Beispiel #1
0
// DecryptAsymmetricPGP decrypts an OpenPGP message using GnuPG.
func DecryptAsymmetricPGP(encryptedData []byte, passphrase string) ([]byte, error) {
	// Decrypt store data
	decryptionKeys, err := openpgp.ReadSecRing(GnupgSecring())
	if err != nil {
		return nil, err
	}

	plainData, err := openpgp.Decrypt(encryptedData, decryptionKeys, passphrase)
	if err != nil {
		return nil, err
	}

	return plainData, nil
}
Beispiel #2
0
func upgradeZeroDotThreeToNext(d []byte) ([]byte, error) {
	var err error

	// Assert input data are in the expected version format
	validVersion := isVersionZeroDotThreeDotZero(d)
	if !validVersion {
		return nil, fmt.Errorf("Provided input data not matching version 0.3 format")
	}

	// Declaring and instanciating a type matching
	// the 0.3 version store format
	legacyStore := struct {
		Meta map[string]interface{} `json:"_meta"`
		Data map[string]interface{} `json:"data"`
	}{
		Meta: make(map[string]interface{}),
		Data: make(map[string]interface{}),
	}

	// Retrieve secret ring keys from openpgp
	decryptionKeys, err := openpgp.ReadSecRing(openpgp.SecringFile)
	if err != nil {
		return nil, err
	}

	// Decrypt store version 0.3 (aka legacy)
	plainData, err := openpgp.Decrypt(d, decryptionKeys, GetPassphrase())
	if err != nil {
		return nil, err
	}

	// Unmarshal it's content into the legacyStore
	err = json.Unmarshal(plainData, &legacyStore)
	if err != nil {
		return nil, err
	}

	// Declaring and instanciating a type matching
	// the 0.4 version store format so we can inject the
	// legacy data  into it
	newStore := struct {
		Meta map[string]interface{} `json:"meta"`
		Data map[string]interface{} `json:"store"`
	}{
		Meta: legacyStore.Meta,
		Data: legacyStore.Data,
	}

	// Encode it in json
	newStoreData, err := json.Marshal(newStore)
	if err != nil {
		return nil, err
	}

	// Retrieve legacyStore recipients
	var recipients []string
	for _, r := range legacyStore.Meta["recipients"].([]interface{}) {
		recipients = append(recipients, r.(string))
	}

	// Read the public openpgp ring to retrieve the recipients public keys
	encryptionKeys, err := openpgp.ReadPubRing(openpgp.PubringFile, recipients)
	if err != nil {
		return nil, err
	}

	// Encrypt the encoded newStore content
	encryptedData, err := openpgp.Encrypt(newStoreData, encryptionKeys)
	if err != nil {
		return nil, err
	}

	// Declaring and instanciating a type matching
	// the 0.4 version trousseau data store format
	// so we can inject the encrypted store into it
	newTrousseau := struct {
		CryptoAlgorithm CryptoAlgorithm `json:"crypto_algorithm"`
		CryptoType      CryptoType      `json:"crypto_type"`
		Data            []byte          `json:"_data"`
	}{
		CryptoAlgorithm: GPG_ENCRYPTION,
		CryptoType:      ASYMMETRIC_ENCRYPTION,
		Data:            encryptedData,
	}

	// Encode the new trousseau data store
	trousseau, err := json.Marshal(newTrousseau)
	if err != nil {
		return nil, err
	}

	return trousseau, nil
}