Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Is there support encryption with multiple keys? #72

Open
bailantaotao opened this issue Sep 5, 2018 · 2 comments
Open

Is there support encryption with multiple keys? #72

bailantaotao opened this issue Sep 5, 2018 · 2 comments

Comments

@bailantaotao
Copy link

Hi there,

In GPG keychain,
I can encrypt a message with multiple recipient public key, and it will return a PGP encrypted message.
So that the valid user can decrypt the file.

But I tried in your opengpg package, it can encrypt message, but only one person can decrypt it with GPG keychain.

My step:

  1. Use GPG keychain export multiple users public key.
  2. Use your tool to encrypt a message with above public key and output to base64.
  3. Use GPG keychain CLI to decode the message. But got failed. The corresponding error message:
echo ${ENCRYPTD_BY_OPENGPG_BASE64} | base64 -D | gpg -d`

gpg: encrypted with 4096-bit RSA key, ID 0A00AA00A000AA00, created 2016-02-27
      "foo <[email protected]>"
gpg: decryption failed: No secret key

What's step is wrong?
@zapu
Copy link

zapu commented Sep 20, 2018

Hello, sorry for late reply.

Can you elaborate on the steps being done to encrypt the message?

go-crypto package supports encryption to multiple recipients, see here: https://github.com/keybase/go-crypto/blob/master/openpgp/write.go#L204-L209

@dutchakdev
Copy link

Hello, just code from my private project:

// Read PGP keys and create openpgp.EntityList with few keys
func readPublicKeys(keys []string) (openpgp.EntityList, error) {
	var entityLists openpgp.EntityList

	for _, key := range keys {
		entityList, err := openpgp.ReadArmoredKeyRing(strings.NewReader(key))
		if err != nil {
			return entityList, err
		}
		entityLists = append(entityLists, entityList[0])
	}

	return entityLists, nil
}

And you can use it with openpgp.Encrypt

Also my encrypt method wrapper for openpgp.Encrypt:

func encrypt(message string, entityList []*openpgp.Entity) (string, error) {
	buf := new(bytes.Buffer)
	w, err := openpgp.Encrypt(buf, entityList, nil, nil, nil)
	if err != nil {
		return "", err
	}
	_, err = w.Write([]byte(message))
	if err != nil {
		return "", err
	}
	err = w.Close()
	if err != nil {
		return "", err
	}

	output, err := ioutil.ReadAll(buf)
	if err != nil {
		return "", err
	}

	pubKeyBuf := bytes.NewBuffer(nil)
	pubKeyWriter, err := armor.Encode(pubKeyBuf, messageHeader, headers)
	if err != nil {
		return "", err
	}
	_, err = pubKeyWriter.Write(output)
	if err != nil {
		return "", err
	}
	err = pubKeyWriter.Close()
	if err != nil {
		return "", err
	}
	outputString := pubKeyBuf.String()

	return outputString, nil
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@zapu @dutchakdev @bailantaotao