Documentation ¶
Index ¶
- Constants
- Variables
- func Decrypt(privateKey *rsa.PrivateKey, base64EncodedCiphertext string) ([]byte, error)
- func Encrypt(publicKey *rsa.PublicKey, message []byte) (string, error)
- func GenerateKey() (*rsa.PrivateKey, error)
- func GetSSHPublicKey(privateKey *rsa.PrivateKey) ([]byte, error)
- func IsValidSendMeASecretKey(publicKey *rsa.PublicKey) bool
- func PathToKeyFile() string
- func ReadPrivateKeyFromFile(password []byte) (*rsa.PrivateKey, error)
- func SSHPubKeyToRSAPubKey(sshPubKey []byte) (*rsa.PublicKey, error)
- func WritePrivateKeyToFile(password []byte, privateKey *rsa.PrivateKey) error
Constants ¶
const WeirdKeyLength = 4568
Github strips out comments and doesn't allow options on public keys, and I haven't figured out an elegant way to mark a public key as belonging to send-me-a-secret without doing something weird like creating a gist or updating a bio to point to the right key. In the meantime, we'll use this nontraditional key length and assume the user has no other keys of length 4567. Encryption will fail if there is not exactly one key of length WeirdKeyLength in the github user's account.
Variables ¶
var ErrInvalidPublicKey = errors.New("invalid public key")
var KeyFilename = ".send-me-a-secret"
Functions ¶
func Decrypt ¶
func Decrypt(privateKey *rsa.PrivateKey, base64EncodedCiphertext string) ([]byte, error)
Decrypt decrypts a message using the given private key which was encrypted by `Encrypt`
func Encrypt ¶
Encrypt encrypts a message under the given public key, suitable for decrypting via `Decrypt`
func GenerateKey ¶
func GenerateKey() (*rsa.PrivateKey, error)
GenerateKey generates a new RSA private key with key length WEIRD_KEY_LENGTH
func GetSSHPublicKey ¶
func GetSSHPublicKey(privateKey *rsa.PrivateKey) ([]byte, error)
GetSSHPublicKey generates a public key suitable for openssh (and thus GitHub) from a private key.
func IsValidSendMeASecretKey ¶
IsValidSendMeASecretKey checks if the key fetched from GitHub is the key uploaded by send-me-a-secret. Right now, this just checks that length of the key is WEIRD_KEY_LENGTH, hoping that the user doesn't have any other keys of that length, but hopefully in the future we'll be able to do something a bit cleverer.
func PathToKeyFile ¶
func PathToKeyFile() string
func ReadPrivateKeyFromFile ¶
func ReadPrivateKeyFromFile(password []byte) (*rsa.PrivateKey, error)
ReadPrivateKeyFromFile reads an rsa private key from ~/.send-me-a-secret This path is not configurable; don't want a user to be able to forget where they saved their key.
func WritePrivateKeyToFile ¶
func WritePrivateKeyToFile(password []byte, privateKey *rsa.PrivateKey) error
WritePrivateKeyToFile writes an rsa private key to ~/.send-me-a-secret This path is not configurable; don't want a user to be able to forget where they saved their key.
Types ¶
This section is empty.