Skip to content

Instantly share code, notes, and snippets.

@ayubmalik

ayubmalik/gpg-encrypt.go

Last active July 23, 2024 19:09
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save ayubmalik/a83ee23c7c700cdce2f8c5bf5f2e9f20 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save ayubmalik/a83ee23c7c700cdce2f8c5bf5f2e9f20 to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. ayubmalik revised this gist May 14, 2018. 1 changed file with 2 additions and 1 deletion.
    3 changes: 2 additions & 1 deletion gpg-encrypt.go
    View file
    Original file line number Diff line number Diff line change
    @@ -5,7 +5,8 @@ package main
    The encrypted file e.g. /tmp/data.txt.gpg can then be decrypted using the standard command
    gpg /tmp/data.txt.gpg
    Assumes you have **created** an encryption key and exported armored version. You have to read the key directly as Go cannot read pubring.kbx (yet).
    Assumes you have **created** an encryption key and exported armored version.
    You have to read the armored key directly as Go cannot read pubring.kbx (yet).
    Export your key using command:
    gpg2 --export --armor [KEY ID] > /tmp/pubKey.asc
  2. ayubmalik revised this gist May 14, 2018. No changes.
  3. ayubmalik created this gist May 14, 2018.
    76 changes: 76 additions & 0 deletions gpg-encrypt.go
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,76 @@
    package main

    /**
    Example hack to encrypt a file using a GPG encryption key. Works with GPG v2.x.
    The encrypted file e.g. /tmp/data.txt.gpg can then be decrypted using the standard command
    gpg /tmp/data.txt.gpg
    Assumes you have **created** an encryption key and exported armored version. You have to read the key directly as Go cannot read pubring.kbx (yet).
    Export your key using command:
    gpg2 --export --armor [KEY ID] > /tmp/pubKey.asc
    */

    import (
    "fmt"
    "golang.org/x/crypto/openpgp"
    "golang.org/x/crypto/openpgp/armor"
    "golang.org/x/crypto/openpgp/packet"
    "io"
    "log"
    "os"
    )

    // change as required
    const pubKey = "/tmp/pubKey.asc"
    const fileToEnc = "/tmp/data.txt"

    func main() {
    log.Println("Public key:", pubKey)

    // Read in public key
    recipient, err := readEntity(pubKey)
    if err != nil {
    fmt.Println(err)
    return
    }

    f, err := os.Open(fileToEnc)
    if err != nil {
    fmt.Println(err)
    return
    }
    defer f.Close()

    dst, err := os.Create(fileToEnc + ".gpg")
    if err != nil {
    fmt.Println(err)
    return
    }
    defer dst.Close()
    encrypt([]*openpgp.Entity{recipient}, nil, f, dst)
    }

    func encrypt(recip []*openpgp.Entity, signer *openpgp.Entity, r io.Reader, w io.Writer) error {
    wc, err := openpgp.Encrypt(w, recip, signer, &openpgp.FileHints{IsBinary: true}, nil)
    if err != nil {
    return err
    }
    if _, err := io.Copy(wc, r); err != nil {
    return err
    }
    return wc.Close()
    }

    func readEntity(name string) (*openpgp.Entity, error) {
    f, err := os.Open(name)
    if err != nil {
    return nil, err
    }
    defer f.Close()
    block, err := armor.Decode(f)
    if err != nil {
    return nil, err
    }
    return openpgp.ReadEntity(packet.NewReader(block.Body))
    }