packet

package
v0.0.0-...-86ae774 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 18, 2023 License: BSD-3-Clause Imports: 37 Imported by: 0

Documentation

Overview

Package packet implements parsing and serialization of OpenPGP packets, as specified in RFC 4880.

Index

Constants

View Source 
const (
	NoCompression      = flate.NoCompression
	BestSpeed          = flate.BestSpeed
	BestCompression    = flate.BestCompression
	DefaultCompression = flate.DefaultCompression
)
View Source 
const (
	SigTypeBinary                  SignatureType = 0x00
	SigTypeText                                  = 0x01
	SigTypeGenericCert                           = 0x10
	SigTypePersonaCert                           = 0x11
	SigTypeCasualCert                            = 0x12
	SigTypePositiveCert                          = 0x13
	SigTypeSubkeyBinding                         = 0x18
	SigTypePrimaryKeyBinding                     = 0x19
	SigTypeDirectSignature                       = 0x1F
	SigTypeKeyRevocation                         = 0x20
	SigTypeSubkeyRevocation                      = 0x28
	SigTypeCertificationRevocation               = 0x30
)
View Source 
const (
	// See RFC 4880, section 5.2.3.21 for details.
	KeyFlagCertify = 1 << iota
	KeyFlagSign
	KeyFlagEncryptCommunications
	KeyFlagEncryptStorage
	KeyFlagSplitKey
	KeyFlagAuthenticate

	KeyFlagGroupKey
)
View Source 
const UserAttrImageSubpacket = 1

Variables

This section is empty.

Functions

func DecryptPrivateKeys 

func DecryptPrivateKeys(keys []*PrivateKey, passphrase []byte) error

DecryptPrivateKeys decrypts all encrypted keys with the given config and passphrase. Avoids recomputation of similar s2k key derivations.

func EncryptPrivateKeys 

func EncryptPrivateKeys(keys []*PrivateKey, passphrase []byte, config *Config) error

EncryptPrivateKeys encrypts all unencrypted keys with the given config and passphrase. Only derives one key from the passphrase, which is then used to encrypt each key.

func NewOCFBDecrypter 

func NewOCFBDecrypter(block cipher.Block, prefix []byte, resync OCFBResyncOption) cipher.Stream

NewOCFBDecrypter returns a cipher.Stream which decrypts data with OpenPGP's cipher feedback mode using the given cipher.Block. Prefix must be the first blockSize + 2 bytes of the ciphertext, where blockSize is the cipher.Block's block size. On successful exit, blockSize+2 bytes of decrypted data are written into prefix. Resync determines if the "resynchronization step" from RFC 4880, 13.9 step 7 is performed. Different parts of OpenPGP vary on this point.

func NewOCFBEncrypter 

func NewOCFBEncrypter(block cipher.Block, randData []byte, resync OCFBResyncOption) (cipher.Stream, []byte)

NewOCFBEncrypter returns a cipher.Stream which encrypts data with OpenPGP's cipher feedback mode using the given cipher.Block, and an initial amount of ciphertext. randData must be random bytes and be the same length as the cipher.Block's block size. Resync determines if the "resynchronization step" from RFC 4880, 13.9 step 7 is performed. Different parts of OpenPGP vary on this point.

func SerializeCompressed 

func SerializeCompressed(w io.WriteCloser, algo CompressionAlgo, cc *CompressionConfig) (literaldata io.WriteCloser, err error)

SerializeCompressed serializes a compressed data packet to w and returns a WriteCloser to which the literal data packets themselves can be written and which MUST be closed on completion. If cc is nil, sensible defaults will be used to configure the compression algorithm.

func SerializeEncryptedKey 

func SerializeEncryptedKey(w io.Writer, pub *PublicKey, cipherFunc CipherFunction, key []byte, config *Config) error

SerializeEncryptedKey serializes an encrypted key packet to w that contains key, encrypted to pub. If config is nil, sensible defaults will be used.

func SerializeLiteral 

func SerializeLiteral(w io.WriteCloser, isBinary bool, fileName string, time uint32) (plaintext io.WriteCloser, err error)

SerializeLiteral serializes a literal data packet to w and returns a WriteCloser to which the data itself can be written and which MUST be closed on completion. The fileName is truncated to 255 bytes.

func SerializeSymmetricKeyEncrypted 

func SerializeSymmetricKeyEncrypted(w io.Writer, passphrase []byte, config *Config) (key []byte, err error)

SerializeSymmetricKeyEncrypted serializes a symmetric key packet to w. The packet contains a random session key, encrypted by a key derived from the given passphrase. The session key is returned and must be passed to SerializeSymmetricallyEncrypted. If config is nil, sensible defaults will be used.

func SerializeSymmetricKeyEncryptedReuseKey 

func SerializeSymmetricKeyEncryptedReuseKey(w io.Writer, sessionKey []byte, passphrase []byte, config *Config) (err error)

SerializeSymmetricKeyEncryptedReuseKey serializes a symmetric key packet to w. The packet contains the given session key, encrypted by a key derived from the given passphrase. The returned session key must be passed to SerializeSymmetricallyEncrypted. If config is nil, sensible defaults will be used.

func SerializeSymmetricallyEncrypted 

func SerializeSymmetricallyEncrypted(w io.Writer, c CipherFunction, aeadSupported bool, cipherSuite CipherSuite, key []byte, config *Config) (Contents io.WriteCloser, err error)

SerializeSymmetricallyEncrypted serializes a symmetrically encrypted packet to w and returns a WriteCloser to which the to-be-encrypted packets can be written. If config is nil, sensible defaults will be used.

Types

type AEADConfig 

type AEADConfig struct {
	// The AEAD mode of operation.
	DefaultMode AEADMode
	// Amount of octets in each chunk of data
	ChunkSize uint64
}

AEADConfig collects a number of AEAD parameters along with sensible defaults. A nil AEADConfig is valid and results in all default values.

func (*AEADConfig) ChunkSizeByte 

func (conf *AEADConfig) ChunkSizeByte() byte

ChunkSizeByte returns the byte indicating the chunk size. The effective chunk size is computed with the formula uint64(1) << (chunkSizeByte + 6) limit to 16 = 4 MiB https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-07.html#section-5.13.2

func (*AEADConfig) Mode 

func (conf *AEADConfig) Mode() AEADMode

Mode returns the AEAD mode of operation.

type AEADEncrypted 

type AEADEncrypted struct {
	Contents io.Reader // Encrypted chunks and tags
	// contains filtered or unexported fields
}

AEADEncrypted represents an AEAD Encrypted Packet. See https://www.ietf.org/archive/id/draft-koch-openpgp-2015-rfc4880bis-00.html#name-aead-encrypted-data-packet-t

func (*AEADEncrypted) Decrypt 

func (ae *AEADEncrypted) Decrypt(ciph CipherFunction, key []byte) (io.ReadCloser, error)

Decrypt returns a io.ReadCloser from which decrypted bytes can be read, or an error.

type AEADMode 

type AEADMode algorithm.AEADMode

AEADMode represents the different Authenticated Encryption with Associated Data specified for OpenPGP. See https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-07.html#section-9.6 

const (
	AEADModeEAX AEADMode = 1
	AEADModeOCB AEADMode = 2
	AEADModeGCM AEADMode = 3
)

func (AEADMode) IvLength 

func (mode AEADMode) IvLength() int

func (AEADMode) TagLength 

func (mode AEADMode) TagLength() int

type CipherFunction 

type CipherFunction algorithm.CipherFunction

CipherFunction represents the different block ciphers specified for OpenPGP. See http://www.iana.org/assignments/pgp-parameters/pgp-parameters.xhtml#pgp-parameters-13 

const (
	Cipher3DES   CipherFunction = 2
	CipherCAST5  CipherFunction = 3
	CipherAES128 CipherFunction = 7
	CipherAES192 CipherFunction = 8
	CipherAES256 CipherFunction = 9
)

func (CipherFunction) IsSupported 

func (cipher CipherFunction) IsSupported() bool

IsSupported returns true if the cipher is supported from the library

func (CipherFunction) KeySize 

func (cipher CipherFunction) KeySize() int

KeySize returns the key size, in bytes, of cipher.

type CipherSuite 

type CipherSuite struct {
	// The cipher function
	Cipher CipherFunction
	// The AEAD mode of operation.
	Mode AEADMode
}

CipherSuite contains a combination of Cipher and Mode

type Compressed 

type Compressed struct {
	Body io.Reader
}

Compressed represents a compressed OpenPGP packet. The decompressed contents will contain more OpenPGP packets. See RFC 4880, section 5.6.

type CompressionAlgo 

type CompressionAlgo uint8

CompressionAlgo Represents the different compression algorithms supported by OpenPGP (except for BZIP2, which is not currently supported). See Section 9.3 of RFC 4880. 

const (
	CompressionNone CompressionAlgo = 0
	CompressionZIP  CompressionAlgo = 1
	CompressionZLIB CompressionAlgo = 2
)

type CompressionConfig 

type CompressionConfig struct {
	// Level is the compression level to use. It must be set to
	// between -1 and 9, with -1 causing the compressor to use the
	// default compression level, 0 causing the compressor to use
	// no compression and 1 to 9 representing increasing (better,
	// slower) compression levels. If Level is less than -1 or
	// more then 9, a non-nil error will be returned during
	// encryption. See the constants above for convenient common
	// settings for Level.
	Level int
}

CompressionConfig contains compressor configuration settings.

