with actual push
This commit is contained in:
@@ -2,22 +2,25 @@ package signer
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"os"
|
||||
"strings"
|
||||
|
||||
"git.front.kjuulh.io/kjuulh/curre"
|
||||
"github.com/ProtonMail/gopenpgp/v2/crypto"
|
||||
"github.com/ProtonMail/go-crypto/openpgp"
|
||||
"go.uber.org/zap"
|
||||
)
|
||||
|
||||
type OpenPGP struct {
|
||||
logger *zap.Logger
|
||||
PrivateKeyRing *crypto.KeyRing
|
||||
config *OpenPgpConfig
|
||||
logger *zap.Logger
|
||||
SigningKey *openpgp.Entity
|
||||
config *OpenPgpConfig
|
||||
}
|
||||
|
||||
type OpenPgpConfig struct {
|
||||
PrivateKeyFilePath string
|
||||
PrivateKeyPassword string
|
||||
PrivateKeyIdentity string
|
||||
}
|
||||
|
||||
func NewOpenPGP(logger *zap.Logger, config *OpenPgpConfig) *OpenPGP {
|
||||
@@ -29,26 +32,14 @@ func NewOpenPGP(logger *zap.Logger, config *OpenPgpConfig) *OpenPGP {
|
||||
|
||||
func NewOpenPGPApp(openPGP *OpenPGP) curre.Component {
|
||||
return curre.NewFunctionalComponent(&curre.FunctionalComponent{
|
||||
InitFunc: func(fc *curre.FunctionalComponent, ctx context.Context) error {
|
||||
|
||||
content, err := os.ReadFile(openPGP.config.PrivateKeyFilePath)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
privateKeyObj, err := crypto.NewKeyFromArmored(string(content))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
unlockedPrivateKeyRing, err := privateKeyObj.Unlock([]byte(openPGP.config.PrivateKeyPassword))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
privateKeyRing, err := crypto.NewKeyRing(unlockedPrivateKeyRing)
|
||||
InitFunc: func(_ *curre.FunctionalComponent, ctx context.Context) error {
|
||||
keyring, err := buildKeyring(ctx, openPGP)
|
||||
if err != nil {
|
||||
openPGP.logger.Panic("could not build keyring", zap.Error(err))
|
||||
return err
|
||||
}
|
||||
|
||||
openPGP.PrivateKeyRing = privateKeyRing
|
||||
openPGP.SigningKey = keyring
|
||||
|
||||
return nil
|
||||
},
|
||||
@@ -59,5 +50,32 @@ func NewOpenPGPApp(openPGP *OpenPGP) curre.Component {
|
||||
return nil
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
func buildKeyring(_ context.Context, openPGP *OpenPGP) (*openpgp.Entity, error) {
|
||||
content, err := os.ReadFile(openPGP.config.PrivateKeyFilePath)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
reader := strings.NewReader(string(content))
|
||||
|
||||
es, err := openpgp.ReadArmoredKeyRing(reader)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
for _, key := range es {
|
||||
for k := range key.Identities {
|
||||
if strings.Contains(k, openPGP.config.PrivateKeyIdentity) {
|
||||
err = key.PrivateKey.Decrypt([]byte(openPGP.config.PrivateKeyPassword))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return key, nil
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return nil, errors.New("could not find key matching identity")
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user