I'm playing with writing a Go program that downloads and verifies files.
I am hoping to avoid forcing the user to install gnupg (if possible).
Is it possible to verify a downloaded file with a gpg signature (asc file) as described here or here using Go's openpgp lib or some other Go library?
Any examples demonstrating how to use openpgp to verify a file with an asc signature would be appreciated.
I was able to verify a gpg signature using the following code:
package main
import (
"fmt"
"golang.org/x/crypto/openpgp"
"os"
)
func main() {
keyRingReader, err := os.Open("signer-pubkey.asc")
if err != nil {
fmt.Println(err)
return
}
signature, err := os.Open("signature.asc")
if err != nil {
fmt.Println(err)
return
}
verification_target, err := os.Open("mysql-5.7.9-win32.zip")
if err != nil {
fmt.Println(err)
return
}
keyring, err := openpgp.ReadArmoredKeyRing(keyRingReader)
if err != nil {
fmt.Println("Read Armored Key Ring: " + err.Error())
return
}
entity, err := openpgp.CheckArmoredDetachedSignature(keyring, verification_target, signature)
if err != nil {
fmt.Println("Check Detached Signature: " + err.Error())
return
}
fmt.Println(entity)
}
Full code: https://gist.github.com/lsowen/d420a64821414cd2adfb
Related
I want to convert protobuf serialized messages into a human readable JSON format. The major problem I face is that I need to do this without compiling the proto descriptor into Go code beforehand. I have access to the .proto files at runtime, but not at compile time.
I had the impression that the new Protobuf API v2 (https://github.com/protocolbuffers/protobuf-go) supports dynamic deserialization (see package types/dynamicpb), but I couldn't figure out how to use it apparently:
func readDynamically(in []byte) {
// How do I load the required descriptor (for NewMessage()) from my `addressbook.proto` file?)
descriptor := ??
msg := dynamicpb.NewMessage(descriptor)
err := protojson.Unmarshal(in, msg)
if err != nil {
panic(err)
}
}
Above code is annotated with my problem: How can I get the required descriptor for the dynamicpb.NewMessage() from a .proto file?
Should work like this with the dynamicpb package.
func readDynamically(in []byte) {
registry, err := createProtoRegistry(".", "addressbook.proto")
if err != nil {
panic(err)
}
desc, err := registry.FindFileByPath("addressbook.proto")
if err != nil {
panic(err)
}
fd := desc.Messages()
addressBook := fd.ByName("AddressBook")
msg := dynamicpb.NewMessage(addressBook)
err = proto.Unmarshal(in, msg)
jsonBytes, err := protojson.Marshal(msg)
if err != nil {
panic(err)
}
fmt.Println(string(jsonBytes))
if err != nil {
panic(err)
}
}
func createProtoRegistry(srcDir string, filename string) (*protoregistry.Files, error) {
// Create descriptors using the protoc binary.
// Imported dependencies are included so that the descriptors are self-contained.
tmpFile := filename + "-tmp.pb"
cmd := exec.Command("./protoc/protoc",
"--include_imports",
"--descriptor_set_out=" + tmpFile,
"-I"+srcDir,
path.Join(srcDir, filename))
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
err := cmd.Run()
if err != nil {
return nil, err
}
defer os.Remove(tmpFile)
marshalledDescriptorSet, err := ioutil.ReadFile(tmpFile)
if err != nil {
return nil, err
}
descriptorSet := descriptorpb.FileDescriptorSet{}
err = proto.Unmarshal(marshalledDescriptorSet, &descriptorSet)
if err != nil {
return nil, err
}
files, err := protodesc.NewFiles(&descriptorSet)
if err != nil {
return nil, err
}
return files, nil
}
This question is kind of interesting. I have done some works on protobuf plugs. As far as i can tell, additional cli is needed because we don't want to "reinvent the wheel".
Step one, we need protoc to translate ".proto" file to some format so we can get "protoreflect.MessageDescriptor" easily.