type Config 

type Config struct {
	// Rand provides the source of entropy.
	// If nil, the crypto/rand Reader is used.
	Rand io.Reader
	// DefaultHash is the default hash function to be used.
	// If zero, SHA-256 is used.
	DefaultHash crypto.Hash
	// DefaultCipher is the cipher to be used.
	// If zero, AES-128 is used.
	DefaultCipher CipherFunction
	// Time returns the current time as the number of seconds since the
	// epoch. If Time is nil, time.Now is used.
	Time func() time.Time
	// DefaultCompressionAlgo is the compression algorithm to be
	// applied to the plaintext before encryption. If zero, no
	// compression is done.
	DefaultCompressionAlgo CompressionAlgo
	// CompressionConfig configures the compression settings.
	CompressionConfig *CompressionConfig
	// S2K (String to Key) config, used for key derivation in the context of secret key encryption
	// and password-encrypted data.
	// If nil, the default configuration is used
	S2KConfig *s2k.Config
	// Iteration count for Iterated S2K (String to Key).
	// Only used if sk2.Mode is nil.
	// This value is duplicated here from s2k.Config for backwards compatibility.
	// It determines the strength of the passphrase stretching when
	// the said passphrase is hashed to produce a key. S2KCount
	// should be between 65536 and 65011712, inclusive. If Config
	// is nil or S2KCount is 0, the value 16777216 used. Not all
	// values in the above range can be represented. S2KCount will
	// be rounded up to the next representable value if it cannot
	// be encoded exactly. When set, it is strongly encrouraged to
	// use a value that is at least 65536. See RFC 4880 Section
	// 3.7.1.3.
	//
	// Deprecated: SK2Count should be configured in S2KConfig instead.
	S2KCount int
	// RSABits is the number of bits in new RSA keys made with NewEntity.
	// If zero, then 2048 bit keys are created.
	RSABits int
	// The public key algorithm to use - will always create a signing primary
	// key and encryption subkey.
	Algorithm PublicKeyAlgorithm
	// Some known primes that are optionally prepopulated by the caller
	RSAPrimes []*big.Int
	// Curve configures the desired packet.Curve if the Algorithm is PubKeyAlgoECDSA,
	// PubKeyAlgoEdDSA, or PubKeyAlgoECDH. If empty Curve25519 is used.
	Curve Curve
	// AEADConfig configures the use of the new AEAD Encrypted Data Packet,
	// defined in the draft of the next version of the OpenPGP specification.
	// If a non-nil AEADConfig is passed, usage of this packet is enabled. By
	// default, it is disabled. See the documentation of AEADConfig for more
	// configuration options related to AEAD.
	// **Note: using this option may break compatibility with other OpenPGP
	// implementations, as well as future versions of this library.**
	AEADConfig *AEADConfig
	// V5Keys configures version 5 key generation. If false, this package still
	// supports version 5 keys, but produces version 4 keys.
	V5Keys bool
	// "The validity period of the key.  This is the number of seconds after
	// the key creation time that the key expires.  If this is not present
	// or has a value of zero, the key never expires.  This is found only on
	// a self-signature.""
	// https://tools.ietf.org/html/rfc4880#section-5.2.3.6
	KeyLifetimeSecs uint32
	// "The validity period of the signature.  This is the number of seconds
	// after the signature creation time that the signature expires.  If
	// this is not present or has a value of zero, it never expires."
	// https://tools.ietf.org/html/rfc4880#section-5.2.3.10
	SigLifetimeSecs uint32
	// SigningKeyId is used to specify the signing key to use (by Key ID).
	// By default, the signing key is selected automatically, preferring
	// signing subkeys if available.
	SigningKeyId uint64
	// SigningIdentity is used to specify a user ID (packet Signer's User ID, type 28)
	// when producing a generic certification signature onto an existing user ID.
	// The identity must be present in the signer Entity.
	SigningIdentity string
	// InsecureAllowUnauthenticatedMessages controls, whether it is tolerated to read
	// encrypted messages without Modification Detection Code (MDC).
	// MDC is mandated by the IETF OpenPGP Crypto Refresh draft and has long been implemented
	// in most OpenPGP implementations. Messages without MDC are considered unnecessarily
	// insecure and should be prevented whenever possible.
	// In case one needs to deal with messages from very old OpenPGP implementations, there
	// might be no other way than to tolerate the missing MDC. Setting this flag, allows this
	// mode of operation. It should be considered a measure of last resort.
	InsecureAllowUnauthenticatedMessages bool
	// KnownNotations is a map of Notation Data names to bools, which controls
	// the notation names that are allowed to be present in critical Notation Data
	// signature subpackets.
	KnownNotations map[string]bool
	// SignatureNotations is a list of Notations to be added to any signatures.
	SignatureNotations []*Notation
}

Config collects a number of parameters along with sensible defaults. A nil *Config is valid and results in all default values.

func (*Config) AEAD 

func (c *Config) AEAD() *AEADConfig

func (*Config) AllowUnauthenticatedMessages 

func (c *Config) AllowUnauthenticatedMessages() bool

func (*Config) Cipher 

func (c *Config) Cipher() CipherFunction

func (*Config) Compression 

func (c *Config) Compression() CompressionAlgo

func (*Config) CurveName 

func (c *Config) CurveName() Curve

func (*Config) Hash 

func (c *Config) Hash() crypto.Hash

func (*Config) KeyLifetime 

func (c *Config) KeyLifetime() uint32

KeyLifetime returns the validity period of the key.

func (*Config) KnownNotation 

func (c *Config) KnownNotation(notationName string) bool

func (*Config) Notations 

func (c *Config) Notations() []*Notation

func (*Config) Now 

func (c *Config) Now() time.Time

func (*Config) PasswordHashIterations deprecated 

func (c *Config) PasswordHashIterations() int

Deprecated: The hash iterations should now be queried via the S2K() method.

func (*Config) PublicKeyAlgorithm 

func (c *Config) PublicKeyAlgorithm() PublicKeyAlgorithm

func (*Config) RSAModulusBits 

func (c *Config) RSAModulusBits() int

func (*Config) Random 

func (c *Config) Random() io.Reader

func (*Config) S2K 

func (c *Config) S2K() *s2k.Config

func (*Config) SigLifetime 

func (c *Config) SigLifetime() uint32

SigLifetime returns the validity period of the signature.

func (*Config) SigningKey 

func (c *Config) SigningKey() uint64

func (*Config) SigningUserId 

func (c *Config) SigningUserId() string

type Curve 

type Curve string

Curve is a mapping to supported ECC curves for key generation. See https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-06.html#name-curve-specific-wire-formats 

const (
	Curve25519         Curve = "Curve25519"
	Curve448           Curve = "Curve448"
	CurveNistP256      Curve = "P256"
	CurveNistP384      Curve = "P384"
	CurveNistP521      Curve = "P521"
	CurveSecP256k1     Curve = "SecP256k1"
	CurveBrainpoolP256 Curve = "BrainpoolP256"
	CurveBrainpoolP384 Curve = "BrainpoolP384"
	CurveBrainpoolP512 Curve = "BrainpoolP512"
)

type EncryptedDataPacket 

type EncryptedDataPacket interface {
	Decrypt(CipherFunction, []byte) (io.ReadCloser, error)
}

EncryptedDataPacket holds encrypted data. It is currently implemented by SymmetricallyEncrypted and AEADEncrypted.

type EncryptedKey 

type EncryptedKey struct {
	KeyId      uint64
	Algo       PublicKeyAlgorithm
	CipherFunc CipherFunction // only valid after a successful Decrypt for a v3 packet
	Key        []byte         // only valid after a successful Decrypt
	// contains filtered or unexported fields
}

EncryptedKey represents a public-key encrypted session key. See RFC 4880, section 5.1.

func (*EncryptedKey) Decrypt 

func (e *EncryptedKey) Decrypt(priv *PrivateKey, config *Config) error

Decrypt decrypts an encrypted session key with the given private key. The private key must have been decrypted first. If config is nil, sensible defaults will be used.

func (*EncryptedKey) Serialize 

func (e *EncryptedKey) Serialize(w io.Writer) error

Serialize writes the encrypted key packet, e, to w.

type LiteralData 

type LiteralData struct {
	Format   uint8
	IsBinary bool
	FileName string
	Time     uint32 // Unix epoch time. Either creation time or modification time. 0 means undefined.
	Body     io.Reader
}

LiteralData represents an encrypted file. See RFC 4880, section 5.9.

func (*LiteralData) ForEyesOnly 

func (l *LiteralData) ForEyesOnly() bool

ForEyesOnly returns whether the contents of the LiteralData have been marked as especially sensitive.

type Notation 

type Notation struct {
	Name            string
	Value           []byte
	IsCritical      bool
	IsHumanReadable bool
}

Notation type represents a Notation Data subpacket see https://tools.ietf.org/html/rfc4880#section-5.2.3.16

type OCFBResyncOption 

type OCFBResyncOption bool

An OCFBResyncOption determines if the "resynchronization step" of OCFB is performed. 

const (
	OCFBResync   OCFBResyncOption = true
	OCFBNoResync OCFBResyncOption = false
)

type OnePassSignature 

type OnePassSignature struct {
	SigType    SignatureType
	Hash       crypto.Hash
	PubKeyAlgo PublicKeyAlgorithm
	KeyId      uint64
	IsLast     bool
}

OnePassSignature represents a one-pass signature packet. See RFC 4880, section 5.4.

func (*OnePassSignature) Serialize 

func (ops *OnePassSignature) Serialize(w io.Writer) error

Serialize marshals the given OnePassSignature to w.

type OpaquePacket 

type OpaquePacket struct {
	// Packet type
	Tag uint8
	// Reason why the packet was parsed opaquely
	Reason error
	// Binary contents of the packet data
	Contents []byte
}

OpaquePacket represents an OpenPGP packet as raw, unparsed data. This is useful for splitting and storing the original packet contents separately, handling unsupported packet types or accessing parts of the packet not yet implemented by this package.

func (*OpaquePacket) Parse 

func (op *OpaquePacket) Parse() (p Packet, err error)

Parse attempts to parse the opaque contents into a structure supported by this package. If the packet is not known then the result will be another OpaquePacket.

func (*OpaquePacket) Serialize 

func (op *OpaquePacket) Serialize(w io.Writer) (err error)

Serialize marshals the packet to a writer in its original form, including the packet header.

type OpaqueReader 

type OpaqueReader struct {
	// contains filtered or unexported fields
}

OpaqueReader reads OpaquePackets from an io.Reader.

func NewOpaqueReader 

func NewOpaqueReader(r io.Reader) *OpaqueReader

func (*OpaqueReader) Next 

func (or *OpaqueReader) Next() (op *OpaquePacket, err error)

Read the next OpaquePacket.

type OpaqueSubpacket 

type OpaqueSubpacket struct {
	SubType       uint8
	EncodedLength []byte // Store the original encoded length for signature verifications.
	Contents      []byte
}

OpaqueSubpacket represents an unparsed OpenPGP subpacket, as found in signature and user attribute packets.

func OpaqueSubpackets 

func OpaqueSubpackets(contents []byte) (result []*OpaqueSubpacket, err error)

OpaqueSubpackets extracts opaque, unparsed OpenPGP subpackets from their byte representation.

func (*OpaqueSubpacket) Serialize 

func (osp *OpaqueSubpacket) Serialize(w io.Writer) (err error)

type Packet 

type Packet interface {
	// contains filtered or unexported methods
}

Packet represents an OpenPGP packet. Users are expected to try casting instances of this interface to specific packet types.

func Read 

func Read(r io.Reader) (p Packet, err error)

Read reads a single OpenPGP packet from the given io.Reader. If there is an error parsing a packet, the whole packet is consumed from the input.

type PrivateKey 

type PrivateKey struct {
	PublicKey
	Encrypted bool // if true then the private key is unavailable until Decrypt has been called.

	// An *{rsa|dsa|elgamal|ecdh|ecdsa|ed25519}.PrivateKey or
	// crypto.Signer/crypto.Decrypter (Decryptor RSA only).
	PrivateKey interface{}
	// contains filtered or unexported fields
}

PrivateKey represents a possibly encrypted private key. See RFC 4880, section 5.5.3.

func NewDSAPrivateKey 

func NewDSAPrivateKey(creationTime time.Time, priv *dsa.PrivateKey) *PrivateKey

func NewDecrypterPrivateKey 

func NewDecrypterPrivateKey(creationTime time.Time, decrypter interface{}) *PrivateKey

NewDecrypterPrivateKey creates a PrivateKey from a *{rsa|elgamal|ecdh}.PrivateKey.

func NewECDHPrivateKey 

func NewECDHPrivateKey(creationTime time.Time, priv *ecdh.PrivateKey) *PrivateKey

func NewECDSAPrivateKey 

func NewECDSAPrivateKey(creationTime time.Time, priv *ecdsa.PrivateKey) *PrivateKey

func NewEdDSAPrivateKey 

func NewEdDSAPrivateKey(creationTime time.Time, priv *eddsa.PrivateKey) *PrivateKey

func NewElGamalPrivateKey 

func NewElGamalPrivateKey(creationTime time.Time, priv *elgamal.PrivateKey) *PrivateKey

func NewRSAPrivateKey 

func NewRSAPrivateKey(creationTime time.Time, priv *rsa.PrivateKey) *PrivateKey

func NewSignerPrivateKey 

func NewSignerPrivateKey(creationTime time.Time, signer interface{}) *PrivateKey

NewSignerPrivateKey creates a PrivateKey from a crypto.Signer that implements RSA, ECDSA or EdDSA.

func (*PrivateKey) Decrypt 

func (pk *PrivateKey) Decrypt(passphrase []byte) error

Decrypt decrypts an encrypted private key using a passphrase.

func (*PrivateKey) Dummy 

func (pk *PrivateKey) Dummy() bool

Dummy returns true if the private key is a dummy key. This is a GNU extension.

func (*PrivateKey) Encrypt 

func (pk *PrivateKey) Encrypt(passphrase []byte) error

Encrypt encrypts an unencrypted private key using a passphrase.

func (*PrivateKey) EncryptWithConfig 

func (pk *PrivateKey) EncryptWithConfig(passphrase []byte, config *Config) error

EncryptWithConfig encrypts an unencrypted private key using the passphrase and the config.

func (*PrivateKey) Serialize 

func (pk *PrivateKey) Serialize(w io.Writer) (err error)

type PublicKey 

type PublicKey struct {
	Version      int
	CreationTime time.Time
	PubKeyAlgo   PublicKeyAlgorithm
	PublicKey    interface{} // *rsa.PublicKey, *dsa.PublicKey, *ecdsa.PublicKey or *eddsa.PublicKey
	Fingerprint  []byte
	KeyId        uint64
	IsSubkey     bool
	// contains filtered or unexported fields
}

PublicKey represents an OpenPGP public key. See RFC 4880, section 5.5.2.

func NewDSAPublicKey 

func NewDSAPublicKey(creationTime time.Time, pub *dsa.PublicKey) *PublicKey

NewDSAPublicKey returns a PublicKey that wraps the given dsa.PublicKey.

func NewECDHPublicKey 

func NewECDHPublicKey(creationTime time.Time, pub *ecdh.PublicKey) *PublicKey

func NewECDSAPublicKey 

func NewECDSAPublicKey(creationTime time.Time, pub *ecdsa.PublicKey) *PublicKey

func NewEdDSAPublicKey 

func NewEdDSAPublicKey(creationTime time.Time, pub *eddsa.PublicKey) *PublicKey

func NewElGamalPublicKey 

func NewElGamalPublicKey(creationTime time.Time, pub *elgamal.PublicKey) *PublicKey

NewElGamalPublicKey returns a PublicKey that wraps the given elgamal.PublicKey.

func NewRSAPublicKey 

func NewRSAPublicKey(creationTime time.Time, pub *rsa.PublicKey) *PublicKey

NewRSAPublicKey returns a PublicKey that wraps the given rsa.PublicKey.

func (*PublicKey) BitLength 

func (pk *PublicKey) BitLength() (bitLength uint16, err error)

BitLength returns the bit length for the given public key.

func (*PublicKey) CanSign 

func (pk *PublicKey) CanSign() bool

CanSign returns true iff this public key can generate signatures

func (*PublicKey) KeyExpired 

func (pk *PublicKey) KeyExpired(sig *Signature, currentTime time.Time) bool

KeyExpired returns whether sig is a self-signature of a key that has expired or is created in the future.

func (*PublicKey) KeyIdShortString 

func (pk *PublicKey) KeyIdShortString() string

KeyIdShortString returns the short form of public key's fingerprint in capital hex, as shown by gpg --list-keys (e.g. "621CC013").

func (*PublicKey) KeyIdString 

func (pk *PublicKey) KeyIdString() string

KeyIdString returns the public key's fingerprint in capital hex (e.g. "6C7EE1B8621CC013").

func (*PublicKey) Serialize 

func (pk *PublicKey) Serialize(w io.Writer) (err error)

func (*PublicKey) SerializeForHash 

func (pk *PublicKey) SerializeForHash(w io.Writer) error

SerializeForHash serializes the PublicKey to w with the special packet header format needed for hashing.

func (*PublicKey) SerializeSignaturePrefix 

func (pk *PublicKey) SerializeSignaturePrefix(w io.Writer)

SerializeSignaturePrefix writes the prefix for this public key to the given Writer. The prefix is used when calculating a signature over this public key. See RFC 4880, section 5.2.4.

func (*PublicKey) UpgradeToV5 

func (pk *PublicKey) UpgradeToV5()

UpgradeToV5 updates the version of the key to v5, and updates all necessary fields.

func (*PublicKey) VerifyKeySignature 

func (pk *PublicKey) VerifyKeySignature(signed *PublicKey, sig *Signature) error

VerifyKeySignature returns nil iff sig is a valid signature, made by this public key, of signed.

func (*PublicKey) VerifyKeySignatureV3 

func (pk *PublicKey) VerifyKeySignatureV3(signed *PublicKey, sig *SignatureV3) (err error)

VerifyKeySignatureV3 returns nil iff sig is a valid signature, made by this public key, of signed.

func (*PublicKey) VerifyRevocationSignature 

func (pk *PublicKey) VerifyRevocationSignature(sig *Signature) (err error)

VerifyRevocationSignature returns nil iff sig is a valid signature, made by this public key.

func (*PublicKey) VerifySignature 

func (pk *PublicKey) VerifySignature(signed hash.Hash, sig *Signature) (err error)

VerifySignature returns nil iff sig is a valid signature, made by this public key, of the data hashed into signed. signed is mutated by this call.

func (*PublicKey) VerifySignatureV3 

func (pk *PublicKey) VerifySignatureV3(signed hash.Hash, sig *SignatureV3) (err error)

VerifySignatureV3 returns nil iff sig is a valid signature, made by this public key, of the data hashed into signed. signed is mutated by this call.

func (*PublicKey) VerifySubkeyRevocationSignature 

func (pk *PublicKey) VerifySubkeyRevocationSignature(sig *Signature, signed *PublicKey) (err error)

VerifySubkeyRevocationSignature returns nil iff sig is a valid subkey revocation signature, made by this public key, of signed.

func (*PublicKey) VerifyUserIdSignature 

func (pk *PublicKey) VerifyUserIdSignature(id string, pub *PublicKey, sig *Signature) (err error)

VerifyUserIdSignature returns nil iff sig is a valid signature, made by this public key, that id is the identity of pub.

func (*PublicKey) VerifyUserIdSignatureV3 

func (pk *PublicKey) VerifyUserIdSignatureV3(id string, pub *PublicKey, sig *SignatureV3) (err error)

VerifyUserIdSignatureV3 returns nil iff sig is a valid signature, made by this public key, that id is the identity of pub.

type PublicKeyAlgorithm 

type PublicKeyAlgorithm uint8

PublicKeyAlgorithm represents the different public key system specified for OpenPGP. See http://www.iana.org/assignments/pgp-parameters/pgp-parameters.xhtml#pgp-parameters-12 

const (
	PubKeyAlgoRSA     PublicKeyAlgorithm = 1
	PubKeyAlgoElGamal PublicKeyAlgorithm = 16
	PubKeyAlgoDSA     PublicKeyAlgorithm = 17
	// RFC 6637, Section 5.
	PubKeyAlgoECDH  PublicKeyAlgorithm = 18
	PubKeyAlgoECDSA PublicKeyAlgorithm = 19
	// https://www.ietf.org/archive/id/draft-koch-eddsa-for-openpgp-04.txt
	PubKeyAlgoEdDSA PublicKeyAlgorithm = 22

	// Deprecated in RFC 4880, Section 13.5. Use key flags instead.
	PubKeyAlgoRSAEncryptOnly PublicKeyAlgorithm = 2
	PubKeyAlgoRSASignOnly    PublicKeyAlgorithm = 3
)

func (PublicKeyAlgorithm) CanEncrypt 

func (pka PublicKeyAlgorithm) CanEncrypt() bool

CanEncrypt returns true if it's possible to encrypt a message to a public key of the given type.

func (PublicKeyAlgorithm) CanSign 

func (pka PublicKeyAlgorithm) CanSign() bool

CanSign returns true if it's possible for a public key of the given type to sign a message.

type PublicKeyV3 

type PublicKeyV3 struct {
	CreationTime time.Time
	DaysToExpire uint16
	PubKeyAlgo   PublicKeyAlgorithm
	PublicKey    *rsa.PublicKey
	Fingerprint  [16]byte
	KeyId        uint64
	IsSubkey     bool
	// contains filtered or unexported fields
}

PublicKeyV3 represents older, version 3 public keys. These keys are less secure and should not be used for signing or encrypting. They are supported here only for parsing version 3 key material and validating signatures. See RFC 4880, section 5.5.2.

func (*PublicKeyV3) BitLength 

func (pk *PublicKeyV3) BitLength() (bitLength uint16, err error)

BitLength returns the bit length for the given public key.

func (*PublicKeyV3) CanSign 

func (pk *PublicKeyV3) CanSign() bool

CanSign returns true iff this public key can generate signatures

func (*PublicKeyV3) KeyIdShortString 

func (pk *PublicKeyV3) KeyIdShortString() string

KeyIdShortString returns the short form of public key's fingerprint in capital hex, as shown by gpg --list-keys (e.g. "621CC013").

func (*PublicKeyV3) KeyIdString 

func (pk *PublicKeyV3) KeyIdString() string

KeyIdString returns the public key's fingerprint in capital hex (e.g. "6C7EE1B8621CC013").

func (*PublicKeyV3) Serialize 

func (pk *PublicKeyV3) Serialize(w io.Writer) (err error)

func (*PublicKeyV3) SerializeForHash 

func (pk *PublicKeyV3) SerializeForHash(w io.Writer) error

SerializeForHash serializes the PublicKey to w with the special packet header format needed for hashing.

func (*PublicKeyV3) SerializeSignaturePrefix 

func (pk *PublicKeyV3) SerializeSignaturePrefix(w io.Writer)

SerializeSignaturePrefix writes the prefix for this public key to the given Writer. The prefix is used when calculating a signature over this public key. See RFC 4880, section 5.2.4.

func (*PublicKeyV3) VerifyKeySignatureV3 

func (pk *PublicKeyV3) VerifyKeySignatureV3(signed *PublicKeyV3, sig *SignatureV3) (err error)

VerifyKeySignatureV3 returns nil iff sig is a valid signature, made by this public key, of signed.

func (*PublicKeyV3) VerifySignatureV3 

func (pk *PublicKeyV3) VerifySignatureV3(signed hash.Hash, sig *SignatureV3) (err error)

VerifySignatureV3 returns nil iff sig is a valid signature, made by this public key, of the data hashed into signed. signed is mutated by this call.

func (*PublicKeyV3) VerifyUserIdSignatureV3 

func (pk *PublicKeyV3) VerifyUserIdSignatureV3(id string, pub *PublicKeyV3, sig *SignatureV3) (err error)

VerifyUserIdSignatureV3 returns nil iff sig is a valid signature, made by this public key, that id is the identity of pub.

type Reader 

type Reader struct {
	// contains filtered or unexported fields
}

Reader reads packets from an io.Reader and allows packets to be 'unread' so that they result from the next call to Next.

func NewReader 

func NewReader(r io.Reader) *Reader

func (*Reader) Next 

func (r *Reader) Next() (p Packet, err error)

