{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 够拽才男人 的问题《Go - Golang openpg - Create Key pair and create si》','https://www.manongdao.com/q-650568.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I'm currently working on openpgp in combination with golang. I use the following code to generate a new keypair and create a self-signature on the resulting public key:
package main
import (
"bytes"
"crypto"
"time"
"golang.org/x/crypto/openpgp"
"golang.org/x/crypto/openpgp/armor"
"golang.org/x/crypto/openpgp/packet"
"fmt"
)
//Create ASscii Armor from openpgp.Entity
func PubEntToAsciiArmor(pubEnt *openpgp.Entity) (asciiEntity string) {
gotWriter := bytes.NewBuffer(nil)
wr, errEncode := armor.Encode(gotWriter, openpgp.PublicKeyType, nil)
if errEncode != nil {
fmt.Println("Encoding Armor ", errEncode.Error())
return
}
errSerial := pubEnt.Serialize(wr)
if errSerial != nil {
fmt.Println("Serializing PubKey ", errSerial.Error())
}
errClosing := wr.Close()
if errClosing != nil {
fmt.Println("Closing writer ", errClosing.Error())
}
asciiEntity = gotWriter.String()
return
}
func main() {
var entity *openpgp.Entity
entity, err := openpgp.NewEntity("itis", "test", "itis@itis3.com", nil)
if err != nil {
fmt.Println("ERROR")
}
usrIdstring := ""
for _, uIds := range entity.Identities {
usrIdstring = uIds.Name
}
var priKey = entity.PrivateKey
var sig = new(packet.Signature)
//Prepare sign with our configs/////IS IT A MUST ??
sig.Hash = crypto.SHA1
sig.PubKeyAlgo = priKey.PubKeyAlgo
sig.CreationTime = time.Now()
dur := new(uint32)
*dur = uint32(365 * 24 * 60 * 60)
sig.SigLifetimeSecs = dur //a year
issuerUint := new(uint64)
*issuerUint = priKey.KeyId
sig.IssuerKeyId = issuerUint
sig.SigType = packet.SigTypeGenericCert
err = sig.SignKey(entity.PrimaryKey, entity.PrivateKey, nil)
if err != nil {
fmt.Println("ERROR")
}
err = sig.SignUserId(usrIdstring, entity.PrimaryKey, entity.PrivateKey, nil)
if err != nil {
fmt.Println("ERROR")
}
entity.SignIdentity(usrIdstring, entity, nil)
var copy = entity
var asciiSignedKey = PubEntToAsciiArmor(copy)
fmt.Println(asciiSignedKey)
}
1.) When I serialize the public key (to get an armored version of it), I get the following error message:
Serializing PubKey openpgp: invalid argument: Signature: need to call Sign, SignUserId or SignKey before Serialize
I thought I just used every possible way to create a signature on that key?
2.) I still receive an output from problem 1, when I upload the key to a keyserver, than the available information are incomplete. Only the key-id and the creation date are listed. All additional information like, self-signature, user-id-string and so on are missing (example: https://pgp.mit.edu/pks/lookup?search=0xbe6ee21e94a73ba5&op=index). What went wrong? Is it related to error 1?
PS: I am new to golang, started today.
This seems to be a known issue: https://github.com/golang/go/issues/6483. The workaround is to call
SerializePrivatefirst, even if you don't use the result.Maybe this will do what you want. Disclaimer: I am not an expert in openpgp; I don't know whether this is correct or not. But it does work with gpg --import.
I wrote https://github.com/alokmenghrajani/gpgeez for exactly this purpose. It's a Go library which makes things like key creating or exporting a key as an armored string easier.
Here is the gist of it, without any error checking: