Go - Golang openpg - 创建密钥对并创建签名
Go - Golang openpg - Create Key pair and create signature
我目前正在结合 golang 开发 openpgp。我使用以下代码生成新的密钥对并在生成的 public 密钥上创建自签名:
package main
import (
"bytes"
"crypto"
"time"
"golang.org/x/crypto/openpgp"
"golang.org/x/crypto/openpgp/armor"
"golang.org/x/crypto/openpgp/packet"
"fmt"
)
//Create ASscii Armor from openpgp.Entity
func PubEntToAsciiArmor(pubEnt *openpgp.Entity) (asciiEntity string) {
gotWriter := bytes.NewBuffer(nil)
wr, errEncode := armor.Encode(gotWriter, openpgp.PublicKeyType, nil)
if errEncode != nil {
fmt.Println("Encoding Armor ", errEncode.Error())
return
}
errSerial := pubEnt.Serialize(wr)
if errSerial != nil {
fmt.Println("Serializing PubKey ", errSerial.Error())
}
errClosing := wr.Close()
if errClosing != nil {
fmt.Println("Closing writer ", errClosing.Error())
}
asciiEntity = gotWriter.String()
return
}
func main() {
var entity *openpgp.Entity
entity, err := openpgp.NewEntity("itis", "test", "itis@itis3.com", nil)
if err != nil {
fmt.Println("ERROR")
}
usrIdstring := ""
for _, uIds := range entity.Identities {
usrIdstring = uIds.Name
}
var priKey = entity.PrivateKey
var sig = new(packet.Signature)
//Prepare sign with our configs/////IS IT A MUST ??
sig.Hash = crypto.SHA1
sig.PubKeyAlgo = priKey.PubKeyAlgo
sig.CreationTime = time.Now()
dur := new(uint32)
*dur = uint32(365 * 24 * 60 * 60)
sig.SigLifetimeSecs = dur //a year
issuerUint := new(uint64)
*issuerUint = priKey.KeyId
sig.IssuerKeyId = issuerUint
sig.SigType = packet.SigTypeGenericCert
err = sig.SignKey(entity.PrimaryKey, entity.PrivateKey, nil)
if err != nil {
fmt.Println("ERROR")
}
err = sig.SignUserId(usrIdstring, entity.PrimaryKey, entity.PrivateKey, nil)
if err != nil {
fmt.Println("ERROR")
}
entity.SignIdentity(usrIdstring, entity, nil)
var copy = entity
var asciiSignedKey = PubEntToAsciiArmor(copy)
fmt.Println(asciiSignedKey)
}
1.) 当我序列化 public 密钥(以获得它的装甲版本)时,我收到以下错误消息:
Serializing PubKey openpgp: invalid argument: Signature: need to call Sign, SignUserId or SignKey before Serialize
我以为我只是用了所有可能的方法在该密钥上创建签名?
2.) 当我将密钥上传到密钥服务器时,我仍然收到问题 1 的输出,但可用信息不完整。仅列出密钥 ID 和创建日期。缺少所有附加信息,如自签名、用户 ID 字符串等(示例:https://pgp.mit.edu/pks/lookup?search=0xbe6ee21e94a73ba5&op=index)。什么地方出了错?与错误1有关吗?
PS: 我是golang新手,今天开始。
也许这会如您所愿。免责声明:我不是 openpgp 专家;我不知道这是否正确。但它确实适用于 gpg --import.
package main
import (
"fmt"
"os"
"golang.org/x/crypto/openpgp"
"golang.org/x/crypto/openpgp/armor"
)
func main() {
var e *openpgp.Entity
e, err := openpgp.NewEntity("itis", "test", "itis@itis3.com", nil)
if err != nil {
fmt.Println(err)
return
}
// Add more identities here if you wish
// Sign all the identities
for _, id := range e.Identities {
err := id.SelfSignature.SignUserId(id.UserId.Id, e.PrimaryKey, e.PrivateKey, nil)
if err != nil {
fmt.Println(err)
return
}
}
w, err := armor.Encode(os.Stdout, openpgp.PublicKeyType, nil)
if err != nil {
fmt.Println(err)
return
}
defer w.Close()
e.Serialize(w)
}
这似乎是一个已知问题:https://github.com/golang/go/issues/6483。解决方法是先调用 SerializePrivate,即使您不使用结果。
我写https://github.com/alokmenghrajani/gpgeez就是为了这个目的。它是一个 Go 库,可以更轻松地创建密钥或将密钥导出为装甲字符串。
这是它的要点,没有任何错误检查:
func CreateKey() *openpgp.Entity {
key, _ := openpgp.NewEntity(name, comment, email, nil)
for _, id := range key.Identities {
id.SelfSignature.PreferredSymmetric = []uint8{...}
id.SelfSignature.PreferredHash = []uint8{...}
id.SelfSignature.PreferredCompression = []uint8{...}
id.SelfSignature.SignUserId(id.UserId.Id, key.PrimaryKey, key.PrivateKey, nil)
}
// Self-sign the Subkeys
for _, subkey := range key.Subkeys {