Next returns the most recently unread Packet, or reads another packet from the top-most io.Reader. Unknown packet types are skipped.

func (*Reader) Push 

func (r *Reader) Push(reader io.Reader) (err error)

Push causes the Reader to start reading from a new io.Reader. When an EOF error is seen from the new io.Reader, it is popped and the Reader continues to read from the next most recent io.Reader. Push returns a StructuralError if pushing the reader would exceed the maximum recursion level, otherwise it returns nil.

func (*Reader) Unread 

func (r *Reader) Unread(p Packet)

Unread causes the given Packet to be returned from the next call to Next.

type ReasonForRevocation 

type ReasonForRevocation uint8

ReasonForRevocation represents a revocation reason code as per RFC4880 section 5.2.3.23. 

const (
	NoReason       ReasonForRevocation = 0
	KeySuperseded  ReasonForRevocation = 1
	KeyCompromised ReasonForRevocation = 2
	KeyRetired     ReasonForRevocation = 3
)

type S2KType 

type S2KType uint8

S2KType s2k packet type 

const (
	// S2KNON unencrypt
	S2KNON S2KType = 0
	// S2KSHA1 sha1 sum check
	S2KSHA1 S2KType = 254
	// S2KCHECKSUM sum check
	S2KCHECKSUM S2KType = 255
)

type Signature 

type Signature struct {
	Version    int
	SigType    SignatureType
	PubKeyAlgo PublicKeyAlgorithm
	Hash       crypto.Hash

	// HashSuffix is extra data that is hashed in after the signed data.
	HashSuffix []byte
	// HashTag contains the first two bytes of the hash for fast rejection
	// of bad signed data.
	HashTag [2]byte

	// Metadata includes format, filename and time, and is protected by v5
	// signatures of type 0x00 or 0x01. This metadata is included into the hash
	// computation; if nil, six 0x00 bytes are used instead. See section 5.2.4.
	Metadata *LiteralData

	CreationTime time.Time

	RSASignature         encoding.Field
	DSASigR, DSASigS     encoding.Field
	ECDSASigR, ECDSASigS encoding.Field
	EdDSASigR, EdDSASigS encoding.Field

	SigLifetimeSecs, KeyLifetimeSecs                        *uint32
	PreferredSymmetric, PreferredHash, PreferredCompression []uint8
	PreferredCipherSuites                                   [][2]uint8
	IssuerKeyId                                             *uint64
	IssuerFingerprint                                       []byte
	SignerUserId                                            *string
	IsPrimaryId                                             *bool
	Notations                                               []*Notation

	// TrustLevel and TrustAmount can be set by the signer to assert that
	// the key is not only valid but also trustworthy at the specified
	// level.
	// See RFC 4880, section 5.2.3.13 for details.
	TrustLevel  TrustLevel
	TrustAmount TrustAmount

	// TrustRegularExpression can be used in conjunction with trust Signature
	// packets to limit the scope of the trust that is extended.
	// See RFC 4880, section 5.2.3.14 for details.
	TrustRegularExpression *string

	// PolicyURI can be set to the URI of a document that describes the
	// policy under which the signature was issued. See RFC 4880, section
	// 5.2.3.20 for details.
	PolicyURI string

	// FlagsValid is set if any flags were given. See RFC 4880, section
	// 5.2.3.21 for details.
	FlagsValid                                                                                                         bool
	FlagCertify, FlagSign, FlagEncryptCommunications, FlagEncryptStorage, FlagSplitKey, FlagAuthenticate, FlagGroupKey bool

	// RevocationReason is set if this signature has been revoked.
	// See RFC 4880, section 5.2.3.23 for details.
	RevocationReason     *ReasonForRevocation
	RevocationReasonText string

	// In a self-signature, these flags are set there is a features subpacket
	// indicating that the issuer implementation supports these features
	// see https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh#features-subpacket
	SEIPDv1, SEIPDv2 bool

	// EmbeddedSignature, if non-nil, is a signature of the parent key, by
	// this key. This prevents an attacker from claiming another's signing
	// subkey as their own.
	EmbeddedSignature *Signature
	// contains filtered or unexported fields
}

Signature represents a signature. See RFC 4880, section 5.2.

func (*Signature) AddMetadataToHashSuffix 

func (sig *Signature) AddMetadataToHashSuffix()

AddMetadataToHashSuffix modifies the current hash suffix to include metadata (format, filename, and time). Version 5 keys protect this data including it in the hash computation. See section 5.2.4.

func (*Signature) CheckKeyIdOrFingerprint 

func (sig *Signature) CheckKeyIdOrFingerprint(pk *PublicKey) bool

func (*Signature) CrossSignKey 

func (sig *Signature) CrossSignKey(pub *PublicKey, hashKey *PublicKey, signingKey *PrivateKey,
	config *Config) error

CrossSignKey computes a signature from signingKey on pub hashed using hashKey. On success, the signature is stored in sig. Call Serialize to write it out. If config is nil, sensible defaults will be used.

func (*Signature) RevokeKey 

func (sig *Signature) RevokeKey(pub *PublicKey, priv *PrivateKey, config *Config) error

RevokeKey computes a revocation signature of pub using priv. On success, the signature is stored in sig. Call Serialize to write it out. If config is nil, sensible defaults will be used.

func (*Signature) RevokeSubkey 

func (sig *Signature) RevokeSubkey(pub *PublicKey, priv *PrivateKey, config *Config) error

RevokeSubkey computes a subkey revocation signature of pub using priv. On success, the signature is stored in sig. Call Serialize to write it out. If config is nil, sensible defaults will be used.

func (*Signature) Serialize 

func (sig *Signature) Serialize(w io.Writer) (err error)

