/
encrypt_pgp.go
105 lines (80 loc) · 2.45 KB
/
encrypt_pgp.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
package commons
import (
"fmt"
"io"
"os"
"strings"
_ "crypto/sha256"
"golang.org/x/crypto/openpgp"
"golang.org/x/crypto/openpgp/packet"
_ "golang.org/x/crypto/ripemd160"
"golang.org/x/xerrors"
)
const (
PgpEncryptedFileExtension string = ".pgp.enc"
PgpSalt string = "4e2f34041d564ed8"
)
func EncryptFilenamePGP(filename string) string {
return fmt.Sprintf("%s%s", filename, PgpEncryptedFileExtension)
}
func DecryptFilenamePGP(filename string) string {
// trim file ext
return strings.TrimSuffix(filename, PgpEncryptedFileExtension)
}
func EncryptFilePGP(source string, target string, key []byte) error {
sourceFileHandle, err := os.Open(source)
if err != nil {
return xerrors.Errorf("failed to open file %s: %w", source, err)
}
defer sourceFileHandle.Close()
targetFileHandle, err := os.OpenFile(target, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0666)
if err != nil {
return xerrors.Errorf("failed to create file %s: %w", target, err)
}
defer targetFileHandle.Close()
encryptionConfig := &packet.Config{
DefaultCipher: packet.CipherAES256,
}
writeHandle, err := openpgp.SymmetricallyEncrypt(targetFileHandle, key, nil, encryptionConfig)
if err != nil {
return xerrors.Errorf("failed to create a encrypt writer for %s: %w", target, err)
}
defer writeHandle.Close()
_, err = io.Copy(writeHandle, sourceFileHandle)
if err != nil {
return xerrors.Errorf("failed to encrypt data: %w", err)
}
return nil
}
func DecryptFilePGP(source string, target string, key []byte) error {
sourceFileHandle, err := os.Open(source)
if err != nil {
return xerrors.Errorf("failed to open file %s: %w", source, err)
}
defer sourceFileHandle.Close()
targetFileHandle, err := os.OpenFile(target, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0666)
if err != nil {
return xerrors.Errorf("failed to create file %s: %w", target, err)
}
defer targetFileHandle.Close()
encryptionConfig := &packet.Config{
DefaultCipher: packet.CipherAES256,
}
failed := false
prompt := func(keys []openpgp.Key, symmetric bool) ([]byte, error) {
if failed {
return nil, xerrors.New("decryption failed")
}
failed = true
return key, nil
}
messageDetail, err := openpgp.ReadMessage(sourceFileHandle, nil, prompt, encryptionConfig)
if err != nil {
return xerrors.Errorf("failed to decrypt for %s: %w", source, err)
}
_, err = io.Copy(targetFileHandle, messageDetail.UnverifiedBody)
if err != nil {
return xerrors.Errorf("failed to decrypt data: %w", err)
}
return nil
}