-
-
Save ayubmalik/a83ee23c7c700cdce2f8c5bf5f2e9f20 to your computer and use it in GitHub Desktop.
package main | |
/** | |
Example hack to encrypt a file using a GPG encryption key. Works with GPG v2.x. | |
The encrypted file e.g. /tmp/data.txt.gpg can then be decrypted using the standard command | |
gpg /tmp/data.txt.gpg | |
Assumes you have **created** an encryption key and exported armored version. | |
You have to read the armored key directly as Go cannot read pubring.kbx (yet). | |
Export your key using command: | |
gpg2 --export --armor [KEY ID] > /tmp/pubKey.asc | |
*/ | |
import ( | |
"fmt" | |
"golang.org/x/crypto/openpgp" | |
"golang.org/x/crypto/openpgp/armor" | |
"golang.org/x/crypto/openpgp/packet" | |
"io" | |
"log" | |
"os" | |
) | |
// change as required | |
const pubKey = "/tmp/pubKey.asc" | |
const fileToEnc = "/tmp/data.txt" | |
func main() { | |
log.Println("Public key:", pubKey) | |
// Read in public key | |
recipient, err := readEntity(pubKey) | |
if err != nil { | |
fmt.Println(err) | |
return | |
} | |
f, err := os.Open(fileToEnc) | |
if err != nil { | |
fmt.Println(err) | |
return | |
} | |
defer f.Close() | |
dst, err := os.Create(fileToEnc + ".gpg") | |
if err != nil { | |
fmt.Println(err) | |
return | |
} | |
defer dst.Close() | |
encrypt([]*openpgp.Entity{recipient}, nil, f, dst) | |
} | |
func encrypt(recip []*openpgp.Entity, signer *openpgp.Entity, r io.Reader, w io.Writer) error { | |
wc, err := openpgp.Encrypt(w, recip, signer, &openpgp.FileHints{IsBinary: true}, nil) | |
if err != nil { | |
return err | |
} | |
if _, err := io.Copy(wc, r); err != nil { | |
return err | |
} | |
return wc.Close() | |
} | |
func readEntity(name string) (*openpgp.Entity, error) { | |
f, err := os.Open(name) | |
if err != nil { | |
return nil, err | |
} | |
defer f.Close() | |
block, err := armor.Decode(f) | |
if err != nil { | |
return nil, err | |
} | |
return openpgp.ReadEntity(packet.NewReader(block.Body)) | |
} |
Do you have a GPG key and exported it to /tmp/pubKey.asc
? (If your key is in a different location just change the code on line 26)
Use
gpg -k
to list keys or
gpg --gen-key
to generate a new key. Then export the key using
gpg --export -a "uid of your key here" > /tmp/pubKey.asc
Hope that helps.
Hi,
thanks for the script it works as well. but can you provide how to decrypt the encryption
many thanks!
Thank you for this script.
I can't figure out how to decrypt in Go. Is there a chance that you have an example script for decrypting?
It has been a while since I looked at this. Do you still need to decrypt in Go?
No, thank you. I found how to decrypt.
@charger @ayubmalik Can you please share the decrypt code?
No, thank you. I found how to decrypt.
please tell how to decrypt in golang
@Sundar-20, @anand24590
Sorry for a delay with answer.
Here is a gist with an example: https://gist.github.com/charger/4b054f90fb9fa648177a9355418c4685
Hi, Thank you for your script. I am using your script to do pgp encryption with the signer. But I am getting error as "cannot encrypt message because no encryption key". Thanks