Documentation
¶
Overview ¶
A minimal and sane library for creating and verifying PGP signatures for interoperability with legacy systems
Index ¶
- Variables
- func CreateCertificate(signer crypto.Signer, creationTime time.Time, identity string) ([]byte, error)
- func DecodeArmoredPrivateKey(data []byte) ([]byte, error)
- func DecodeArmoredPublicKey(data []byte) ([]byte, error)
- func DecodeArmoredSignature(data []byte) ([]byte, error)
- func EncodeArmoredPublicKey(data []byte) []byte
- func EncodeArmoredSignature(data []byte) []byte
- func IsPublicKeySupported(key crypto.PublicKey) bool
- func Sign(message []byte, key PrivateKey) ([]byte, error)
- func SignInline(message []byte, privkey PrivateKey) ([]byte, error)
- func StripInlineSignature(message []byte) []byte
- func Verify(message []byte, signature []byte, pubkey ...PublicKey) error
- func VerifyInline(message []byte, pubkey ...PublicKey) ([]byte, error)
- type PrivateKey
- type PublicKey
Constants ¶
This section is empty.
Variables ¶
var ErrInvalidSignature = errors.New("pgpsign: invalid signature")
Returned by verification functions when the signature is invalid.
Functions ¶
func CreateCertificate ¶
func CreateCertificate(signer crypto.Signer, creationTime time.Time, identity string) ([]byte, error)
Return a keyring containing a public key certificate for the given signer. The keyring can be used by common PGP applications to verify signatures. identity is a PGP identity string, e.g. "John Smith" or "John Smith <jsmith@example.com>".
func DecodeArmoredPrivateKey ¶
func DecodeArmoredPublicKey ¶
func DecodeArmoredSignature ¶
func EncodeArmoredPublicKey ¶
func EncodeArmoredSignature ¶
func IsPublicKeySupported ¶
Return whether the given key uses an algorithm supported by this package. Currently, *rsa.PublicKey and *ecdsa.PublicKey are supported.
func Sign ¶
func Sign(message []byte, key PrivateKey) ([]byte, error)
Create a detached signature for the given message. The returned signature contains binary data; you can ASCII armor it with EncodeArmoredSignature.
func SignInline ¶
func SignInline(message []byte, privkey PrivateKey) ([]byte, error)
Create an inline signature over the given message.
func StripInlineSignature ¶
Remove the inline signature, returning just the message. The signature is not verified.
func Verify ¶
Verify a detached signature over the given message. The signature is expected to be in binary; you can decode an ASCII-armored signature using DecodeArmoredSignature.
Types ¶
type PrivateKey ¶
type PrivateKey struct {
Signer crypto.Signer // Signer.Public() must be a *rsa.PublicKey or a *ecdsa.PublicKey
KeyID uint64
}
A private key, used for creating signatures. You can use ParsePrivateKey to parse a PGP keyring containing a private key, or you can just construct a PrivateKey yourself if another format is more convenient.
func ParsePrivateKey ¶
func ParsePrivateKey(keyBytes []byte) (*PrivateKey, error)
Parse a PGP keyring containing exactly one private key. The resulting PrivateKey can be used to create signatures.
func (PrivateKey) Public ¶
func (k PrivateKey) Public() PublicKey
Return the corresponding public key
type PublicKey ¶
type PublicKey struct {
Key crypto.PublicKey // must be a *rsa.PublicKey or *ecdsa.PublicKey
KeyID uint64
}
A public key, used for verifying signatures. You can use [ParseCertificate] to parse a PGP keyring containing a public key, or you can just construct a PublicKey yourself if another format is more convenient.
func ParsePublicKey ¶
Parse a PGP keyring containing exactly one public key. The resulting PublicKey can be used to verify signatures.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
cmd
|
|
|
pgpsign-pubkey
Output a PGP public key certificate for a PKCS#8 private key read from stdin
|
Output a PGP public key certificate for a PKCS#8 private key read from stdin |
|
pgpsign-pubkey-piv
Output a PGP public key certificate for a private key stored in a PIV token
|
Output a PGP public key certificate for a private key stored in a PIV token |