Documentation
¶
Overview ¶
Package gpg provides utilities for working with OpenPGP keys and signatures.
This package supports:
- Loading and parsing OpenPGP public keys
- Keyring management for multiple keys
- Signature verification using OpenPGP keys
- Integration with certificate validation workflows
The package is commonly used for verifying signatures on software packages and validating the authenticity of downloaded certificates or other artifacts.
Index ¶
- func Convert509CertificateToPGPPublicKey(c *x509.Certificate) *packet.PublicKey
- func ConvertLocalSignerToPgpPrivateKey(creationTime time.Time, signer crypto.Signer) *packet.PrivateKey
- func ConvertPemToPgpPrivateKey(creationTime time.Time, privateKeyPem []byte) (*packet.PrivateKey, error)
- func ConvertPublicKeyToPGP(creationTime time.Time, pub crypto.PublicKey) *packet.PublicKey
- func ConvertToPacketPrivateKey(creationTime time.Time, s crypto.PrivateKey) (*packet.PrivateKey, error)
- func ConvertTopX509CertificateToPGPPublicKey(certificateChainPem string) (*packet.PublicKey, error)
- func CreateOpenPGPEntity(pubKey *packet.PublicKey, privKey *packet.PrivateKey, uid *packet.UserId, ...) (*openpgp.Entity, error)
- func DecodeArmoredPgpSignature(armored io.Reader) (*packet.Signature, error)
- func DecodePGPEntityFromPEM(r io.Reader) (*openpgp.Entity, error)
- func EncodePGPEntityToPEM(e *openpgp.Entity) ([]byte, error)
- func GetPgpPubkeyAlgo(pubkey *packet.PublicKey) (string, error)
- func KeyRing(data []byte) (openpgp.EntityList, error)
- func KeyRingFromFile(path string) (openpgp.EntityList, error)
- func KeyRingFromFiles(files []string) (openpgp.EntityList, error)
- func OpenpgpDetachSign(message io.Reader, w io.Writer, signer *openpgp.Entity, ...) (err error)
- func VerifySignaturePGP(signed hash.Hash, pemSignature string, pubkey *packet.PublicKey) error
- type OpenPGPEntityOp
- type OpenpgpSignatureType
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Convert509CertificateToPGPPublicKey ¶
func Convert509CertificateToPGPPublicKey(c *x509.Certificate) *packet.PublicKey
Convert509CertificateToPGPPublicKey returns PGP public key from x509.Certificate
func ConvertLocalSignerToPgpPrivateKey ¶
func ConvertLocalSignerToPgpPrivateKey(creationTime time.Time, signer crypto.Signer) *packet.PrivateKey
ConvertLocalSignerToPgpPrivateKey creates a sign-only PrivateKey from a crypto.Signer that implements RSA or ECDSA.
func ConvertPemToPgpPrivateKey ¶
func ConvertPemToPgpPrivateKey(creationTime time.Time, privateKeyPem []byte) (*packet.PrivateKey, error)
ConvertPemToPgpPrivateKey parses a PEM encoded private key.
func ConvertPublicKeyToPGP ¶
ConvertPublicKeyToPGP returns PGP public key
func ConvertToPacketPrivateKey ¶
func ConvertToPacketPrivateKey(creationTime time.Time, s crypto.PrivateKey) (*packet.PrivateKey, error)
ConvertToPacketPrivateKey converts a private key interface to PKCS11PrivateKey type
func ConvertTopX509CertificateToPGPPublicKey ¶
ConvertTopX509CertificateToPGPPublicKey converts certificate in PEM fromat to PGP public key
func CreateOpenPGPEntity ¶
func CreateOpenPGPEntity(pubKey *packet.PublicKey, privKey *packet.PrivateKey, uid *packet.UserId, ops OpenPGPEntityOp) (*openpgp.Entity, error)
CreateOpenPGPEntity creates PGP signer from private and public keys
func DecodeArmoredPgpSignature ¶
DecodeArmoredPgpSignature decodes PGP signature
func DecodePGPEntityFromPEM ¶
DecodePGPEntityFromPEM reads Entity from the given io.Reader
func EncodePGPEntityToPEM ¶
EncodePGPEntityToPEM returns PEM encoded Entity's Public Key
func GetPgpPubkeyAlgo ¶
GetPgpPubkeyAlgo returns algorithm in RSA2048 or ECDSA format
func KeyRing ¶
func KeyRing(data []byte) (openpgp.EntityList, error)
KeyRing reads a openpgp.KeyRing from the given io.Reader which may then be used to validate GPG keys in RPM packages.
func KeyRingFromFile ¶
func KeyRingFromFile(path string) (openpgp.EntityList, error)
KeyRingFromFile reads a openpgp.KeyRing from the given file path which may then be used to validate GPG keys in RPM packages.
func KeyRingFromFiles ¶
func KeyRingFromFiles(files []string) (openpgp.EntityList, error)
KeyRingFromFiles reads a openpgp.KeyRing from the given file paths which may then be used to validate GPG keys in RPM packages.
This function might typically be used to read all keys in /etc/pki/rpm-gpg.
Types ¶
type OpenPGPEntityOp ¶
type OpenPGPEntityOp int
OpenPGPEntityOp specifies operation to perform on Entity
const ( // OpenPGPEntityOpNone specifies not to perform any operation OpenPGPEntityOpNone OpenPGPEntityOp = 0 // OpenPGPEntitySignSelf specifies to sign self OpenPGPEntitySignSelf OpenPGPEntityOp = 1 << iota // 1 << 0 which is 00000001 // OpenPGPEntitySignSubkeys specifies to sign subkeys OpenPGPEntitySignSubkeys // OpenPGPEntitySignIdentity specifies to sign Identity OpenPGPEntitySignIdentity // OpenPGPEntitySignAll specifies to sign Identity, subkeys, self OpenPGPEntitySignAll = OpenPGPEntitySignSubkeys | OpenPGPEntitySignSelf // | OpenPGPEntitySignIdentity )
type OpenpgpSignatureType ¶
type OpenpgpSignatureType packet.SignatureType
OpenpgpSignatureType represents the different semantic meanings of an OpenPGP signature. See RFC 4880, section 5.2.1.
const ( // OpenpgpSigTypeBinary specifies Binary signature format OpenpgpSigTypeBinary OpenpgpSignatureType = 0 // OpenpgpSigTypeText specifies Text signature format OpenpgpSigTypeText = 1 )
Source Files