Fix key generation

Generated keys can now be imported into gpg.
This commit is contained in:
Zorchenhimer 2024-08-04 18:27:29 -04:00
parent 4c2df57ff8
commit af49f90d0a
Signed by: Zorchenhimer
GPG Key ID: 70A1AB767AAB9C20
6 changed files with 55 additions and 70 deletions

Binary file not shown.

View File

@ -1,16 +1,19 @@
package main
import (
"crypto/rand"
"crypto/rsa"
"crypto/x509"
"encoding/pem"
//"crypto/rand"
//"crypto/rsa"
//"crypto/x509"
//"encoding/pem"
"fmt"
"os"
"path/filepath"
//"bytes"
//"io"
//"github.com/ProtonMail/go-crypto/openpgp/armor"
"github.com/ProtonMail/go-crypto/openpgp"
"github.com/ProtonMail/go-crypto/openpgp/packet"
"github.com/ProtonMail/go-crypto/openpgp/armor"
)
func main() {
@ -21,19 +24,19 @@ func main() {
}
}
func run() error {
names := []string{
"internal-A",
"internal-B",
"customer-A",
"customer-B",
"customer-C",
type Ident struct {
Name, Comment, Email string
}
for _, name := range names {
fmt.Println("Generating keypair for", name)
err := keypair(name)
func run() error {
idents := []Ident{
{"Company", "", "main@company.com"},
{"Customer", "", "customer@example.com"},
}
for _, ident := range idents {
fmt.Println("Generating keypair for", ident.Name)
err := keypair(ident)
if err != nil {
return err
}
@ -46,78 +49,50 @@ const (
keyDir string = "./"
)
func keypair(name string) error {
const bitSize int = 4096
key, err := rsa.GenerateKey(rand.Reader, bitSize)
func keypair(ident Ident) error {
ent, err := openpgp.NewEntity(ident.Name, ident.Comment, ident.Email, &packet.Config{
RSABits: 4096,
Algorithm: packet.PubKeyAlgoRSA,
})
if err != nil {
return err
}
pub := key.Public()
// Public
pubOut, err := os.Create(filepath.Join(keyDir, "public", ident.Name+".asc"))
if err != nil {
return err
}
defer pubOut.Close()
keyPem := pem.EncodeToMemory(
&pem.Block{
Type: "RSA PRIVATE KEY",
Bytes: x509.MarshalPKCS1PrivateKey(key),
},
)
pubWriter, err := armor.Encode(pubOut, "PGP PUBLIC KEY BLOCK", nil)
if err != nil {
return err
}
defer pubWriter.Close()
pubPem := pem.EncodeToMemory(
&pem.Block{
Type: "RSA PUBLIC KEY",
Bytes: x509.MarshalPKCS1PublicKey(pub.(*rsa.PublicKey)),
},
)
err = os.WriteFile(filepath.Join(keyDir, "public", name+".pem"), pubPem, 0644)
err = ent.Serialize(pubWriter)
if err != nil {
return err
}
err = os.WriteFile(filepath.Join(keyDir, "private", name+".pem"), keyPem, 0644)
// Private
privOut, err := os.Create(filepath.Join(keyDir, "private", ident.Name+".asc"))
if err != nil {
return err
}
defer privOut.Close()
pubDerRaw, err := x509.MarshalPKIXPublicKey(pub.(*rsa.PublicKey))
privWriter, err := armor.Encode(privOut, "PGP PRIVATE KEY BLOCK", nil)
if err != nil {
return err
}
defer privWriter.Close()
pubDer := pem.EncodeToMemory(
&pem.Block{
Type: "RSA PUBLIC KEY",
Bytes: pubDerRaw,
},
)
err = os.WriteFile(filepath.Join(keyDir, "public", name+".asc"), pubDer, 0644)
err = ent.SerializePrivate(privWriter, nil)
if err != nil {
return err
}
//err = encodeToArmor(filepath.Join(keyDir, "public", name+".asc"), pub.(*rsa.PublicKey))
//if err != nil {
// return err
//}
return nil
}
//func encodeToArmor(filename string, key *rsa.PublicKey) error {
// outfile, err := os.Create(filename)
// if err != nil {
// return err
// }
// defer outfile.Close()
//
// writer, err := armor.Encode(outfile, "PGP PUBLIC KEY", nil)
// if err != nil {
// return err
// }
// defer writer.Close()
//
// _, err = writer.Write(key.)
// return err
//}

Binary file not shown.

1
keys/private/.gitignore vendored Normal file
View File

@ -0,0 +1 @@
*.asc

1
keys/public/.gitignore vendored Normal file
View File

@ -0,0 +1 @@
*.asc

View File

@ -122,6 +122,7 @@ func (s *Server) handler_privatekey(w http.ResponseWriter, r *http.Request) {
func (s *Server) findPrivKey(search string) *openpgp.Entity {
for _, k := range s.PrivateKeys {
fmt.Printf("%X\n", k.PrimaryKey.KeyId)
for _, id := range k.Identities {
if strings.ToLower(id.UserId.Name) == search {
return k
@ -133,6 +134,10 @@ func (s *Server) findPrivKey(search string) *openpgp.Entity {
}
for _, sub := range k.Subkeys {
fmt.Printf("%#v\n", sub)
if sub.PrivateKey == nil {
continue
}
if fmt.Sprintf("%x", sub.PrivateKey.KeyId) == search {
return k
}
@ -186,12 +191,15 @@ func handler_default(w http.ResponseWriter, r *http.Request) {
func run() error {
sv, err := NewServer(
[]string{
"keys/gpg-generated/cust-a.pub",
"keys/gpg-generated/cust-b.pub",
"keys/gpg-generated/internal-public.asc",
//"keys/gpg-generated/cust-a.pub",
//"keys/gpg-generated/cust-b.pub",
//"keys/gpg-generated/internal-public.asc",
"keys/public/Customer.asc",
"keys/public/Company.asc",
},
[]string{
"keys/gpg-generated/internal-private.asc",
//"keys/gpg-generated/internal-private.asc",
"keys/private/Company.asc",
},
)
if err != nil {