Last active
July 23, 2024 19:09
-
-
Save ayubmalik/a83ee23c7c700cdce2f8c5bf5f2e9f20 to your computer and use it in GitHub Desktop.
Golang encrypt file using GPG openpgp. Use standard go libs.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| /** | |
| Example hack to encrypt a file using a GPG encryption key. Works with GPG v2.x. | |
| The encrypted file e.g. /tmp/data.txt.gpg can then be decrypted using the standard command | |
| gpg /tmp/data.txt.gpg | |
| Assumes you have **created** an encryption key and exported armored version. | |
| You have to read the armored key directly as Go cannot read pubring.kbx (yet). | |
| Export your key using command: | |
| gpg2 --export --armor [KEY ID] > /tmp/pubKey.asc | |
| */ | |
| import ( | |
| "fmt" | |
| "golang.org/x/crypto/openpgp" | |
| "golang.org/x/crypto/openpgp/armor" | |
| "golang.org/x/crypto/openpgp/packet" | |
| "io" | |
| "log" | |
| "os" | |
| ) | |
| // change as required | |
| const pubKey = "/tmp/pubKey.asc" | |
| const fileToEnc = "/tmp/data.txt" | |
| func main() { | |
| log.Println("Public key:", pubKey) | |
| // Read in public key | |
| recipient, err := readEntity(pubKey) | |
| if err != nil { | |
| fmt.Println(err) | |
| return | |
| } | |
| f, err := os.Open(fileToEnc) | |
| if err != nil { | |
| fmt.Println(err) | |
| return | |
| } | |
| defer f.Close() | |
| dst, err := os.Create(fileToEnc + ".gpg") | |
| if err != nil { | |
| fmt.Println(err) | |
| return | |
| } | |
| defer dst.Close() | |
| encrypt([]*openpgp.Entity{recipient}, nil, f, dst) | |
| } | |
| func encrypt(recip []*openpgp.Entity, signer *openpgp.Entity, r io.Reader, w io.Writer) error { | |
| wc, err := openpgp.Encrypt(w, recip, signer, &openpgp.FileHints{IsBinary: true}, nil) | |
| if err != nil { | |
| return err | |
| } | |
| if _, err := io.Copy(wc, r); err != nil { | |
| return err | |
| } | |
| return wc.Close() | |
| } | |
| func readEntity(name string) (*openpgp.Entity, error) { | |
| f, err := os.Open(name) | |
| if err != nil { | |
| return nil, err | |
| } | |
| defer f.Close() | |
| block, err := armor.Decode(f) | |
| if err != nil { | |
| return nil, err | |
| } | |
| return openpgp.ReadEntity(packet.NewReader(block.Body)) | |
| } |
Author
ayubmalik
commented
Jul 23, 2024
via email
I have not done this recently but you just need to sign a hash of the file
(or any data) using the "crypto/rsa.SignPKCS1v15" or similar.
See https://gist.github.com/hansstimer/3517906 for an example.
Let me know if that makes sense.
…On Sat, 20 Jul 2024 at 15:48, Ismail Zakky ***@***.***> wrote:
***@***.**** commented on this gist.
------------------------------
hi @ayubmalik <https://github.com/ayubmalik> great script you have there,
but i have a question,
i have a case where i need to encrypt the file using another user
publicKey, and sign using my private key
and the output is 1 gpg file,
any clue how to do that?
since in your example you already did encrypt the file and put it into gpg
file.
Thank You
—
Reply to this email directly, view it on GitHub
<https://gist.github.com/ayubmalik/a83ee23c7c700cdce2f8c5bf5f2e9f20#gistcomment-5127683>
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAJQCZHK6QFMG2IKK46UTM3ZNJ2CDBFKMF2HI4TJMJ2XIZLTSKBKK5TBNR2WLJDUOJ2WLJDOMFWWLO3UNBZGKYLEL5YGC4TUNFRWS4DBNZ2F6YLDORUXM2LUPGBKK5TBNR2WLJDHNFZXJJDOMFWWLK3UNBZGKYLEL52HS4DFVRZXKYTKMVRXIX3UPFYGLK2HNFZXIQ3PNVWWK3TUUZ2G64DJMNZZDAVEOR4XAZNEM5UXG5FFOZQWY5LFVA4DSNJVGMZDMOFHORZGSZ3HMVZKMY3SMVQXIZI>
.
You are receiving this email because you were mentioned.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>
.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment