Golang encrypt file using GPG openpgp. Use standard go libs.

gpg-encrypt.go

package main

/**
  Example hack to encrypt a file using a GPG encryption key. Works with GPG v2.x.
  The encrypted file e.g. /tmp/data.txt.gpg can then be decrypted using the standard command
  gpg /tmp/data.txt.gpg

  Assumes you have **created** an encryption key and exported armored version. 
  You have to read the armored key directly as Go cannot read pubring.kbx (yet).

  Export your key using command:
    gpg2 --export --armor [KEY ID] > /tmp/pubKey.asc
*/

import (
	"fmt"
	"golang.org/x/crypto/openpgp"
	"golang.org/x/crypto/openpgp/armor"
	"golang.org/x/crypto/openpgp/packet"
	"io"
	"log"
	"os"
)

// change as required
const pubKey = "/tmp/pubKey.asc"
const fileToEnc = "/tmp/data.txt"

func main() {
	log.Println("Public key:", pubKey)

	// Read in public key
	recipient, err := readEntity(pubKey)
	if err != nil {
		fmt.Println(err)
		return
	}

	f, err := os.Open(fileToEnc)
	if err != nil {
		fmt.Println(err)
		return
	}
	defer f.Close()

	dst, err := os.Create(fileToEnc + ".gpg")
	if err != nil {
		fmt.Println(err)
		return
	}
	defer dst.Close()
	encrypt([]*openpgp.Entity{recipient}, nil, f, dst)
}

func encrypt(recip []*openpgp.Entity, signer *openpgp.Entity, r io.Reader, w io.Writer) error {
	wc, err := openpgp.Encrypt(w, recip, signer, &openpgp.FileHints{IsBinary: true}, nil)
	if err != nil {
		return err
	}
	if _, err := io.Copy(wc, r); err != nil {
		return err
	}
	return wc.Close()
}

func readEntity(name string) (*openpgp.Entity, error) {
	f, err := os.Open(name)
	if err != nil {
		return nil, err
	}
	defer f.Close()
	block, err := armor.Decode(f)
	if err != nil {
		return nil, err
	}
	return openpgp.ReadEntity(packet.NewReader(block.Body))
}

Hi, Thank you for your script. I am using your script to do pgp encryption with the signer. But I am getting error as "cannot encrypt message because no encryption key". Thanks

Do you have a GPG key and exported it to /tmp/pubKey.asc? (If your key is in a different location just change the code on line 26)

Use

gpg -k

to list keys or

gpg --gen-key

to generate a new key. Then export the key using

gpg --export -a "uid of your key here" > /tmp/pubKey.asc

Hope that helps.

Hi,
thanks for the script it works as well. but can you provide how to decrypt the encryption
many thanks!

If the encrypted file is `/tmp/data.txt.gpg` then `gpg /tmp/data.txt.gpg` can be used by the person with the private key to descrypt the file.

…

On Wed, 6 May 2020, 05:15 ranggadablues, ***@***.***> wrote: ***@***.**** commented on this gist. ------------------------------ Hi, thanks for the script it works as well. but can you provide how to decrypt the encryption many thanks! — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <https://gist.github.com/a83ee23c7c700cdce2f8c5bf5f2e9f20#gistcomment-3291937>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAJQCZC6HTNFRLAMDRRENSDRQDP6LANCNFSM4ISH5YLA> .

Thank you for this script.
I can't figure out how to decrypt in Go. Is there a chance that you have an example script for decrypting?

It has been a while since I looked at this. Do you still need to decrypt in Go?

No, thank you. I found how to decrypt.

@charger @ayubmalik Can you please share the decrypt code?

No, thank you. I found how to decrypt.

please tell how to decrypt in golang

@Sundar-20, @anand24590
Sorry for a delay with answer.
Here is a gist with an example: https://gist.github.com/charger/4b054f90fb9fa648177a9355418c4685