-
Notifications
You must be signed in to change notification settings - Fork 11
/
Copy pathkeyinfo.go
138 lines (123 loc) · 3.08 KB
/
keyinfo.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
package main
import (
"crypto/rsa"
"crypto/sha1"
"fmt"
"os"
"strings"
"sync"
"github.com/proglottis/gpgme"
"golang.org/x/crypto/openpgp"
"golang.org/x/crypto/openpgp/packet"
)
// GPGME gets very sad when run from lots of goroutines at the same time
// this lock ensures that all operations are serialized.
var gpgmeMutex sync.Mutex
func findKey(keypath string) uint64 {
r, _ := os.Open(keypath)
packets := packet.NewReader(r)
for {
p, err := packets.Next()
if err != nil {
return 0
}
switch p := p.(type) {
case *packet.EncryptedKey:
return p.KeyId
}
}
}
type KeyInfo struct {
GPGAgentKeyInfo
Algorithm string
Fingerprint string
BitLength uint16
}
// GPGAgentKeyInfo is used for parsing the data from GPGAgent
type GPGAgentKeyInfo struct {
KeyGrip string
Type string
Serial string
IDStr string
Cached bool
Protection string
Fingerprint string
TTL string
Flags string
}
func parseKeyinfo(statusLine string) GPGAgentKeyInfo {
parts := strings.Split(statusLine, " ")
return GPGAgentKeyInfo{
KeyGrip: parts[0],
Type: parts[1],
Serial: parts[2],
IDStr: parts[3],
Cached: parts[4] == "1",
Protection: parts[5],
Fingerprint: parts[6],
TTL: parts[7],
Flags: parts[8],
}
}
func (p *Password) isCached() bool {
ki := p.KeyInfo()
return ki.Cached
}
var algoNames map[packet.PublicKeyAlgorithm]string
func init() {
algoNames = map[packet.PublicKeyAlgorithm]string{
packet.PubKeyAlgoRSA: "RSA",
packet.PubKeyAlgoRSAEncryptOnly: "RSA Encrypt only",
packet.PubKeyAlgoRSASignOnly: "RSA Sign only",
packet.PubKeyAlgoElGamal: "ElGamal",
packet.PubKeyAlgoDSA: "DSA",
packet.PubKeyAlgoECDH: "ECDH",
packet.PubKeyAlgoECDSA: "ECDSA",
}
}
func algoString(a packet.PublicKeyAlgorithm) string {
return algoNames[a]
}
// KeyInfo gets the KeyInfo for this password
func (p *Password) KeyInfo() KeyInfo {
gpgmeMutex.Lock()
defer gpgmeMutex.Unlock()
// Find the keyID for the encrypted data
encKeyID := findKey(p.Path)
// Extract key from gpgme
c, _ := gpgme.New()
allKeys, err := gpgme.NewData()
if err := c.Export(0, allKeys); err != nil {
fmt.Printf("error reading all keys %s", err)
}
allKeys.Seek(0, 0)
el, err := openpgp.ReadKeyRing(allKeys)
if err != nil {
fmt.Println("Failed to open keyring: ", err.Error())
}
encKeys := el.KeysById(encKeyID)
// Get the keyInfo for the file
var ki KeyInfo
if len(encKeys) > 0 {
theKey := encKeys[0].PublicKey
k := theKey.PublicKey
switch k := k.(type) {
case *rsa.PublicKey:
out := sha1.Sum(append([]byte{0}, k.N.Bytes()...))
keygrip := fmt.Sprintf("%X", out)
c.SetProtocol(gpgme.ProtocolAssuan)
c.AssuanSend("keyinfo "+keygrip, nil, nil,
func(status string, args string) error {
ki.GPGAgentKeyInfo = parseKeyinfo(args)
return nil
})
ki.Fingerprint = theKey.KeyIdShortString()
ki.Algorithm = algoString(theKey.PubKeyAlgo)
bl, _ := theKey.BitLength()
ki.BitLength = bl
default:
fmt.Println("Unknown crypto")
}
}
return ki
}