subkey.Sig.SignKey(subkey.PublicKey, key.PrivateKey, nil)
}
return r
}
我目前正在结合 golang 开发 openpgp。我使用以下代码生成新的密钥对并在生成的 public 密钥上创建自签名:
package main
import (
"bytes"
"crypto"
"time"
"golang.org/x/crypto/openpgp"
"golang.org/x/crypto/openpgp/armor"
"golang.org/x/crypto/openpgp/packet"
"fmt"
)
//Create ASscii Armor from openpgp.Entity
func PubEntToAsciiArmor(pubEnt *openpgp.Entity) (asciiEntity string) {
gotWriter := bytes.NewBuffer(nil)
wr, errEncode := armor.Encode(gotWriter, openpgp.PublicKeyType, nil)
if errEncode != nil {
fmt.Println("Encoding Armor ", errEncode.Error())
return
}
errSerial := pubEnt.Serialize(wr)
if errSerial != nil {
fmt.Println("Serializing PubKey ", errSerial.Error())
}
errClosing := wr.Close()
if errClosing != nil {
fmt.Println("Closing writer ", errClosing.Error())
}
asciiEntity = gotWriter.String()
return
}
func main() {
var entity *openpgp.Entity
entity, err := openpgp.NewEntity("itis", "test", "itis@itis3.com", nil)
if err != nil {
fmt.Println("ERROR")
}
usrIdstring := ""
for _, uIds := range entity.Identities {
usrIdstring = uIds.Name
}
var priKey = entity.PrivateKey
var sig = new(packet.Signature)
//Prepare sign with our configs/////IS IT A MUST ??
sig.Hash = crypto.SHA1
sig.PubKeyAlgo = priKey.PubKeyAlgo
sig.CreationTime = time.Now()
dur := new(uint32)
*dur = uint32(365 * 24 * 60 * 60)
sig.SigLifetimeSecs = dur //a year
issuerUint := new(uint64)
*issuerUint = priKey.KeyId
sig.IssuerKeyId = issuerUint
sig.SigType = packet.SigTypeGenericCert
err = sig.SignKey(entity.PrimaryKey, entity.PrivateKey, nil)
if err != nil {
fmt.Println("ERROR")
}
err = sig.SignUserId(usrIdstring, entity.PrimaryKey, entity.PrivateKey, nil)
if err != nil {
fmt.Println("ERROR")
}
entity.SignIdentity(usrIdstring, entity, nil)
var copy = entity
var asciiSignedKey = PubEntToAsciiArmor(copy)
fmt.Println(asciiSignedKey)
}
1.) 当我序列化 public 密钥(以获得它的装甲版本)时,我收到以下错误消息:
Serializing PubKey openpgp: invalid argument: Signature: need to call Sign, SignUserId or SignKey before Serialize
我以为我只是用了所有可能的方法在该密钥上创建签名?
2.) 当我将密钥上传到密钥服务器时,我仍然收到问题 1 的输出,但可用信息不完整。仅列出密钥 ID 和创建日期。缺少所有附加信息,如自签名、用户 ID 字符串等(示例:https://pgp.mit.edu/pks/lookup?search=0xbe6ee21e94a73ba5&op=index)。什么地方出了错?与错误1有关吗?
PS: 我是golang新手,今天开始。
也许这会如您所愿。免责声明:我不是 openpgp 专家;我不知道这是否正确。但它确实适用于 gpg --import.
package main
import (
"fmt"
"os"
"golang.org/x/crypto/openpgp"
"golang.org/x/crypto/openpgp/armor"
)
func main() {
var e *openpgp.Entity
e, err := openpgp.NewEntity("itis", "test", "itis@itis3.com", nil)
if err != nil {
fmt.Println(err)
return
}
// Add more identities here if you wish
// Sign all the identities
for _, id := range e.Identities {
err := id.SelfSignature.SignUserId(id.UserId.Id, e.PrimaryKey, e.PrivateKey, nil)
if err != nil {
fmt.Println(err)
return
}
}
w, err := armor.Encode(os.Stdout, openpgp.PublicKeyType, nil)
if err != nil {
fmt.Println(err)
return
}
defer w.Close()
e.Serialize(w)
}
这似乎是一个已知问题:https://github.com/golang/go/issues/6483。解决方法是先调用 SerializePrivate,即使您不使用结果。
我写https://github.com/alokmenghrajani/gpgeez就是为了这个目的。它是一个 Go 库,可以更轻松地创建密钥或将密钥导出为装甲字符串。
这是它的要点,没有任何错误检查:
func CreateKey() *openpgp.Entity {
key, _ := openpgp.NewEntity(name, comment, email, nil)
for _, id := range key.Identities {
id.SelfSignature.PreferredSymmetric = []uint8{...}
id.SelfSignature.PreferredHash = []uint8{...}
id.SelfSignature.PreferredCompression = []uint8{...}
id.SelfSignature.SignUserId(id.UserId.Id, key.PrimaryKey, key.PrivateKey, nil)
}
// Self-sign the Subkeys
for _, subkey := range key.Subkeys {
subkey.Sig.SignKey(subkey.PublicKey, key.PrivateKey, nil)
}
return r
}