func (d *dashEscaper) Close() (err error) {
if !d.atBeginningOfLine {
if err = d.buffered.WriteByte(lf); err != nil {
return
}
}
sig := new(packet.Signature)
sig.SigType = packet.SigTypeText
sig.PubKeyAlgo = d.privateKey.PubKeyAlgo
sig.Hash = d.hashType
sig.CreationTime = d.config.Now()
sig.IssuerKeyId = &d.privateKey.KeyId
if err = sig.Sign(d.h, d.privateKey, d.config); err != nil {
return
}
out, err := armor.Encode(d.buffered, "PGP SIGNATURE", nil)
if err != nil {
return
}
if err = sig.Serialize(out); err != nil {
return
}
if err = out.Close(); err != nil {
return
}
if err = d.buffered.Flush(); err != nil {
return
}
return
}
func PGPKeyRawToArmored(raw []byte, priv bool) (ret string, err error) {
var writer io.WriteCloser
var out bytes.Buffer
var which string
if priv {
which = "PRIVATE"
} else {
which = "PUBLIC"
}
hdr := fmt.Sprintf("PGP %s KEY BLOCK", which)
writer, err = armor.Encode(&out, hdr, PGPArmorHeaders)
if err != nil {
return
}
if _, err = writer.Write(raw); err != nil {
return
}
writer.Close()
ret = out.String()
return
}
func armoredDetachSign(w io.Writer, signer *Entity, message io.Reader, sigType packet.SignatureType, config *packet.Config) (err error) {
out, err := armor.Encode(w, SignatureType, nil)
if err != nil {
return
}
err = detachSign(out, signer, message, sigType, config)
if err != nil {
return
}
return out.Close()
}
func ArmoredAttachedSign(out io.WriteCloser, signed openpgp.Entity, hints *openpgp.FileHints, config *packet.Config) (in io.WriteCloser, h HashSummer, err error) {
var aout io.WriteCloser
aout, err = armor.Encode(out, "PGP MESSAGE", PGPArmorHeaders)
if err != nil {
return
}
hwc := HashingWriteCloser{aout, sha256.New()}
in, err = openpgp.AttachedSign(hwc, signed, hints, config)
h = func() []byte { return hwc.hasher.Sum(nil) }
return
}
func (k *PGPKeyBundle) EncodeToStream(wc io.WriteCloser) (err error) {
// See Issue #32
var writer io.WriteCloser
writer, err = armor.Encode(wc, "PGP PUBLIC KEY BLOCK", PGPArmorHeaders)
if err != nil {
return
}
if err = k.Entity.Serialize(writer); err != nil {
return
}
if err = writer.Close(); err != nil {
return
}
return
}
func armorKey(t *testing.T, tc libkb.TestContext, email string) (libkb.PGPFingerprint, keybase1.KID, string) {
bundle, err := tc.MakePGPKey(email)
if err != nil {
t.Fatal(err)
}
var buf bytes.Buffer
writer, err := armor.Encode(&buf, "PGP PRIVATE KEY BLOCK", nil)
if err != nil {
t.Fatal(err)
}
if err := bundle.Entity.SerializePrivate(writer, nil); err != nil {
t.Fatal(err)
}
if err := writer.Close(); err != nil {
t.Fatal(err)
}
fp := *bundle.GetFingerprintP()
kid := bundle.GetKID()
return fp, kid, string(buf.Bytes())
}
func (k *PGPKeyBundle) EncodeToStream(wc io.WriteCloser, private bool) error {
// See Issue #32
which := "PUBLIC"
if private {
which = "PRIVATE"
}
writer, err := armor.Encode(wc, fmt.Sprintf("PGP %s KEY BLOCK", which), PGPArmorHeaders)
if err != nil {
return err
}
if private {
err = k.SerializePrivate(writer)
} else {
err = k.Entity.Serialize(writer)
}
if err != nil {
return err
}
return writer.Close()
}
// Run starts the engine.
func (e *PGPEncrypt) Run(ctx *Context) error {
// verify valid options based on logged in state:
ok, err := IsLoggedIn(e, ctx)
if err != nil {
return err
}
if !ok {
// not logged in. this is fine, unless they requested signing the message.
if !e.arg.NoSign {
return libkb.LoginRequiredError{Context: "you must be logged in to sign"}
}
// or trying to encrypt for self
if !e.arg.NoSelf {
return libkb.LoginRequiredError{Context: "you must be logged in to encrypt for yourself"}
}
} else {
me, err := libkb.LoadMe(libkb.NewLoadUserArg(e.G()))
if err != nil {
return err
}
e.me = me
}
var mykey *libkb.PGPKeyBundle
var signer *libkb.PGPKeyBundle
if !e.arg.NoSign {
ska := libkb.SecretKeyArg{
Me: e.me,
KeyType: libkb.PGPKeyType,
KeyQuery: e.arg.KeyQuery,
}
key, err := e.G().Keyrings.GetSecretKeyWithPrompt(ctx.SecretKeyPromptArg(ska, "command-line signature"))
if err != nil {
return err
}
var ok bool
mykey, ok = key.(*libkb.PGPKeyBundle)
if !ok {
return errors.New("Can only sign with PGP keys")
}
signer = mykey
}
usernames, err := e.verifyUsers(ctx, e.arg.Recips, ok)
if err != nil {
return err
}
kfarg := &PGPKeyfinderArg{
Usernames: usernames,
}
kf := NewPGPKeyfinder(kfarg, e.G())
if err := RunEngine(kf, ctx); err != nil {
return err
}
uplus := kf.UsersPlusKeys()
var writer io.WriteCloser
if e.arg.BinaryOutput {
writer = e.arg.Sink
} else {
aw, err := armor.Encode(e.arg.Sink, "PGP MESSAGE", libkb.PGPArmorHeaders)
if err != nil {
return err
}
writer = aw
}
ks := newKeyset()
if !e.arg.NoSelf {
if mykey == nil {
// need to load the public key for the logged in user
mykey, err = e.loadSelfKey()
if err != nil {
return err
}
}
// mykey could still be nil
if mykey != nil {
ks.Add(mykey)
}
}
for _, up := range uplus {
for _, k := range up.Keys {
ks.Add(k)
}
}
recipients := ks.Sorted()
if err := libkb.PGPEncrypt(e.arg.Source, writer, signer, recipients); err != nil {
return err
}
if !e.arg.BinaryOutput {
return e.arg.Sink.Close()
}
return nil
}
