gpg

package

v0.21.0 Latest Latest Go to latest Published: Mar 8, 2024 License: Apache-2.0 Imports: 17 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/smlx/piv-agent

Links

Open Source Insights

Documentation ¶

Index ¶

func KeygripECDSA(pubKey *ecdsa.PublicKey) ([]byte, error)
type ECDHKey
- func (k *ECDHKey) Decrypt(_ io.Reader, sexp []byte, _ crypto.DecrypterOpts) ([]byte, error)
- func (k *ECDHKey) Public() crypto.PublicKey
type KeyService
- func New(l *zap.Logger, pe PINEntryService, path string) *KeyService
type PINEntryService
type RSAKey

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func KeygripECDSA ¶

func KeygripECDSA(pubKey *ecdsa.PublicKey) ([]byte, error)

KeygripECDSA calculates a keygrip for an ECDSA public key. This is a SHA1 hash of public key parameters. It is pretty much undocumented outside of the libgcrypt codebase.

The idea behind the keygrip is to use only the cryptographic properties of the public key to produce an identifier. Each parameter (part) of the public key is byte-encoded, the parts are s-exp encoded in a particular order, and then the s-exp is sha1-hashed to produced the keygrip, which is generally displayed hex-encoded.

Types ¶

type ECDHKey ¶ added in v0.9.0

type ECDHKey struct {
	// contains filtered or unexported fields
}

ECDHKey implements ECDH using an underlying ECDSA key.

func (*ECDHKey) Decrypt ¶ added in v0.9.0

func (k *ECDHKey) Decrypt(_ io.Reader, sexp []byte,
	_ crypto.DecrypterOpts) ([]byte, error)

Decrypt performs ECDH as per gpg-agent.

func (*ECDHKey) Public ¶ added in v0.9.0

func (k *ECDHKey) Public() crypto.PublicKey

Public implements the other required method of the crypto.Decrypter and crypto.Signer interfaces.

type KeyService ¶

type KeyService struct {
	// contains filtered or unexported fields
}

KeyService implements an interface for getting cryptographic keys from keyfiles on disk.

func New ¶

func New(l *zap.Logger, pe PINEntryService, path string) *KeyService

New returns a keyservice initialised with keys found at path. Path can be a file or directory.

func (*KeyService) GetDecrypter ¶

func (g *KeyService) GetDecrypter(keygrip []byte) (crypto.Decrypter, error)

GetDecrypter returns a crypto.Decrypter associated with the given keygrip.

func (*KeyService) GetSigner ¶

func (g *KeyService) GetSigner(keygrip []byte) (crypto.Signer, error)

GetSigner returns a crypto.Signer associated with the given keygrip.

func (*KeyService) HaveKey ¶

func (g *KeyService) HaveKey(keygrips [][]byte) (bool, []byte, error)

HaveKey takes a list of keygrips, and returns a boolean indicating if any of the given keygrips were found, the found keygrip, and an error, if any.

func (*KeyService) Keygrips ¶ added in v0.9.0

func (g *KeyService) Keygrips() ([][]byte, error)

Keygrips returns a slice of keygrip byteslices; one for each cryptographic key available on the keyservice.

func (*KeyService) Name ¶

func (*KeyService) Name() string

Name returns the name of the keyservice.

type PINEntryService ¶

type PINEntryService interface {
	GetPassphrase(string, string, int) ([]byte, error)
}

PINEntryService provides an interface to talk to a pinentry program.

type RSAKey ¶

type RSAKey struct {
	// contains filtered or unexported fields
}

RSAKey represents a GPG key loaded from a keyfile. It implements the crypto.Decrypter and crypto.Signer interfaces.

func (*RSAKey) Decrypt ¶

func (k *RSAKey) Decrypt(_ io.Reader, sexp []byte,
	_ crypto.DecrypterOpts) ([]byte, error)

Decrypt performs RSA decryption as per gpg-agent. The ciphertext is expected to be in gpg sexp-encoded format, and is returned in the same format as expected by the gpg assuan protocol.

Terrible things about this function (not exhaustive): * rolling my own crypto * possibly makes well-known RSA implementation mistakes(?) * RSA in 2021

I'd love to not have to do this, but hey, it's for gnupg compatibility. Get in touch if you know how to improve this function.

func (*RSAKey) Public ¶

func (k *RSAKey) Public() crypto.PublicKey

Public implements the other required method of the crypto.Decrypter and crypto.Signer interfaces.

func (*RSAKey) Sign ¶

func (k *RSAKey) Sign(r io.Reader, digest []byte,
	o crypto.SignerOpts) ([]byte, error)

Sign performs RSA signing as per gpg-agent.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL