const (
NoCompression = flate.NoCompression
BestSpeed = flate.BestSpeed
BestCompression = flate.BestCompression
DefaultCompression = flate.DefaultCompression
)
const (
SigTypeBinary SignatureType = 0x00
SigTypeText = 0x01
SigTypeGenericCert = 0x10
SigTypePersonaCert = 0x11
SigTypeCasualCert = 0x12
SigTypePositiveCert = 0x13
SigTypeSubkeyBinding = 0x18
SigTypePrimaryKeyBinding = 0x19
SigTypeDirectSignature = 0x1F
SigTypeKeyRevocation = 0x20
SigTypeSubkeyRevocation = 0x28
SigTypeCertificationRevocation = 0x30
)
const (
// See RFC 4880, section 5.2.3.21 for details.
KeyFlagCertify = 1 << iota
KeyFlagSign
KeyFlagEncryptCommunications
KeyFlagEncryptStorage
KeyFlagSplitKey
KeyFlagAuthenticate
KeyFlagGroupKey
)
const UserAttrImageSubpacket = 1
func DecryptPrivateKeys(keys []*PrivateKey, passphrase []byte) error
DecryptPrivateKeys decrypts all encrypted keys with the given config and passphrase. Avoids recomputation of similar s2k key derivations.
func EncryptPrivateKeys(keys []*PrivateKey, passphrase []byte, config *Config) error
EncryptPrivateKeys encrypts all unencrypted keys with the given config and passphrase. Only derives one key from the passphrase, which is then used to encrypt each key.
func NewOCFBDecrypter(block cipher.Block, prefix []byte, resync OCFBResyncOption) cipher.Stream
NewOCFBDecrypter returns a cipher.Stream which decrypts data with OpenPGP's cipher feedback mode using the given cipher.Block. Prefix must be the first blockSize + 2 bytes of the ciphertext, where blockSize is the cipher.Block's block size. On successful exit, blockSize+2 bytes of decrypted data are written into prefix. Resync determines if the "resynchronization step" from RFC 4880, 13.9 step 7 is performed. Different parts of OpenPGP vary on this point.
func NewOCFBEncrypter(block cipher.Block, randData []byte, resync OCFBResyncOption) (cipher.Stream, []byte)
NewOCFBEncrypter returns a cipher.Stream which encrypts data with OpenPGP's cipher feedback mode using the given cipher.Block, and an initial amount of ciphertext. randData must be random bytes and be the same length as the cipher.Block's block size. Resync determines if the "resynchronization step" from RFC 4880, 13.9 step 7 is performed. Different parts of OpenPGP vary on this point.
func SerializeCompressed(w io.WriteCloser, algo CompressionAlgo, cc *CompressionConfig) (literaldata io.WriteCloser, err error)
SerializeCompressed serializes a compressed data packet to w and returns a WriteCloser to which the literal data packets themselves can be written and which MUST be closed on completion. If cc is nil, sensible defaults will be used to configure the compression algorithm.
func SerializeEncryptedKey(w io.Writer, pub *PublicKey, cipherFunc CipherFunction, key []byte, config *Config) error
SerializeEncryptedKey serializes an encrypted key packet to w that contains key, encrypted to pub. If config is nil, sensible defaults will be used.
func SerializeLiteral(w io.WriteCloser, isBinary bool, fileName string, time uint32) (plaintext io.WriteCloser, err error)
SerializeLiteral serializes a literal data packet to w and returns a WriteCloser to which the data itself can be written and which MUST be closed on completion. The fileName is truncated to 255 bytes.
func SerializeSymmetricKeyEncrypted(w io.Writer, passphrase []byte, config *Config) (key []byte, err error)
SerializeSymmetricKeyEncrypted serializes a symmetric key packet to w. The packet contains a random session key, encrypted by a key derived from the given passphrase. The session key is returned and must be passed to SerializeSymmetricallyEncrypted. If config is nil, sensible defaults will be used.
func SerializeSymmetricKeyEncryptedReuseKey(w io.Writer, sessionKey []byte, passphrase []byte, config *Config) (err error)
SerializeSymmetricKeyEncryptedReuseKey serializes a symmetric key packet to w. The packet contains the given session key, encrypted by a key derived from the given passphrase. The returned session key must be passed to SerializeSymmetricallyEncrypted. If config is nil, sensible defaults will be used.
func SerializeSymmetricallyEncrypted(w io.Writer, c CipherFunction, aeadSupported bool, cipherSuite CipherSuite, key []byte, config *Config) (Contents io.WriteCloser, err error)
SerializeSymmetricallyEncrypted serializes a symmetrically encrypted packet to w and returns a WriteCloser to which the to-be-encrypted packets can be written. If config is nil, sensible defaults will be used.
AEADConfig collects a number of AEAD parameters along with sensible defaults. A nil AEADConfig is valid and results in all default values.
type AEADConfig struct {
// The AEAD mode of operation.
DefaultMode AEADMode
// Amount of octets in each chunk of data
ChunkSize uint64
}
func (conf *AEADConfig) ChunkSizeByte() byte
ChunkSizeByte returns the byte indicating the chunk size. The effective chunk size is computed with the formula uint64(1) << (chunkSizeByte + 6) limit to 16 = 4 MiB https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-07.html#section-5.13.2
func (conf *AEADConfig) Mode() AEADMode
Mode returns the AEAD mode of operation.
AEADEncrypted represents an AEAD Encrypted Packet. See https://www.ietf.org/archive/id/draft-koch-openpgp-2015-rfc4880bis-00.html#name-aead-encrypted-data-packet-t
type AEADEncrypted struct {
Contents io.Reader // Encrypted chunks and tags
// contains filtered or unexported fields
}
func (ae *AEADEncrypted) Decrypt(ciph CipherFunction, key []byte) (io.ReadCloser, error)
Decrypt returns a io.ReadCloser from which decrypted bytes can be read, or an error.
AEADMode represents the different Authenticated Encryption with Associated Data specified for OpenPGP. See https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-07.html#section-9.6
type AEADMode algorithm.AEADMode
const (
AEADModeEAX AEADMode = 1
AEADModeOCB AEADMode = 2
AEADModeGCM AEADMode = 3
)
func (mode AEADMode) IvLength() int
func (mode AEADMode) TagLength() int
CipherFunction represents the different block ciphers specified for OpenPGP. See http://www.iana.org/assignments/pgp-parameters/pgp-parameters.xhtml#pgp-parameters-13
type CipherFunction algorithm.CipherFunction
const (
Cipher3DES CipherFunction = 2
CipherCAST5 CipherFunction = 3
CipherAES128 CipherFunction = 7
CipherAES192 CipherFunction = 8
CipherAES256 CipherFunction = 9
)
func (cipher CipherFunction) IsSupported() bool
IsSupported returns true if the cipher is supported from the library
func (cipher CipherFunction) KeySize() int
KeySize returns the key size, in bytes, of cipher.
CipherSuite contains a combination of Cipher and Mode
type CipherSuite struct {
// The cipher function
Cipher CipherFunction
// The AEAD mode of operation.
Mode AEADMode
}
Compressed represents a compressed OpenPGP packet. The decompressed contents will contain more OpenPGP packets. See RFC 4880, section 5.6.
type Compressed struct {
Body io.Reader
}
CompressionAlgo Represents the different compression algorithms supported by OpenPGP (except for BZIP2, which is not currently supported). See Section 9.3 of RFC 4880.
type CompressionAlgo uint8
const (
CompressionNone CompressionAlgo = 0
CompressionZIP CompressionAlgo = 1
CompressionZLIB CompressionAlgo = 2
)
CompressionConfig contains compressor configuration settings.
type CompressionConfig struct {
// Level is the compression level to use. It must be set to
// between -1 and 9, with -1 causing the compressor to use the
// default compression level, 0 causing the compressor to use
// no compression and 1 to 9 representing increasing (better,
// slower) compression levels. If Level is less than -1 or
// more then 9, a non-nil error will be returned during
// encryption. See the constants above for convenient common
// settings for Level.
Level int
}
Config collects a number of parameters along with sensible defaults. A nil *Config is valid and results in all default values.
type Config struct {
// Rand provides the source of entropy.
// If nil, the crypto/rand Reader is used.
Rand io.Reader
// DefaultHash is the default hash function to be used.
// If zero, SHA-256 is used.
DefaultHash crypto.Hash
// DefaultCipher is the cipher to be used.
// If zero, AES-128 is used.
DefaultCipher CipherFunction
// Time returns the current time as the number of seconds since the
// epoch. If Time is nil, time.Now is used.
Time func() time.Time
// DefaultCompressionAlgo is the compression algorithm to be
// applied to the plaintext before encryption. If zero, no
// compression is done.
DefaultCompressionAlgo CompressionAlgo
// CompressionConfig configures the compression settings.
CompressionConfig *CompressionConfig
// S2K (String to Key) config, used for key derivation in the context of secret key encryption
// and password-encrypted data.
// If nil, the default configuration is used
S2KConfig *s2k.Config
// Iteration count for Iterated S2K (String to Key).
// Only used if sk2.Mode is nil.
// This value is duplicated here from s2k.Config for backwards compatibility.
// It determines the strength of the passphrase stretching when
// the said passphrase is hashed to produce a key. S2KCount
// should be between 65536 and 65011712, inclusive. If Config
// is nil or S2KCount is 0, the value 16777216 used. Not all
// values in the above range can be represented. S2KCount will
// be rounded up to the next representable value if it cannot
// be encoded exactly. When set, it is strongly encrouraged to
// use a value that is at least 65536. See RFC 4880 Section
// 3.7.1.3.
//
// Deprecated: SK2Count should be configured in S2KConfig instead.
S2KCount int
// RSABits is the number of bits in new RSA keys made with NewEntity.
// If zero, then 2048 bit keys are created.
RSABits int
// The public key algorithm to use - will always create a signing primary
// key and encryption subkey.
Algorithm PublicKeyAlgorithm
// Some known primes that are optionally prepopulated by the caller
RSAPrimes []*big.Int
// Curve configures the desired packet.Curve if the Algorithm is PubKeyAlgoECDSA,
// PubKeyAlgoEdDSA, or PubKeyAlgoECDH. If empty Curve25519 is used.
Curve Curve
// AEADConfig configures the use of the new AEAD Encrypted Data Packet,
// defined in the draft of the next version of the OpenPGP specification.
// If a non-nil AEADConfig is passed, usage of this packet is enabled. By
// default, it is disabled. See the documentation of AEADConfig for more
// configuration options related to AEAD.
// **Note: using this option may break compatibility with other OpenPGP
// implementations, as well as future versions of this library.**
AEADConfig *AEADConfig
// V5Keys configures version 5 key generation. If false, this package still
// supports version 5 keys, but produces version 4 keys.
V5Keys bool
// "The validity period of the key. This is the number of seconds after
// the key creation time that the key expires. If this is not present
// or has a value of zero, the key never expires. This is found only on
// a self-signature.""
// https://tools.ietf.org/html/rfc4880#section-5.2.3.6
KeyLifetimeSecs uint32
// "The validity period of the signature. This is the number of seconds
// after the signature creation time that the signature expires. If
// this is not present or has a value of zero, it never expires."
// https://tools.ietf.org/html/rfc4880#section-5.2.3.10
SigLifetimeSecs uint32
// SigningKeyId is used to specify the signing key to use (by Key ID).
// By default, the signing key is selected automatically, preferring
// signing subkeys if available.
SigningKeyId uint64
// SigningIdentity is used to specify a user ID (packet Signer's User ID, type 28)
// when producing a generic certification signature onto an existing user ID.
// The identity must be present in the signer Entity.
SigningIdentity string
// InsecureAllowUnauthenticatedMessages controls, whether it is tolerated to read
// encrypted messages without Modification Detection Code (MDC).
// MDC is mandated by the IETF OpenPGP Crypto Refresh draft and has long been implemented
// in most OpenPGP implementations. Messages without MDC are considered unnecessarily
// insecure and should be prevented whenever possible.
// In case one needs to deal with messages from very old OpenPGP implementations, there
// might be no other way than to tolerate the missing MDC. Setting this flag, allows this
// mode of operation. It should be considered a measure of last resort.
InsecureAllowUnauthenticatedMessages bool
// KnownNotations is a map of Notation Data names to bools, which controls
// the notation names that are allowed to be present in critical Notation Data
// signature subpackets.
KnownNotations map[string]bool
// SignatureNotations is a list of Notations to be added to any signatures.
SignatureNotations []*Notation
}
func (c *Config) AEAD() *AEADConfig
func (c *Config) AllowUnauthenticatedMessages() bool
func (c *Config) Cipher() CipherFunction
func (c *Config) Compression() CompressionAlgo
func (c *Config) CurveName() Curve
func (c *Config) Hash() crypto.Hash
func (c *Config) KeyLifetime() uint32
KeyLifetime returns the validity period of the key.
func (c *Config) KnownNotation(notationName string) bool
func (c *Config) Notations() []*Notation
func (c *Config) Now() time.Time
func (c *Config) PasswordHashIterations() int
Deprecated: The hash iterations should now be queried via the S2K() method.
func (c *Config) PublicKeyAlgorithm() PublicKeyAlgorithm
func (c *Config) RSAModulusBits() int
func (c *Config) Random() io.Reader
func (c *Config) S2K() *s2k.Config
func (c *Config) SigLifetime() uint32
SigLifetime returns the validity period of the signature.
func (c *Config) SigningKey() uint64
func (c *Config) SigningUserId() string
Curve is a mapping to supported ECC curves for key generation. See https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-06.html#name-curve-specific-wire-formats
type Curve string
const (
Curve25519 Curve = "Curve25519"
Curve448 Curve = "Curve448"
CurveNistP256 Curve = "P256"
CurveNistP384 Curve = "P384"
CurveNistP521 Curve = "P521"
CurveSecP256k1 Curve = "SecP256k1"
CurveBrainpoolP256 Curve = "BrainpoolP256"
CurveBrainpoolP384 Curve = "BrainpoolP384"
CurveBrainpoolP512 Curve = "BrainpoolP512"
)
EncryptedDataPacket holds encrypted data. It is currently implemented by SymmetricallyEncrypted and AEADEncrypted.
type EncryptedDataPacket interface {
Decrypt(CipherFunction, []byte) (io.ReadCloser, error)
}
EncryptedKey represents a public-key encrypted session key. See RFC 4880, section 5.1.
type EncryptedKey struct {
KeyId uint64
Algo PublicKeyAlgorithm
CipherFunc CipherFunction // only valid after a successful Decrypt for a v3 packet
Key []byte // only valid after a successful Decrypt
// contains filtered or unexported fields
}
func (e *EncryptedKey) Decrypt(priv *PrivateKey, config *Config) error
Decrypt decrypts an encrypted session key with the given private key. The private key must have been decrypted first. If config is nil, sensible defaults will be used.
func (e *EncryptedKey) Serialize(w io.Writer) error
Serialize writes the encrypted key packet, e, to w.
LiteralData represents an encrypted file. See RFC 4880, section 5.9.
type LiteralData struct {
Format uint8
IsBinary bool
FileName string
Time uint32 // Unix epoch time. Either creation time or modification time. 0 means undefined.
Body io.Reader
}
func (l *LiteralData) ForEyesOnly() bool
ForEyesOnly returns whether the contents of the LiteralData have been marked as especially sensitive.
Notation type represents a Notation Data subpacket see https://tools.ietf.org/html/rfc4880#section-5.2.3.16
type Notation struct {
Name string
Value []byte
IsCritical bool
IsHumanReadable bool
}
An OCFBResyncOption determines if the "resynchronization step" of OCFB is performed.
type OCFBResyncOption bool
const (
OCFBResync OCFBResyncOption = true
OCFBNoResync OCFBResyncOption = false
)
OnePassSignature represents a one-pass signature packet. See RFC 4880, section 5.4.
type OnePassSignature struct {
SigType SignatureType
Hash crypto.Hash
PubKeyAlgo PublicKeyAlgorithm
KeyId uint64
IsLast bool
}
func (ops *OnePassSignature) Serialize(w io.Writer) error
Serialize marshals the given OnePassSignature to w.
OpaquePacket represents an OpenPGP packet as raw, unparsed data. This is useful for splitting and storing the original packet contents separately, handling unsupported packet types or accessing parts of the packet not yet implemented by this package.
type OpaquePacket struct {
// Packet type
Tag uint8
// Reason why the packet was parsed opaquely
Reason error
// Binary contents of the packet data
Contents []byte
}
func (op *OpaquePacket) Parse() (p Packet, err error)
Parse attempts to parse the opaque contents into a structure supported by this package. If the packet is not known then the result will be another OpaquePacket.
func (op *OpaquePacket) Serialize(w io.Writer) (err error)
Serialize marshals the packet to a writer in its original form, including the packet header.
OpaqueReader reads OpaquePackets from an io.Reader.
type OpaqueReader struct {
// contains filtered or unexported fields
}
func NewOpaqueReader(r io.Reader) *OpaqueReader
func (or *OpaqueReader) Next() (op *OpaquePacket, err error)
Read the next OpaquePacket.
OpaqueSubpacket represents an unparsed OpenPGP subpacket, as found in signature and user attribute packets.
type OpaqueSubpacket struct {
SubType uint8
EncodedLength []byte // Store the original encoded length for signature verifications.
