func writePrivateKeyToFile(entity *openpgp.Entity, privateKeyFile string) error {
privKey, err := os.OpenFile(privateKeyFile, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0400)
if err != nil {
return err
}
w, err := armor.Encode(
privKey,
openpgp.PrivateKeyType,
map[string]string{
"Comment": "Key pair generated by generic worker",
},
)
if err != nil {
return err
}
defer func() {
w.Close()
fmt.Fprintln(privKey)
privKey.Close()
}()
err = entity.SerializePrivate(w, nil)
if err != nil {
return err
}
return nil
}
// GetArmoredPublicKey returns an armored public key for entity.
func GetArmoredPublicKey(ent *openpgp.Entity) ([]byte, error) {
out := new(bytes.Buffer)
wrt, err := armor.Encode(out, openpgp.PublicKeyType, nil)
if err != nil {
return nil, err
}
err = ent.Serialize(wrt)
wrt.Close()
if err != nil {
return nil, err
}
return out.Bytes(), nil
}
func Private(entity *openpgp.Entity) (string, error) {
var output bytes.Buffer
writeBuffer := bufio.NewWriter(&output)
private, err := armor.Encode(writeBuffer, openpgp.PrivateKeyType, nil)
if err != nil {
log.PrintError("authit.crypto.Private", err)
return "", err
}
entity.SerializePrivate(private, nil)
private.Close()
writeBuffer.Flush()
return output.String(), nil
}
func Public(entity *openpgp.Entity) (string, error) {
var output bytes.Buffer
writeBuffer := bufio.NewWriter(&output)
public, err := armor.Encode(writeBuffer, openpgp.PublicKeyType, nil)
if err != nil {
log.PrintError("telem.crypto.Public", err)
return "", err
}
entity.Serialize(public)
public.Close()
writeBuffer.Flush()
return output.String(), nil
}
func writePublicKeyToLog(entity *openpgp.Entity) error {
w, err := armor.Encode(
os.Stdout,
openpgp.PublicKeyType,
map[string]string{
"Comment": "Key pair generated by generic worker",
},
)
if err != nil {
return err
}
defer func() {
w.Close()
fmt.Println()
}()
err = entity.Serialize(w)
if err != nil {
return err
}
return nil
}
func GenerateKey(keyFileBase string) (err error) {
if len(keyFileBase) == 0 {
return errors.New("key file basename must not be emtpy")
}
if isExistingDirectory(keyFileBase) {
return errors.New("key file basename must not be a directory")
}
var f *os.File
var e *openpgp.Entity
name, comment, email := entityData()
e, err = openpgp.NewEntity(name, comment, email, nil)
if err != nil {
return err
}
for _, id := range e.Identities {
id.SelfSignature.PreferredSymmetric = []uint8{
uint8(packet.CipherAES128),
uint8(packet.CipherAES256),
uint8(packet.CipherAES192),
uint8(packet.CipherCAST5),
}
id.SelfSignature.PreferredHash = []uint8{
hashToHashId(crypto.RIPEMD160),
hashToHashId(crypto.SHA256),
hashToHashId(crypto.SHA384),
hashToHashId(crypto.SHA512),
hashToHashId(crypto.SHA224),
hashToHashId(crypto.MD5),
}
id.SelfSignature.PreferredCompression = []uint8{
uint8(packet.CompressionNone),
}
err := id.SelfSignature.SignUserId(id.UserId.Id, e.PrimaryKey, e.PrivateKey, nil)
if err != nil {
return err
}
}
f, err = os.Create(keyFileBase + ".key.asc")
if err != nil {
return err
}
defer f.Close()
if err = f.Chmod(0600); err != nil {
return err
}
w, err := armor.Encode(f, openpgp.PrivateKeyType, nil)
if err != nil {
return err
}
e.SerializePrivate(w, nil)
w.Close()
f.Write([]byte{'\n'})
f, err = os.Create(keyFileBase + ".pub.asc")
if err != nil {
return err
}
defer f.Close()
w, err = armor.Encode(f, openpgp.PublicKeyType, nil)
if err != nil {
return err
}
e.Serialize(w)
w.Close()
f.Write([]byte{'\n'})
return nil
}
