refactor: Split keys and keyext packages, make compression, signature and encryption packages public

pkg/keys/identity.go

@@ -0,0 +1,87 @@
+package keys
+
+import (
+	"bytes"
+	"io"
+
+	"aead.dev/minisign"
+	"filippo.io/age"
+	"github.com/ProtonMail/go-crypto/openpgp"
+	"github.com/pojntfx/stfs/pkg/config"
+)
+
+func ParseIdentity(
+	encryptionFormat string,
+	privkey []byte,
+	password string,
+) (interface{}, error) {
+	switch encryptionFormat {
+	case config.EncryptionFormatAgeKey:
+		if password != "" {
+			passwordIdentity, err := age.NewScryptIdentity(password)
+			if err != nil {
+				return nil, err
+			}
+
+			r, err := age.Decrypt(bytes.NewBuffer(privkey), passwordIdentity)
+			if err != nil {
+				return nil, err
+			}
+
+			out := &bytes.Buffer{}
+			if _, err := io.Copy(out, r); err != nil {
+				return nil, err
+			}
+
+			privkey = out.Bytes()
+		}
+
+		return age.ParseX25519Identity(string(privkey))
+	case config.EncryptionFormatPGPKey:
+		identities, err := openpgp.ReadKeyRing(bytes.NewBuffer(privkey))
+		if err != nil {
+			return nil, err
+		}
+
+		if password != "" {
+			for _, identity := range identities {
+				if identity.PrivateKey == nil {
+					return nil, config.ErrIdentityUnparsable
+				}
+
+				if err := identity.PrivateKey.Decrypt([]byte(password)); err != nil {
+					return nil, err
+				}
+
+				for _, subkey := range identity.Subkeys {
+					if err := subkey.PrivateKey.Decrypt([]byte(password)); err != nil {
+						return nil, err
+					}
+				}
+			}
+		}
+
+		return identities, nil
+	case config.NoneKey:
+		return privkey, nil
+	default:
+		return nil, config.ErrEncryptionFormatUnsupported
+	}
+}
+
+func ParseSignerIdentity(
+	signatureFormat string,
+	privkey []byte,
+	password string,
+) (interface{}, error) {
+	switch signatureFormat {
+	case config.SignatureFormatMinisignKey:
+		return minisign.DecryptKey(password, privkey)
+	case config.SignatureFormatPGPKey:
+		return ParseIdentity(signatureFormat, privkey, password)
+	case config.NoneKey:
+		return privkey, nil
+	default:
+		return nil, config.ErrSignatureFormatUnsupported
+	}
+}

pkg/keys/recipient.go

@@ -0,0 +1,47 @@
+package keys
+
+import (
+	"bytes"
+
+	"aead.dev/minisign"
+	"filippo.io/age"
+	"github.com/ProtonMail/go-crypto/openpgp"
+	"github.com/pojntfx/stfs/pkg/config"
+)
+
+func ParseRecipient(
+	encryptionFormat string,
+	pubkey []byte,
+) (interface{}, error) {
+	switch encryptionFormat {
+	case config.EncryptionFormatAgeKey:
+		return age.ParseX25519Recipient(string(pubkey))
+	case config.EncryptionFormatPGPKey:
+		return openpgp.ReadKeyRing(bytes.NewBuffer(pubkey))
+	case config.NoneKey:
+		return pubkey, nil
+	default:
+		return nil, config.ErrEncryptionFormatUnsupported
+	}
+}
+
+func ParseSignerRecipient(
+	signatureFormat string,
+	pubkey []byte,
+) (interface{}, error) {
+	switch signatureFormat {
+	case config.SignatureFormatMinisignKey:
+		var recipient minisign.PublicKey
+		if err := recipient.UnmarshalText(pubkey); err != nil {
+			return nil, err
+		}
+
+		return recipient, nil
+	case config.SignatureFormatPGPKey:
+		return ParseRecipient(signatureFormat, pubkey)
+	case config.NoneKey:
+		return pubkey, nil
+	default:
+		return nil, config.ErrSignatureFormatUnsupported
+	}
+}