Serialize marshals sig to w. Sign, SignUserId or SignKey must have been called first.

func (*Signature) SigExpired 

func (sig *Signature) SigExpired(currentTime time.Time) bool

SigExpired returns whether sig is a signature that has expired or is created in the future.

func (*Signature) Sign 

func (sig *Signature) Sign(h hash.Hash, priv *PrivateKey, config *Config) (err error)

Sign signs a message with a private key. The hash, h, must contain the hash of the message to be signed and will be mutated by this function. On success, the signature is stored in sig. Call Serialize to write it out. If config is nil, sensible defaults will be used.

func (*Signature) SignKey 

func (sig *Signature) SignKey(pub *PublicKey, priv *PrivateKey, config *Config) error

SignKey computes a signature from priv, asserting that pub is a subkey. On success, the signature is stored in sig. Call Serialize to write it out. If config is nil, sensible defaults will be used.

func (*Signature) SignUserId 

func (sig *Signature) SignUserId(id string, pub *PublicKey, priv *PrivateKey, config *Config) error

SignUserId computes a signature from priv, asserting that pub is a valid key for the identity id. On success, the signature is stored in sig. Call Serialize to write it out. If config is nil, sensible defaults will be used.

type SignatureType 

type SignatureType uint8

SignatureType represents the different semantic meanings of an OpenPGP signature. See RFC 4880, section 5.2.1.

type SignatureV3 

type SignatureV3 struct {
	SigType      SignatureType
	CreationTime time.Time
	IssuerKeyId  uint64
	PubKeyAlgo   PublicKeyAlgorithm
	Hash         crypto.Hash
	HashTag      [2]byte

	RSASignature     encoding.Field
	DSASigR, DSASigS encoding.Field
}

SignatureV3 represents older version 3 signatures. These signatures are less secure than version 4 and should not be used to create new signatures. They are included here for backwards compatibility to read and validate with older key material. See RFC 4880, section 5.2.2.

func (*SignatureV3) Serialize 

func (sig *SignatureV3) Serialize(w io.Writer) (err error)

Serialize marshals sig to w. Sign, SignUserId or SignKey must have been called first.

type SymmetricKeyEncrypted 

type SymmetricKeyEncrypted struct {
	Version    int
	CipherFunc CipherFunction
	Mode       AEADMode
	// contains filtered or unexported fields
}

SymmetricKeyEncrypted represents a passphrase protected session key. See RFC 4880, section 5.3.

func (*SymmetricKeyEncrypted) Decrypt 

func (ske *SymmetricKeyEncrypted) Decrypt(passphrase []byte) ([]byte, CipherFunction, error)

Decrypt attempts to decrypt an encrypted session key and returns the key and the cipher to use when decrypting a subsequent Symmetrically Encrypted Data packet.

type SymmetricallyEncrypted 

type SymmetricallyEncrypted struct {
	Version            int
	Contents           io.Reader // contains tag for version 2
	IntegrityProtected bool      // If true it is type 18 (with MDC or AEAD). False is packet type 9

	// Specific to version 2
	Cipher        CipherFunction
	Mode          AEADMode
	ChunkSizeByte byte
	Salt          [aeadSaltSize]byte
	// contains filtered or unexported fields
}

SymmetricallyEncrypted represents a symmetrically encrypted byte string. The encrypted Contents will consist of more OpenPGP packets. See RFC 4880, sections 5.7 and 5.13.

func (*SymmetricallyEncrypted) Decrypt 

func (se *SymmetricallyEncrypted) Decrypt(c CipherFunction, key []byte) (io.ReadCloser, error)

Decrypt returns a ReadCloser, from which the decrypted Contents of the packet can be read. An incorrect key will only be detected after trying to decrypt the entire data.

type TrustAmount 

type TrustAmount uint8

TrustAmount represents a trust amount per RFC4880 5.2.3.13

type TrustLevel 

type TrustLevel uint8

TrustLevel represents a trust level per RFC4880 5.2.3.13

type UserAttribute 

type UserAttribute struct {
	Contents []*OpaqueSubpacket
}

UserAttribute is capable of storing other types of data about a user beyond name, email and a text comment. In practice, user attributes are typically used to store a signed thumbnail photo JPEG image of the user. See RFC 4880, section 5.12.

func NewUserAttribute 

func NewUserAttribute(contents ...*OpaqueSubpacket) *UserAttribute

NewUserAttribute creates a new user attribute packet containing the given subpackets.

func NewUserAttributePhoto 

func NewUserAttributePhoto(photos ...image.Image) (uat *UserAttribute, err error)

NewUserAttributePhoto creates a user attribute packet containing the given images.

func (*UserAttribute) ImageData 

func (uat *UserAttribute) ImageData() (imageData [][]byte)

ImageData returns zero or more byte slices, each containing JPEG File Interchange Format (JFIF), for each photo in the user attribute packet.

func (*UserAttribute) Serialize 

func (uat *UserAttribute) Serialize(w io.Writer) (err error)

Serialize marshals the user attribute to w in the form of an OpenPGP packet, including header.

type UserId 

type UserId struct {
	Id string // By convention, this takes the form "Full Name (Comment) <email@example.com>" which is split out in the fields below.

	Name, Comment, Email string
}

UserId contains text that is intended to represent the name and email address of the key holder. See RFC 4880, section 5.11. By convention, this takes the form "Full Name (Comment) <email@example.com>"

func NewUserId 

func NewUserId(name, comment, email string) *UserId

NewUserId returns a UserId or nil if any of the arguments contain invalid characters. The invalid characters are '\x00', '(', ')', '<' and '>'

func (*UserId) Serialize 

func (uid *UserId) Serialize(w io.Writer) error

Serialize marshals uid to w in the form of an OpenPGP packet, including header.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.