mirrors/stfs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5d5b6ebb960c87dc32bfe54866ecf2c27161bccb
stfs/pkg/keys/identity.go

88 lines
1.8 KiB
Go
Raw Blame History

package keys
import (
"bytes"
"io"
"aead.dev/minisign"
"filippo.io/age"
"github.com/ProtonMail/go-crypto/openpgp"
"github.com/pojntfx/stfs/pkg/config"
)
func ParseIdentity(
encryptionFormat string,
privkey []byte,
password string,
) (interface{}, error) {
switch encryptionFormat {
case config.EncryptionFormatAgeKey:
if password != "" {
passwordIdentity, err := age.NewScryptIdentity(password)
if err != nil {
return nil, err
}
r, err := age.Decrypt(bytes.NewBuffer(privkey), passwordIdentity)
if err != nil {
return nil, err
}
out := &bytes.Buffer{}
if _, err := io.Copy(out, r); err != nil {
return nil, err
}
privkey = out.Bytes()
}
return age.ParseX25519Identity(string(privkey))
case config.EncryptionFormatPGPKey:
identities, err := openpgp.ReadKeyRing(bytes.NewBuffer(privkey))
if err != nil {
return nil, err
}
if password != "" {
for _, identity := range identities {
if identity.PrivateKey == nil {
return nil, config.ErrIdentityUnparsable
}
if err := identity.PrivateKey.Decrypt([]byte(password)); err != nil {
return nil, err
}
for _, subkey := range identity.Subkeys {
if err := subkey.PrivateKey.Decrypt([]byte(password)); err != nil {
return nil, err
}
}
}
}
return identities, nil
case config.NoneKey:
return privkey, nil
default:
return nil, config.ErrEncryptionFormatUnsupported
}
}
func ParseSignerIdentity(
signatureFormat string,
privkey []byte,
password string,
) (interface{}, error) {
switch signatureFormat {
case config.SignatureFormatMinisignKey:
return minisign.DecryptKey(password, privkey)
case config.SignatureFormatPGPKey:
return ParseIdentity(signatureFormat, privkey, password)
case config.NoneKey:
return privkey, nil
default:
return nil, config.ErrSignatureFormatUnsupported
}
}
Reference in New Issue View Git Blame Copy Permalink