func (fe *FileEntityFetcher) FetchEntity(keyId string) (*openpgp.Entity, error) { f, err := wkfs.Open(fe.File) if err != nil { return nil, fmt.Errorf("jsonsign: FetchEntity: %v", err) } defer f.Close() el, err := openpgp.ReadKeyRing(f) if err != nil { return nil, fmt.Errorf("jsonsign: openpgp.ReadKeyRing of %q: %v", fe.File, err) } for _, e := range el { pubk := &e.PrivateKey.PublicKey if pubk.KeyIdString() != keyId { continue } if e.PrivateKey.Encrypted { if err := fe.decryptEntity(e); err == nil { return e, nil } else { return nil, err } } return e, nil } return nil, fmt.Errorf("jsonsign: entity for keyid %q not found in %q", keyId, fe.File) }
// KeyIdFromRing returns the public keyId contained in the secret // ring file secRing. It expects only one keyId in this secret ring // and returns an error otherwise. func KeyIdFromRing(secRing string) (keyId string, err error) { f, err := os.Open(secRing) if err != nil { return "", fmt.Errorf("Could not open secret ring file %v: %v", secRing, err) } defer f.Close() el, err := openpgp.ReadKeyRing(f) if err != nil { return "", fmt.Errorf("Could not read secret ring file %s: %v", secRing, err) } if len(el) != 1 { return "", fmt.Errorf("Secret ring file %v contained %d identities; expected 1", secRing, len(el)) } ent := el[0] return ent.PrimaryKey.KeyIdShortString(), nil }
func keyIdFromRing(filename string) (keyId string, err error) { f, err := os.Open(filename) if err != nil { return "", fmt.Errorf("reading identity secret ring file: %v", err) } defer f.Close() el, err := openpgp.ReadKeyRing(f) if err != nil { return "", fmt.Errorf("reading identity secret ring file %s: %v", filename, err) } if len(el) != 1 { return "", fmt.Errorf("identity secret ring file contained %d identities; expected 1", len(el)) } ent := el[0] return ent.PrimaryKey.KeyIdShortString(), nil }
// EntityFromSecring returns the openpgp Entity from keyFile that matches keyId. // If empty, keyFile defaults to osutil.SecretRingFile(). func EntityFromSecring(keyId, keyFile string) (*openpgp.Entity, error) { if keyId == "" { return nil, errors.New("empty keyId passed to EntityFromSecring") } keyId = strings.ToUpper(keyId) if keyFile == "" { keyFile = osutil.SecretRingFile() } secring, err := wkfs.Open(keyFile) if err != nil { return nil, fmt.Errorf("jsonsign: failed to open keyring: %v", err) } defer secring.Close() el, err := openpgp.ReadKeyRing(secring) if err != nil { return nil, fmt.Errorf("openpgp.ReadKeyRing of %q: %v", keyFile, err) } var entity *openpgp.Entity for _, e := range el { pk := e.PrivateKey if pk == nil || (pk.KeyIdString() != keyId && pk.KeyIdShortString() != keyId) { continue } entity = e } if entity == nil { found := []string{} for _, e := range el { pk := e.PrivateKey if pk == nil { continue } found = append(found, pk.KeyIdShortString()) } return nil, fmt.Errorf("didn't find a key in %q for keyId %q; other keyIds in file = %v", keyFile, keyId, found) } return entity, nil }
func TestWriteKeyRing(t *testing.T) { ent, err := EntityFromSecring("26F5ABDA", "testdata/test-secring.gpg") if err != nil { t.Fatalf("NewEntity: %v", err) } var buf bytes.Buffer err = WriteKeyRing(&buf, openpgp.EntityList([]*openpgp.Entity{ent})) if err != nil { t.Fatalf("WriteKeyRing: %v", err) } el, err := openpgp.ReadKeyRing(&buf) if err != nil { t.Fatalf("ReadKeyRing: %v", err) } if len(el) != 1 { t.Fatalf("ReadKeyRing read %d entities; want 1", len(el)) } orig := entityString(ent) got := entityString(el[0]) if orig != got { t.Fatalf("original vs. wrote-then-read entities differ:\norig: %s\n got: %s", orig, got) } }