/
pgp.go
98 lines (77 loc) · 2.26 KB
/
pgp.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
package util
import (
"bytes"
"encoding/hex"
"errors"
"fmt"
"strings"
"golang.org/x/crypto/openpgp"
"golang.org/x/crypto/openpgp/armor"
"golang.org/x/crypto/openpgp/clearsign"
_ "golang.org/x/crypto/bcrypt"
_ "golang.org/x/crypto/blowfish"
_ "golang.org/x/crypto/md4"
_ "golang.org/x/crypto/ripemd160"
_ "golang.org/x/crypto/scrypt"
_ "golang.org/x/crypto/sha3"
)
func ValidatePGPPublicKey(key string) error {
fromBlock, err := armor.Decode(strings.NewReader(key))
if err != nil || fromBlock.Type != openpgp.PublicKeyType {
return errors.New("Invalid PGP Key")
}
return nil
}
func Fingerprint(publicKey string) string {
entitylist, err := openpgp.ReadArmoredKeyRing(bytes.NewBufferString(publicKey))
if err != nil {
return ""
}
fingerprint := hex.EncodeToString(entitylist[0].PrimaryKey.Fingerprint[:])
return strings.ToUpper(fingerprint)
}
func EncryptText(encryptionText, publicKey string) (string, error) {
entitylist, err := openpgp.ReadArmoredKeyRing(bytes.NewBufferString(publicKey))
if err != nil {
return "", err
}
encbuf := bytes.NewBuffer(nil)
w, err := armor.Encode(encbuf, "PGP MESSAGE", nil)
if err != nil {
return "", err
}
plaintext, err := openpgp.Encrypt(w, entitylist, nil, nil, nil)
if err != nil {
return "", err
}
message := []byte(encryptionText)
_, err = plaintext.Write(message)
plaintext.Close()
w.Close()
return fmt.Sprintf("%s", encbuf), nil
}
func CheckSignature(encryptedMessage, secretText, publicKey string) (bool, error) {
keyring, err := openpgp.ReadArmoredKeyRing(strings.NewReader(publicKey))
if err != nil {
return false, err
}
_, err = armor.Decode(strings.NewReader(encryptedMessage))
if err != nil {
return false, err
}
block, _ := clearsign.Decode([]byte(encryptedMessage))
if block == nil {
return false, errors.New("Failed to decode message")
}
signed := bytes.NewReader(block.Bytes)
signature := block.ArmoredSignature.Body
decryptedSecret := strings.Trim(string(block.Plaintext), "\n ")
if decryptedSecret != secretText {
return false, errors.New("Secret text does not match")
}
signer, err := openpgp.CheckDetachedSignature(keyring, signed, signature)
if err != nil {
return false, err
}
return signer.PrimaryKey.Fingerprint == keyring[0].PrimaryKey.Fingerprint, nil
}