This plug is to get raw bytes which protoc sends to other plugs as input.
package main
import (
"fmt"
"io/ioutil"
"os"
)
func main() {
if len(os.Args) == 2 && os.Args[1] == "--version" {
// fmt.Fprintf(os.Stderr, "%v %v\n", filepath.Base(os.Args[0]), version.String())
os.Exit(0)
}
in, err := ioutil.ReadAll(os.Stdin)
if err != nil {
fmt.Printf("error: %v", err)
return
}
ioutil.WriteFile("./out.pb", in, 0755)
}
build and rename it as protoc-gen-raw, then generate protoc --raw_out=./pb ./server.proto, you will get out.pb. Forget your ".proto" file from now on, and put this "out.pb" where you intend to put ".proto". And what we get is official support with this .pb file.
Step 2: Deserialize a protobuf serialized message into JSON.
package main
import (
"fmt"
"io/ioutil"
"google.golang.org/protobuf/proto"
"google.golang.org/protobuf/compiler/protogen"
"google.golang.org/protobuf/encoding/protojson"
"google.golang.org/protobuf/types/dynamicpb"
"google.golang.org/protobuf/types/pluginpb"
)
func main() {
in, err := ioutil.ReadFile("./out.pb")
if err != nil {
fmt.Printf("failed to read proto file: %v", err)
return
}
req := &pluginpb.CodeGeneratorRequest{}
if err := proto.Unmarshal(in, req); err != nil {
fmt.Printf("failed to unmarshal proto: %v", err)
return
}
gen, err := protogen.Options{}.New(req)
if err != nil {
fmt.Printf("failed to create new plugin: %v", err)
return
}
// serialize protobuf message "ServerConfig"
data := &ServerConfig{
GameType: 1,
ServerId: 105,
Host: "host.host.host",
Port: 10024,
}
raw, err := data.Marshal()
if err != nil {
fmt.Printf("failed to marshal protobuf: %v", err)
return
}
for _, f := range gen.Files {
for _, m := range f.Messages {
// "ServerConfig" is the message name of the serialized message
if m.GoIdent.GoName == "ServerConfig" {
// m.Desc is MessageDescriptor
msg := dynamicpb.NewMessage(m.Desc)
// unmarshal []byte into proto message
err := proto.Unmarshal(raw, msg)
if err != nil {
fmt.Printf("failed to Unmarshal protobuf data: %v", err)
return
}
// marshal message into json
jsondata, err := protojson.Marshal(msg)
if err != nil {
fmt.Printf("failed to Marshal to json: %v", err)
return
}
fmt.Printf("out: %v", string(jsondata))
}
}
}
}
// the output is:
// out: {"gameType":1, "serverId":105, "host":"host.host.host", "port":10024}
Need a help here with a symmetric PGP decryption in Golang, I've been trying to run symmetrical decryption on an encrypted hex generated on OpenPGP.js, unfortunately, no success to decrypt in Golang. This is the encryption in JS.
const openpgp = require('openpgp')
async function main() {
let options = {
message: openpgp.message.fromBinary(new Uint8Array([0x01, 0x01, 0x01])), // input as Message object
passwords: ['secret stuff'], // multiple passwords possible
armor: false // don't ASCII armor (for Uint8Array output)
}
const cypher_text = await openpgp.encrypt(options)
const encrypted = cypher_text.message.packets.write()
console.log(Buffer.from(encrypted).toString('hex'))
options = {
message: await openpgp.message.read(encrypted), // parse encrypted bytes
passwords: ['secret stuff'], // decrypt with password
format: 'binary' // output as Uint8Array
}
const decrypted = await openpgp.decrypt(options)
console.log(decrypted.data)
}
main()
console.log >>
c32e040903088c4db97456263252e0ef4f42627301e0ba3323b141a9ebd0476e5fe848d3c2b6021c8c06581ae2d19f7cd23b011b4b3a68758cb6fb12287db2a9ab6fdfad97670ae995e4deb7ca313d0aa705d264850adefb20353b263fc32ff8dc571f6dce8b722ddbdf40a907
Uint8Array [ 1, 1, 1 ]
My code is based on the following GIST https://gist.github.com/jyap808/8250124
package main
import (
"bytes"
"errors"
"io/ioutil"
"log"
"golang.org/x/crypto/openpgp/armor"
"golang.org/x/crypto/openpgp/packet"
"golang.org/x/crypto/openpgp"
)
func main() {
password := []byte("secret stuff")
packetConfig := &packet.Config{
DefaultCipher: packet.CipherAES256,
}
cypherHex := []byte("c32e040903088c4db97456263252e0ef4f42627301e0ba3323b141a9ebd0476e5fe848d3c2b6021c8c06581ae2d19f7cd23b011b4b3a68758cb6fb12287db2a9ab6fdfad97670ae995e4deb7ca313d0aa705d264850adefb20353b263fc32ff8dc571f6dce8b722ddbdf40a907")
encbuf := bytes.NewBuffer(nil)
w, err := armor.Encode(encbuf, openpgp.SignatureType, nil)
if err != nil {
log.Fatal(err)
}
w.Write(cypherHex)
encbuf.Read(cypherHex)
w.Close()
log.Println(encbuf)
decbuf := bytes.NewBuffer([]byte(encbuf.String()))
armorBlock, err := armor.Decode(decbuf)
if err != nil {
log.Fatalf("Failed on decode %+v\n", err)
}
failed := false
prompt := func(keys []openpgp.Key, symmetric bool) ([]byte, error) {
if failed {
return nil, errors.New("decryption failed")
}
return password, nil
}
md, err := openpgp.ReadMessage(armorBlock.Body, nil, prompt, packetConfig)
if err != nil {
log.Fatalf("Failed on read message %+v\n", err)
}
plaintext, err := ioutil.ReadAll(md.UnverifiedBody)
if err != nil {
log.Fatalf("Failed on read all body %+v\n", err)
}
log.Println(plaintext)
}
I noticed after log the encbuf that the armored key is kind of incomplete
2020/01/24 22:51:54 jcwYWU5
OTVlNGRlYjdjYTMxM2QwYWE3MDVkMjY0ODUwYWRlZmIyMDM1M2IyNjNmYzMyZmY4
ZGM1NzFmNmRjZThiNzIyZGRiZGY0MGE5MDc=
=9ciH
-----END PGP SIGNATURE-----
Update: Trying to decrypt without armor as well, if fails with EOF
import (
"bytes"
"io/ioutil"
"log"
"golang.org/x/crypto/openpgp"
"golang.org/x/crypto/openpgp/packet"
)
func main() {
password := []byte("secret stuff")
packetConfig := &packet.Config{
DefaultCipher: packet.CipherAES128,
}
cypherHex := []byte("c32e040903088c4db97456263252e0ef4f42627301e0ba3323b141a9ebd0476e5fe848d3c2b6021c8c06581ae2d19f7cd23b011b4b3a68758cb6fb12287db2a9ab6fdfad97670ae995e4deb7ca313d0aa705d264850adefb20353b263fc32ff8dc571f6dce8b722ddbdf40a907")
encbuf := bytes.NewBuffer(nil)
encbuf.Read(cypherHex)
prompt := func(keys []openpgp.Key, symmetric bool) ([]byte, error) {
return password, nil
}
md, err := openpgp.ReadMessage(encbuf, nil, prompt, packetConfig)
if err != nil {
log.Fatalf("Failed on read message %+v\n", err)
}
plaintext, err := ioutil.ReadAll(md.UnverifiedBody)
if err != nil {
log.Fatalf("Failed on read all body %+v\n", err)
}
log.Println(plaintext)
}
First, you're not decoding the hex-encoded ciphertext. Use the encoding/hex package to decode the data:
ct, err := hex.DecodeString(`c32e040903088c4db97456263252e0ef4f42627301e0ba3323b141a9ebd0476e5fe848d3c2b6021c8c06581ae2d19f7cd23b011b4b3a68758cb6fb12287db2a9ab6fdfad97670ae995e4deb7ca313d0aa705d264850adefb20353b263fc32ff8dc571f6dce8b722ddbdf40a907`)
if err != nil {
log.Fatal(err)
}
Next problem is that you're incorrectly creating the bytes.Buffer. You're putting no data into the buffer, then calling the Read method which does nothing (and of you did initialize it with data, Read would "read" all the data out before you decrypt it anyway). The buffer could be initialized with the data, or filled using the Write method -- in this case you only need an io.Reader and can use bytes.NewReader.
r := bytes.NewReader(ct)
Finally, you now have 3 0x01 bytes, which you can see more clearly using a better formatting:
d, err := ioutil.ReadAll(md.UnverifiedBody)
if err != nil {
log.Fatal(err)
}
fmt.Printf("%#v\n", d)
https://play.golang.org/p/Y3VqADQvEIH
I'm currently trying to export my created keys and than importing them to use them.