Contents []byte
}
func OpaqueSubpackets(contents []byte) (result []*OpaqueSubpacket, err error)
OpaqueSubpackets extracts opaque, unparsed OpenPGP subpackets from their byte representation.
func (osp *OpaqueSubpacket) Serialize(w io.Writer) (err error)
Packet represents an OpenPGP packet. Users are expected to try casting instances of this interface to specific packet types.
type Packet interface {
// contains filtered or unexported methods
}
func Read(r io.Reader) (p Packet, err error)
Read reads a single OpenPGP packet from the given io.Reader. If there is an error parsing a packet, the whole packet is consumed from the input.
PrivateKey represents a possibly encrypted private key. See RFC 4880, section 5.5.3.
type PrivateKey struct {
PublicKey
Encrypted bool // if true then the private key is unavailable until Decrypt has been called.
// An *{rsa|dsa|elgamal|ecdh|ecdsa|ed25519}.PrivateKey or
// crypto.Signer/crypto.Decrypter (Decryptor RSA only).
PrivateKey interface{}
// contains filtered or unexported fields
}
func NewDSAPrivateKey(creationTime time.Time, priv *dsa.PrivateKey) *PrivateKey
func NewDecrypterPrivateKey(creationTime time.Time, decrypter interface{}) *PrivateKey
NewDecrypterPrivateKey creates a PrivateKey from a *{rsa|elgamal|ecdh}.PrivateKey.
func NewECDHPrivateKey(creationTime time.Time, priv *ecdh.PrivateKey) *PrivateKey
func NewECDSAPrivateKey(creationTime time.Time, priv *ecdsa.PrivateKey) *PrivateKey
func NewEdDSAPrivateKey(creationTime time.Time, priv *eddsa.PrivateKey) *PrivateKey
func NewElGamalPrivateKey(creationTime time.Time, priv *elgamal.PrivateKey) *PrivateKey
func NewRSAPrivateKey(creationTime time.Time, priv *rsa.PrivateKey) *PrivateKey
func NewSignerPrivateKey(creationTime time.Time, signer interface{}) *PrivateKey
NewSignerPrivateKey creates a PrivateKey from a crypto.Signer that implements RSA, ECDSA or EdDSA.
func (pk *PrivateKey) Decrypt(passphrase []byte) error
Decrypt decrypts an encrypted private key using a passphrase.
func (pk *PrivateKey) Dummy() bool
Dummy returns true if the private key is a dummy key. This is a GNU extension.
func (pk *PrivateKey) Encrypt(passphrase []byte) error
Encrypt encrypts an unencrypted private key using a passphrase.
func (pk *PrivateKey) EncryptWithConfig(passphrase []byte, config *Config) error
EncryptWithConfig encrypts an unencrypted private key using the passphrase and the config.
func (pk *PrivateKey) Serialize(w io.Writer) (err error)
PublicKey represents an OpenPGP public key. See RFC 4880, section 5.5.2.
type PublicKey struct {
Version int
CreationTime time.Time
PubKeyAlgo PublicKeyAlgorithm
PublicKey interface{} // *rsa.PublicKey, *dsa.PublicKey, *ecdsa.PublicKey or *eddsa.PublicKey
Fingerprint []byte
KeyId uint64
IsSubkey bool
// contains filtered or unexported fields
}
func NewDSAPublicKey(creationTime time.Time, pub *dsa.PublicKey) *PublicKey
NewDSAPublicKey returns a PublicKey that wraps the given dsa.PublicKey.
func NewECDHPublicKey(creationTime time.Time, pub *ecdh.PublicKey) *PublicKey
func NewECDSAPublicKey(creationTime time.Time, pub *ecdsa.PublicKey) *PublicKey
func NewEdDSAPublicKey(creationTime time.Time, pub *eddsa.PublicKey) *PublicKey
func NewElGamalPublicKey(creationTime time.Time, pub *elgamal.PublicKey) *PublicKey
NewElGamalPublicKey returns a PublicKey that wraps the given elgamal.PublicKey.
func NewRSAPublicKey(creationTime time.Time, pub *rsa.PublicKey) *PublicKey
NewRSAPublicKey returns a PublicKey that wraps the given rsa.PublicKey.
func (pk *PublicKey) BitLength() (bitLength uint16, err error)
BitLength returns the bit length for the given public key.
func (pk *PublicKey) CanSign() bool
CanSign returns true iff this public key can generate signatures
func (pk *PublicKey) KeyExpired(sig *Signature, currentTime time.Time) bool
KeyExpired returns whether sig is a self-signature of a key that has expired or is created in the future.
func (pk *PublicKey) KeyIdShortString() string
KeyIdShortString returns the short form of public key's fingerprint in capital hex, as shown by gpg --list-keys (e.g. "621CC013").
func (pk *PublicKey) KeyIdString() string
KeyIdString returns the public key's fingerprint in capital hex (e.g. "6C7EE1B8621CC013").
func (pk *PublicKey) Serialize(w io.Writer) (err error)
func (pk *PublicKey) SerializeForHash(w io.Writer) error
SerializeForHash serializes the PublicKey to w with the special packet header format needed for hashing.
func (pk *PublicKey) SerializeSignaturePrefix(w io.Writer)
SerializeSignaturePrefix writes the prefix for this public key to the given Writer. The prefix is used when calculating a signature over this public key. See RFC 4880, section 5.2.4.
func (pk *PublicKey) UpgradeToV5()
UpgradeToV5 updates the version of the key to v5, and updates all necessary fields.
func (pk *PublicKey) VerifyKeySignature(signed *PublicKey, sig *Signature) error
VerifyKeySignature returns nil iff sig is a valid signature, made by this public key, of signed.
func (pk *PublicKey) VerifyRevocationSignature(sig *Signature) (err error)
VerifyRevocationSignature returns nil iff sig is a valid signature, made by this public key.
func (pk *PublicKey) VerifySignature(signed hash.Hash, sig *Signature) (err error)
VerifySignature returns nil iff sig is a valid signature, made by this public key, of the data hashed into signed. signed is mutated by this call.
func (pk *PublicKey) VerifySubkeyRevocationSignature(sig *Signature, signed *PublicKey) (err error)
VerifySubkeyRevocationSignature returns nil iff sig is a valid subkey revocation signature, made by this public key, of signed.
func (pk *PublicKey) VerifyUserIdSignature(id string, pub *PublicKey, sig *Signature) (err error)
VerifyUserIdSignature returns nil iff sig is a valid signature, made by this public key, that id is the identity of pub.
PublicKeyAlgorithm represents the different public key system specified for OpenPGP. See http://www.iana.org/assignments/pgp-parameters/pgp-parameters.xhtml#pgp-parameters-12
type PublicKeyAlgorithm uint8
const (
PubKeyAlgoRSA PublicKeyAlgorithm = 1
PubKeyAlgoElGamal PublicKeyAlgorithm = 16
PubKeyAlgoDSA PublicKeyAlgorithm = 17
// RFC 6637, Section 5.
PubKeyAlgoECDH PublicKeyAlgorithm = 18
PubKeyAlgoECDSA PublicKeyAlgorithm = 19
// https://www.ietf.org/archive/id/draft-koch-eddsa-for-openpgp-04.txt
PubKeyAlgoEdDSA PublicKeyAlgorithm = 22
// Deprecated in RFC 4880, Section 13.5. Use key flags instead.
PubKeyAlgoRSAEncryptOnly PublicKeyAlgorithm = 2
PubKeyAlgoRSASignOnly PublicKeyAlgorithm = 3
)
func (pka PublicKeyAlgorithm) CanEncrypt() bool
CanEncrypt returns true if it's possible to encrypt a message to a public key of the given type.
func (pka PublicKeyAlgorithm) CanSign() bool
CanSign returns true if it's possible for a public key of the given type to sign a message.
Reader reads packets from an io.Reader and allows packets to be 'unread' so that they result from the next call to Next.
type Reader struct {
// contains filtered or unexported fields
}
func NewReader(r io.Reader) *Reader
func (r *Reader) Next() (p Packet, err error)
Next returns the most recently unread Packet, or reads another packet from the top-most io.Reader. Unknown packet types are skipped.
func (r *Reader) Push(reader io.Reader) (err error)
Push causes the Reader to start reading from a new io.Reader. When an EOF error is seen from the new io.Reader, it is popped and the Reader continues to read from the next most recent io.Reader. Push returns a StructuralError if pushing the reader would exceed the maximum recursion level, otherwise it returns nil.
func (r *Reader) Unread(p Packet)
Unread causes the given Packet to be returned from the next call to Next.
ReasonForRevocation represents a revocation reason code as per RFC4880 section 5.2.3.23.
type ReasonForRevocation uint8
const (
NoReason ReasonForRevocation = 0
KeySuperseded ReasonForRevocation = 1
KeyCompromised ReasonForRevocation = 2
KeyRetired ReasonForRevocation = 3
)
S2KType s2k packet type
type S2KType uint8
const (
// S2KNON unencrypt
S2KNON S2KType = 0
// S2KSHA1 sha1 sum check
S2KSHA1 S2KType = 254
// S2KCHECKSUM sum check
S2KCHECKSUM S2KType = 255
)
Signature represents a signature. See RFC 4880, section 5.2.
type Signature struct {
Version int
SigType SignatureType
PubKeyAlgo PublicKeyAlgorithm
Hash crypto.Hash
// HashSuffix is extra data that is hashed in after the signed data.
HashSuffix []byte
// HashTag contains the first two bytes of the hash for fast rejection
// of bad signed data.
HashTag [2]byte
// Metadata includes format, filename and time, and is protected by v5
// signatures of type 0x00 or 0x01. This metadata is included into the hash
// computation; if nil, six 0x00 bytes are used instead. See section 5.2.4.
Metadata *LiteralData
CreationTime time.Time
RSASignature encoding.Field
DSASigR, DSASigS encoding.Field
ECDSASigR, ECDSASigS encoding.Field
EdDSASigR, EdDSASigS encoding.Field
SigLifetimeSecs, KeyLifetimeSecs *uint32
PreferredSymmetric, PreferredHash, PreferredCompression []uint8
PreferredCipherSuites [][2]uint8
IssuerKeyId *uint64
IssuerFingerprint []byte
SignerUserId *string
IsPrimaryId *bool
Notations []*Notation
// TrustLevel and TrustAmount can be set by the signer to assert that
// the key is not only valid but also trustworthy at the specified
// level.
// See RFC 4880, section 5.2.3.13 for details.
TrustLevel TrustLevel
TrustAmount TrustAmount
// TrustRegularExpression can be used in conjunction with trust Signature
// packets to limit the scope of the trust that is extended.
// See RFC 4880, section 5.2.3.14 for details.
TrustRegularExpression *string
// PolicyURI can be set to the URI of a document that describes the
// policy under which the signature was issued. See RFC 4880, section
// 5.2.3.20 for details.
PolicyURI string
// FlagsValid is set if any flags were given. See RFC 4880, section
// 5.2.3.21 for details.
FlagsValid bool
FlagCertify, FlagSign, FlagEncryptCommunications, FlagEncryptStorage, FlagSplitKey, FlagAuthenticate, FlagGroupKey bool
// RevocationReason is set if this signature has been revoked.
// See RFC 4880, section 5.2.3.23 for details.
RevocationReason *ReasonForRevocation
RevocationReasonText string
// In a self-signature, these flags are set there is a features subpacket
// indicating that the issuer implementation supports these features
// see https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh#features-subpacket
SEIPDv1, SEIPDv2 bool
// EmbeddedSignature, if non-nil, is a signature of the parent key, by
// this key. This prevents an attacker from claiming another's signing
// subkey as their own.
EmbeddedSignature *Signature
// contains filtered or unexported fields
}
func (sig *Signature) AddMetadataToHashSuffix()
AddMetadataToHashSuffix modifies the current hash suffix to include metadata (format, filename, and time). Version 5 keys protect this data including it in the hash computation. See section 5.2.4.
func (sig *Signature) CheckKeyIdOrFingerprint(pk *PublicKey) bool
func (sig *Signature) CrossSignKey(pub *PublicKey, hashKey *PublicKey, signingKey *PrivateKey, config *Config) error
CrossSignKey computes a signature from signingKey on pub hashed using hashKey. On success, the signature is stored in sig. Call Serialize to write it out. If config is nil, sensible defaults will be used.
func (sig *Signature) RevokeKey(pub *PublicKey, priv *PrivateKey, config *Config) error
RevokeKey computes a revocation signature of pub using priv. On success, the signature is stored in sig. Call Serialize to write it out. If config is nil, sensible defaults will be used.
func (sig *Signature) RevokeSubkey(pub *PublicKey, priv *PrivateKey, config *Config) error
RevokeSubkey computes a subkey revocation signature of pub using priv. On success, the signature is stored in sig. Call Serialize to write it out. If config is nil, sensible defaults will be used.
func (sig *Signature) Serialize(w io.Writer) (err error)
Serialize marshals sig to w. Sign, SignUserId or SignKey must have been called first.
func (sig *Signature) SigExpired(currentTime time.Time) bool
SigExpired returns whether sig is a signature that has expired or is created in the future.
func (sig *Signature) Sign(h hash.Hash, priv *PrivateKey, config *Config) (err error)
Sign signs a message with a private key. The hash, h, must contain the hash of the message to be signed and will be mutated by this function. On success, the signature is stored in sig. Call Serialize to write it out. If config is nil, sensible defaults will be used.
func (sig *Signature) SignKey(pub *PublicKey, priv *PrivateKey, config *Config) error
SignKey computes a signature from priv, asserting that pub is a subkey. On success, the signature is stored in sig. Call Serialize to write it out. If config is nil, sensible defaults will be used.
func (sig *Signature) SignUserId(id string, pub *PublicKey, priv *PrivateKey, config *Config) error
SignUserId computes a signature from priv, asserting that pub is a valid key for the identity id. On success, the signature is stored in sig. Call Serialize to write it out. If config is nil, sensible defaults will be used.
SignatureType represents the different semantic meanings of an OpenPGP signature. See RFC 4880, section 5.2.1.
type SignatureType uint8
SymmetricKeyEncrypted represents a passphrase protected session key. See RFC 4880, section 5.3.
type SymmetricKeyEncrypted struct {
Version int
CipherFunc CipherFunction
Mode AEADMode
// contains filtered or unexported fields
}
func (ske *SymmetricKeyEncrypted) Decrypt(passphrase []byte) ([]byte, CipherFunction, error)
Decrypt attempts to decrypt an encrypted session key and returns the key and the cipher to use when decrypting a subsequent Symmetrically Encrypted Data packet.
SymmetricallyEncrypted represents a symmetrically encrypted byte string. The encrypted Contents will consist of more OpenPGP packets. See RFC 4880, sections 5.7 and 5.13.
type SymmetricallyEncrypted struct {
Version int
Contents io.Reader // contains tag for version 2
IntegrityProtected bool // If true it is type 18 (with MDC or AEAD). False is packet type 9
// Specific to version 2
Cipher CipherFunction
Mode AEADMode
ChunkSizeByte byte
Salt [aeadSaltSize]byte
// contains filtered or unexported fields
}
func (se *SymmetricallyEncrypted) Decrypt(c CipherFunction, key []byte) (io.ReadCloser, error)
Decrypt returns a ReadCloser, from which the decrypted Contents of the packet can be read. An incorrect key will only be detected after trying to decrypt the entire data.
TrustAmount represents a trust amount per RFC4880 5.2.3.13
type TrustAmount uint8
TrustLevel represents a trust level per RFC4880 5.2.3.13
type TrustLevel uint8
UserAttribute is capable of storing other types of data about a user beyond name, email and a text comment. In practice, user attributes are typically used to store a signed thumbnail photo JPEG image of the user. See RFC 4880, section 5.12.
type UserAttribute struct {
Contents []*OpaqueSubpacket
}
func NewUserAttribute(contents ...*OpaqueSubpacket) *UserAttribute
NewUserAttribute creates a new user attribute packet containing the given subpackets.
func NewUserAttributePhoto(photos ...image.Image) (uat *UserAttribute, err error)
NewUserAttributePhoto creates a user attribute packet containing the given images.
func (uat *UserAttribute) ImageData() (imageData [][]byte)
ImageData returns zero or more byte slices, each containing JPEG File Interchange Format (JFIF), for each photo in the user attribute packet.
func (uat *UserAttribute) Serialize(w io.Writer) (err error)
Serialize marshals the user attribute to w in the form of an OpenPGP packet, including header.
UserId contains text that is intended to represent the name and email address of the key holder. See RFC 4880, section 5.11. By convention, this takes the form "Full Name (Comment) <email@example.com>"
type UserId struct {
Id string // By convention, this takes the form "Full Name (Comment) <email@example.com>" which is split out in the fields below.
Name, Comment, Email string
}
func NewUserId(name, comment, email string) *UserId
NewUserId returns a UserId or nil if any of the arguments contain invalid characters. The invalid characters are '\x00', '(', ')', '<' and '>'
func (uid *UserId) Serialize(w io.Writer) error
Serialize marshals uid to w in the form of an OpenPGP packet, including header.