Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func KeygripECDSA ¶
KeygripECDSA calculates a keygrip for an ECDSA public key. This is a SHA1 hash of public key parameters. It is pretty much undocumented outside of the libgcrypt codebase.
The idea behind the keygrip is to use only the cryptographic properties of the public key to produce an identifier. Each parameter (part) of the public key is byte-encoded, the parts are s-exp encoded in a particular order, and then the s-exp is sha1-hashed to produced the keygrip, which is generally displayed hex-encoded.
Types ¶
type ECDHKey ¶ added in v0.9.0
type ECDHKey struct {
// contains filtered or unexported fields
}
ECDHKey implements ECDH using an underlying ECDSA key.
type KeyService ¶
type KeyService struct {
// contains filtered or unexported fields
}
KeyService implements an interface for getting cryptographic keys from keyfiles on disk.
func New ¶
func New(l *zap.Logger, pe PINEntryService, path string) *KeyService
New returns a keyservice initialised with keys found at path. Path can be a file or directory.
func (*KeyService) GetDecrypter ¶
func (g *KeyService) GetDecrypter(keygrip []byte) (crypto.Decrypter, error)
GetDecrypter returns a crypto.Decrypter associated with the given keygrip.
func (*KeyService) GetSigner ¶
func (g *KeyService) GetSigner(keygrip []byte) (crypto.Signer, error)
GetSigner returns a crypto.Signer associated with the given keygrip.
func (*KeyService) HaveKey ¶
func (g *KeyService) HaveKey(keygrips [][]byte) (bool, []byte, error)
HaveKey takes a list of keygrips, and returns a boolean indicating if any of the given keygrips were found, the found keygrip, and an error, if any.
func (*KeyService) Keygrips ¶ added in v0.9.0
func (g *KeyService) Keygrips() ([][]byte, error)
Keygrips returns a slice of keygrip byteslices; one for each cryptographic key available on the keyservice.
type PINEntryService ¶
PINEntryService provides an interface to talk to a pinentry program.
type RSAKey ¶
type RSAKey struct {
// contains filtered or unexported fields
}
RSAKey represents a GPG key loaded from a keyfile. It implements the crypto.Decrypter and crypto.Signer interfaces.
func (*RSAKey) Decrypt ¶
Decrypt performs RSA decryption as per gpg-agent. The ciphertext is expected to be in gpg sexp-encoded format, and is returned in the same format as expected by the gpg assuan protocol.
Terrible things about this function (not exhaustive): * rolling my own crypto * possibly makes well-known RSA implementation mistakes(?) * RSA in 2021
I'd love to not have to do this, but hey, it's for gnupg compatibility. Get in touch if you know how to improve this function.
Source Files