But if I run my code I get the following error:
panic: x509: only RSA and ECDSA public keys supported
goroutine 1 [running]:
main.main()
/path/to/project/src/main.go:19 +0x3bd
This is my current code:
// Create key
key, _ := rsa.GenerateKey(rand.Reader, 2048)
// Message to encrypt
message := "hi stackoverflow"
priv := x509.MarshalPKCS1PrivateKey(key)
pub, err := x509.MarshalPKIXPublicKey(key.PublicKey)
if err != nil {
panic(err)
}
private, err := x509.ParsePKCS1PrivateKey(priv)
if err != nil {
panic(err)
return
}
public, err := x509.ParsePKIXPublicKey(pub)
if err != nil {
return
}
encrypted, err := rsa.EncryptPKCS1v15(rand.Reader, public.(*rsa.PublicKey), []byte(message))
if err != nil {
panic(err)
}
dencrypted, err := rsa.DecryptPKCS1v15(rand.Reader, private, encrypted)
if err != nil {
panic(err)
}
fmt.Println(string(dencrypted))
(I researched like the hole internet but didn't found something, maybe I used a wrong search term.)
When I run this, I get the panic on MarshalPKIXPublicKey (not ParsePKIXPublicKey as you were suggesting in comment above).
The problem is that the function accepts a *rsa.PublicKey and you're passing a plain rsa.PublicKey.
This works for me: pub, err := x509.MarshalPKIXPublicKey(&key.PublicKey).
I have an app that uses gpg secret keys and prompts for a password to read it. Here's the way I do that (based on an example I found elsewhere:
func Decrypt(publicKeyring string, secretKeyring string, key string, password string) (string, error) {
var entity *openpgp.Entity
var entityList openpgp.EntityList
keyringFileBuffer, err := os.Open(secretKeyring)
if err != nil {
return "", err
}
defer keyringFileBuffer.Close()
entityList, err = openpgp.ReadKeyRing(keyringFileBuffer)
if err != nil {
return "", err
}
entity = entityList[0]
passphraseByte := []byte(password)
entity.PrivateKey.Decrypt(passphraseByte)
for _, subkey := range entity.Subkeys {
subkey.PrivateKey.Decrypt(passphraseByte)
}
dec, err := base64.StdEncoding.DecodeString(key)
if err != nil {
return "", err
}
// Decrypt it with the contents of the private key
md, err := openpgp.ReadMessage(bytes.NewBuffer(dec), entityList, nil, nil)
if err != nil {
return "", err
}
bytes, err := ioutil.ReadAll(md.UnverifiedBody)
if err != nil {
return "", err
}
decStr := string(bytes)
return decStr, nil
}
The assumption made here is that the user has a KeyRin which is passed, and the default value for this is the secring, like so:
viper.SetDefault("gpgsecretkeyring", home+"/.gnupg/secring.gpg")
However,
I was getting reports that some users on macs were struggling to get the app working, and the reason was they didn't know how to define the secring.
It seems newer versions of GnuPG have deprecated the secring.
https://www.gnupg.org/faq/whats-new-in-2.1.html#nosecring
I have no idea how to read the secret key using golang.org/x/crypto/openpgp at this point. Are there any examples of the best way to do this?
GnuPG 2.1 introduced two changes:
Merging the secring.gpg into the pubring.gpg file, you should be able to read the secret keys from the pubring.gpg file.
For new installations, the new keybox format is used, which is not supported by the go library (as of today, at least). Old installations (thus, with keyrings in the old format), are not automatically merged.
If you want to use GnuPG's keyring, directly call GnuPG. If you want to use Go's library, don't mess with GnuPG's keyring files and store your own copy of the keys.
I got sick of dealing with this, so I've decided it's easier to just shell out to gpg -dq from the os.Exec. Sample:
package gpg
import (
"bytes"
"encoding/base64"
"os/exec"
)
func Decrypt(key string) (string, error) {
var cmd exec.Cmd
var output bytes.Buffer
gpgCmd, err := exec.LookPath("gpg")
if err != nil {
return "", err
}
cmd.Path = gpgCmd
cmd.Args = []string{"--decrypt", "--quiet"}
dec, err := base64.StdEncoding.DecodeString(key)
if err != nil {
return "", err
}
// return the reader interface for dec (byte array)
d := bytes.NewReader(dec)
// pipe d to gpg commands stdin
cmd.Stdin = d
cmd.Stdout = &output
if err := cmd.Run(); err != nil {
return "", err
}
// return the output from the gpg command
return output.String(), nil
}
I have a binary file:
foo.bin
This file has been signed using a gpg key to create:
foo.bin.sig
I have a file containing the public key that was used to sign the binary file.
What I'd like to do is to be able to verify this signature using Go.
I was reading the go.crypto/openpgp docs and they aren't particularly helpful for this use case.
The verification will be done on a remote machine. Ideally I'd like to avoid using the keyring on the machine that will run this code. The public key can trivially be stored in the executable itself... if I can work out how to get this verification done.
The steps that I think I need to do are as follows:
Create an Entity that represents only the public key
Open both the binary file and the signature and pass it to some verification function
The question primarily is: how do I write this verification function using just a public key?
The openpgp API is not the most straightforward to use, but I gave it a go (pun intended), and here is what I came up with :
package main
import (
"bytes"
"code.google.com/p/go.crypto/openpgp/packet"
"encoding/hex"
"errors"
"fmt"
"io/ioutil"
"os"
)
// gpg --export YOURKEYID --export-options export-minimal,no-export-attributes | hexdump /dev/stdin -v -e '/1 "%02X"'
var publicKeyHex string = "99[VERY LONG HEX STRING]B6"
func main() {
if len(os.Args) != 3 {
fmt.Println("Usage: " + os.Args[0] + " <file> <signature file>")
return
}
err := checkSig(os.Args[1], os.Args[2])
if err != nil {
fmt.Println("Invalid signature : ")
fmt.Println(err)
} else {
fmt.Println("Valid signature")
}
}
func checkSig(fileName string, sigFileName string) error {
// First, get the content of the file we have signed
fileContent, err := ioutil.ReadFile(fileName)
if err != nil {
return err
}
// Get a Reader for the signature file
sigFile, err := os.Open(sigFileName)
if err != nil {
return err
}
defer func() {
if err := sigFile.Close(); err != nil {
panic(err)
}
}()
// Read the signature file
pack, err := packet.Read(sigFile)
if err != nil {
return err
}
// Was it really a signature file ? If yes, get the Signature
signature, ok := pack.(*packet.Signature)
if !ok {
return errors.New(os.Args[2] + " is not a valid signature file.")
}
// For convenience, we have the key in hexadecimal, convert it to binary
publicKeyBin, err := hex.DecodeString(publicKeyHex)
if err != nil {
return err
}
// Read the key
pack, err = packet.Read(bytes.NewReader(publicKeyBin))
if err != nil {
return err
}
// Was it really a public key file ? If yes, get the PublicKey
publicKey, ok := pack.(*packet.PublicKey)
if !ok {
return errors.New("Invalid public key.")
}
// Get the hash method used for the signature
hash := signature.Hash.New()
// Hash the content of the file (if the file is big, that's where you have to change the code to avoid getting the whole file in memory, by reading and writting in small chunks)
_, err = hash.Write(fileContent)
if err != nil {
return err
}
// Check the signature
err = publicKey.VerifySignature(hash, signature)
if err != nil {
return err
}
return nil
}
As requested, I put the public key in the code.
You can test it like that :
$ go run testpgp.go foo.bin foo.bin.sig
If the file you have signed is very big, you may want to change the code a little bit to avoid loading it in memory.