    PublicKeyAlgorithm = 3
	PubKeyAlgoElGamal        PublicKeyAlgorithm = 16
	PubKeyAlgoDSA            PublicKeyAlgorithm = 17
)

func (PublicKeyAlgorithm) CanEncrypt

func (pka PublicKeyAlgorithm) CanEncrypt() bool

CanEncrypt returns true if it's possible to encrypt a message to a public key of the given type.

func (PublicKeyAlgorithm) CanSign

func (pka PublicKeyAlgorithm) CanSign() bool

CanSign returns true if it's possible for a public key of the given type to sign a message.

type Reader

type Reader struct {
	// contains filtered or unexported fields
}

Reader reads packets from an io.Reader and allows packets to be 'unread' so that they result from the next call to Next.

func NewReader

func NewReader(r io.Reader) *Reader

func (*Reader) Next

func (r *Reader) Next() (p Packet, err os.Error)

Next returns the most recently unread Packet, or reads another packet from the top-most io.Reader. Unknown packet types are skipped.

func (*Reader) Push

func (r *Reader) Push(reader io.Reader)

Push causes the Reader to start reading from a new io.Reader. When an EOF error is seen from the new io.Reader, it is popped and the Reader continues to read from the next most recent io.Reader.

func (*Reader) Unread

func (r *Reader) Unread(p Packet)

Unread causes the given Packet to be returned from the next call to Next.

type Signature

type Signature struct {
	SigType    SignatureType
	PubKeyAlgo PublicKeyAlgorithm
	Hash       crypto.Hash

	// HashSuffix is extra data that is hashed in after the signed data.
	HashSuffix []byte
	// HashTag contains the first two bytes of the hash for fast rejection
	// of bad signed data.
	HashTag      [2]byte
	CreationTime uint32 // Unix epoch time

	RSASignature     parsedMPI
	DSASigR, DSASigS parsedMPI

	SigLifetimeSecs, KeyLifetimeSecs                        *uint32
	PreferredSymmetric, PreferredHash, PreferredCompression []uint8
	IssuerKeyId                                             *uint64
	IsPrimaryId                                             *bool

	// FlagsValid is set if any flags were given. See RFC 4880, section
	// 5.2.3.21 for details.
	FlagsValid                                                           bool
	FlagCertify, FlagSign, FlagEncryptCommunications, FlagEncryptStorage bool
	// contains filtered or unexported fields
}

Signature represents a signature. See RFC 4880, section 5.2.

func (*Signature) Serialize

func (sig *Signature) Serialize(w io.Writer) (err os.Error)

Serialize marshals sig to w. SignRSA or SignDSA must have been called first.

func (*Signature) Sign

func (sig *Signature) Sign(h hash.Hash, priv *PrivateKey) (err os.Error)

Sign signs a message with a private key. The hash, h, must contain the hash of the message to be signed and will be mutated by this function. On success, the signature is stored in sig. Call Serialize to write it out.

func (*Signature) SignKey

func (sig *Signature) SignKey(pub *PublicKey, priv *PrivateKey) os.Error

SignKey computes a signature from priv, asserting that pub is a subkey. On success, the signature is stored in sig. Call Serialize to write it out.

func (*Signature) SignUserId

func (sig *Signature) SignUserId(id string, pub *PublicKey, priv *PrivateKey) os.Error

SignUserId computes a signature from priv, asserting that pub is a valid key for the identity id. On success, the signature is stored in sig. Call Serialize to write it out.

type SignatureType

type SignatureType uint8

SignatureType represents the different semantic meanings of an OpenPGP signature. See RFC 4880, section 5.2.1.

type SymmetricKeyEncrypted

type SymmetricKeyEncrypted struct {
	CipherFunc CipherFunction
	Encrypted  bool
	Key        []byte // Empty unless Encrypted is false.
	// contains filtered or unexported fields
}

SymmetricKeyEncrypted represents a passphrase protected session key. See RFC 4880, section 5.3.

func (*SymmetricKeyEncrypted) Decrypt

func (ske *SymmetricKeyEncrypted) Decrypt(passphrase []byte) os.Error

Decrypt attempts to decrypt an encrypted session key. If it returns nil, ske.Key will contain the session key.

type SymmetricallyEncrypted

type SymmetricallyEncrypted struct {
	MDC bool // true iff this is a type 18 packet and thus has an embedded MAC.
	// contains filtered or unexported fields
}

SymmetricallyEncrypted represents a symmetrically encrypted byte string. The encrypted contents will consist of more OpenPGP packets. See RFC 4880, sections 5.7 and 5.13.

func (*SymmetricallyEncrypted) Decrypt

func (se *SymmetricallyEncrypted) Decrypt(c CipherFunction, key []byte) (io.ReadCloser, os.Error)

Decrypt returns a ReadCloser, from which the decrypted contents of the packet can be read. An incorrect key can, with high probability, be detected immediately and this will result in a KeyIncorrect error being returned.

type UserId

type UserId struct {
	Id string // By convention, this takes the form "Full Name (Comment) <email@example.com>" which is split out in the fields below.

	Name, Comment, Email string
}

UserId contains text that is intended to represent the name and email address of the key holder. See RFC 4880, section 5.11. By convention, this takes the form "Full Name (Comment) <email@example.com>"

func NewUserId

func NewUserId(name, comment, email string) *UserId

NewUserId returns a UserId or nil if any of the arguments contain invalid characters. The invalid characters are '\x00', '(', ')', '<' and '>'

func (*UserId) Serialize

func (uid *UserId) Serialize(w io.Writer) os.Error

Serialize marshals uid to w in the form of an OpenPGP packet, including header.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL