Browse Source

Initial commit. Working example that encrypts then decrypts a string.

Peter Valdez 4 years ago
commit
bc6faf0b01
2 changed files with 152 additions and 0 deletions
  1. 1 0
      .gitignore
  2. 151 0
      secret.go

+ 1 - 0
.gitignore

@@ -0,0 +1 @@
1
+/secret

+ 151 - 0
secret.go

@@ -0,0 +1,151 @@
1
+package main
2
+
3
+import (
4
+	"bytes"
5
+	"code.google.com/p/go.crypto/openpgp"
6
+	"encoding/base64"
7
+	"flag"
8
+	"fmt"
9
+	"github.com/howeyc/gopass"
10
+	"io/ioutil"
11
+	"log"
12
+	"os"
13
+)
14
+
15
+// Commmand line arguments
16
+var verbose = flag.Bool("v", false, "Make the output verbose.")
17
+
18
+// create gpg keys with
19
+// $ gpg --gen-key
20
+// ensure you correct paths and passphrase
21
+
22
+const mysecretstring = "this is so very secret!"
23
+const prefix = "/Users/peter/"
24
+const secretKeyring = prefix + ".gnupg/secring.gpg"
25
+const publicKeyring = prefix + ".gnupg/pubring.gpg"
26
+
27
+func encryptMessage() error {
28
+	fmt.Println("Secret:", mysecretstring)
29
+
30
+	// Read in public key
31
+	keyringFileBuffer, _ := os.Open(publicKeyring)
32
+	defer keyringFileBuffer.Close()
33
+	entitylist, err := openpgp.ReadKeyRing(keyringFileBuffer)
34
+	if err != nil {
35
+		return err
36
+	}
37
+
38
+	// Encrypt string
39
+	buf := new(bytes.Buffer)
40
+	w, err := openpgp.Encrypt(buf, entitylist, nil, nil, nil)
41
+	if err != nil {
42
+		return err
43
+	}
44
+	_, err = w.Write([]byte(mysecretstring))
45
+	if err != nil {
46
+		return err
47
+	}
48
+	err = w.Close()
49
+	if err != nil {
50
+		return err
51
+	}
52
+
53
+	// Encode to base64
54
+	bytesp, err := ioutil.ReadAll(buf)
55
+	if err != nil {
56
+		return err
57
+	}
58
+	encstr := base64.StdEncoding.EncodeToString(bytesp)
59
+
60
+	// Output encrypted/encoded string
61
+	if *verbose {
62
+		fmt.Println("Encrypted Secret:", encstr)
63
+	}
64
+
65
+	// Here is where I would transfer the encrypted string to someone else
66
+	// but we'll just decrypt it in the same code
67
+
68
+	// Init some vars
69
+	var entity2 *openpgp.Entity
70
+	var entitylist2 openpgp.EntityList
71
+
72
+	// Open the private key file
73
+	keyringFileBuffer2, err := os.Open(secretKeyring)
74
+	if err != nil {
75
+		return err
76
+	}
77
+	defer keyringFileBuffer2.Close()
78
+	entitylist2, err = openpgp.ReadKeyRing(keyringFileBuffer2)
79
+	if err != nil {
80
+		return err
81
+	}
82
+	entity2 = entitylist2[0]
83
+
84
+	// Get the passphrase and read the private key.
85
+	// Have not touched the encrypted string yet
86
+	if *verbose {
87
+		fmt.Println("Decrypting private key using passphrase")
88
+	}
89
+	if !decryptKey(entity2) {
90
+		fmt.Println("Incorrect password. Exiting.")
91
+		return nil
92
+	}
93
+	//for !decryptKey(entity2) {
94
+	//}
95
+	if *verbose {
96
+		fmt.Println("Finished decrypting private key using passphrase")
97
+	}
98
+
99
+	// Decode the base64 string
100
+	dec, err := base64.StdEncoding.DecodeString(encstr)
101
+	if err != nil {
102
+		return err
103
+	}
104
+
105
+	// Decrypt it with the contents of the private key
106
+	md, err := openpgp.ReadMessage(bytes.NewBuffer(dec), entitylist2, nil, nil)
107
+	if err != nil {
108
+		return err
109
+	}
110
+	bytess, err := ioutil.ReadAll(md.UnverifiedBody)
111
+	if err != nil {
112
+		return err
113
+	}
114
+	decstr := string(bytess)
115
+
116
+	// Should be done
117
+	fmt.Println("Decrypted Secret:", decstr)
118
+
119
+	return nil
120
+}
121
+
122
+func decryptKey(entity *openpgp.Entity) bool {
123
+	// Get the password
124
+	fmt.Printf("Password: ")
125
+	passphrase := gopass.GetPasswd()
126
+	passphrasebyte := []byte(passphrase)
127
+
128
+	// Decrypt the key and subkeys
129
+	err := entity.PrivateKey.Decrypt(passphrasebyte)
130
+	if err != nil {
131
+		return false
132
+	}
133
+	for _, subkey := range entity.Subkeys {
134
+		err := subkey.PrivateKey.Decrypt(passphrasebyte)
135
+		if err != nil {
136
+			return false
137
+		}
138
+	}
139
+
140
+	return true
141
+}
142
+
143
+func main() {
144
+	// Parse command line arguments
145
+	flag.Parse()
146
+
147
+	err := encryptMessage()
148
+	if err != nil {
149
+		log.Fatal(err)
150
+	}
151
+}