// buildHashSuffix constructs the HashSuffix member of sig in preparation for signing. func (sig *Signature) buildHashSuffix() (err error) { hashedSubpacketsLen := subpacketsLength(sig.outSubpackets, true) var ok bool l := 6 + hashedSubpacketsLen sig.HashSuffix = make([]byte, l+6) sig.HashSuffix[0] = 4 sig.HashSuffix[1] = uint8(sig.SigType) sig.HashSuffix[2] = uint8(sig.PubKeyAlgo) sig.HashSuffix[3], ok = s2k.HashToHashId(sig.Hash) if !ok { sig.HashSuffix = nil return errors.InvalidArgumentError("hash cannot be represented in OpenPGP: " + strconv.Itoa(int(sig.Hash))) } sig.HashSuffix[4] = byte(hashedSubpacketsLen >> 8) sig.HashSuffix[5] = byte(hashedSubpacketsLen) serializeSubpackets(sig.HashSuffix[6:l], sig.outSubpackets, true) trailer := sig.HashSuffix[l:] trailer[0] = 4 trailer[1] = 0xff trailer[2] = byte(l >> 24) trailer[3] = byte(l >> 16) trailer[4] = byte(l >> 8) trailer[5] = byte(l) return }
// Serialize marshals sig to w. Sign, SignUserId or SignKey must have been // called first. func (sig *SignatureV3) Serialize(w io.Writer) (err error) { buf := make([]byte, 8) // Write the sig type and creation time buf[0] = byte(sig.SigType) binary.BigEndian.PutUint32(buf[1:5], uint32(sig.CreationTime.Unix())) if _, err = w.Write(buf[:5]); err != nil { return } // Write the issuer long key ID binary.BigEndian.PutUint64(buf[:8], sig.IssuerKeyId) if _, err = w.Write(buf[:8]); err != nil { return } // Write public key algorithm, hash ID, and hash value buf[0] = byte(sig.PubKeyAlgo) hashId, ok := s2k.HashToHashId(sig.Hash) if !ok { return errors.UnsupportedError(fmt.Sprintf("hash function %v", sig.Hash)) } buf[1] = hashId copy(buf[2:4], sig.HashTag[:]) if _, err = w.Write(buf[:4]); err != nil { return } if sig.RSASignature.bytes == nil && sig.DSASigR.bytes == nil { return errors.InvalidArgumentError("Signature: need to call Sign, SignUserId or SignKey before Serialize") } switch sig.PubKeyAlgo { case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly: err = writeMPIs(w, sig.RSASignature) case PubKeyAlgoDSA: err = writeMPIs(w, sig.DSASigR, sig.DSASigS) default: panic("impossible") } return }
// Serialize marshals the given OnePassSignature to w. func (ops *OnePassSignature) Serialize(w io.Writer) error { var buf [13]byte buf[0] = onePassSignatureVersion buf[1] = uint8(ops.SigType) var ok bool buf[2], ok = s2k.HashToHashId(ops.Hash) if !ok { return errors.UnsupportedError("hash type: " + strconv.Itoa(int(ops.Hash))) } buf[3] = uint8(ops.PubKeyAlgo) binary.BigEndian.PutUint64(buf[4:12], ops.KeyId) if ops.IsLast { buf[12] = 1 } if err := serializeHeader(w, packetTypeOnePassSignature, len(buf)); err != nil { return err } _, err := w.Write(buf[:]) return err }