Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

x/crypto/openpgp: is there an opposite of (*Entity).SerializePrivate? #31899

Closed
WestleyK opened this issue May 8, 2019 · 7 comments
Closed

x/crypto/openpgp: is there an opposite of (*Entity).SerializePrivate? #31899

WestleyK opened this issue May 8, 2019 · 7 comments
Labels
FrozenDueToAge NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone
Unreleased

Comments

@WestleyK
Copy link

WestleyK commented May 8, 2019

What version of Go are you using (go version)?

$ go version
go version go1.12 linux/amd64

Does this issue reproduce with the latest release?

Yeah, I think so.

What operating system and processor architecture are you using (go env)?

go env Output
$ go env
GOARCH="amd64"
GOBIN=""
GOCACHE="/home/westleyk/.cache/go-build"
GOEXE=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOOS="linux"
GOPATH="/home/westleyk/go"
GOPROXY=""
GORACE=""
GOROOT="/usr/local/go"
GOTMPDIR=""
GOTOOLDIR="/usr/local/go/pkg/tool/linux_amd64"
GCCGO="gccgo"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
GOMOD=""
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build360331840=/tmp/go-build -gno-record-gcc-switches"


Just a question: Is there a function to do the opposite of:

e.SerializePrivate(f, nil)

For a private key? Like to remove a private key entity from a file?
@gopherbot gopherbot added this to the Unreleased milestone May 8, 2019
@andybons andybons changed the title x/crypto: Opposite of Serialize x/crypto/openpgp: is there an opposite of (*Entity).SerializePrivate? May 8, 2019
@andybons
Copy link
Member

andybons commented May 8, 2019

@Merovius

@andybons andybons added the NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. label May 8, 2019
@Merovius
Copy link
Contributor

Merovius commented May 8, 2019
edited

@WestleyK AIUI, Serialize does what you want, in that it only writes out the public parts of the keys?

@WestleyK
Copy link
Author

WestleyK commented May 8, 2019

@Merovius, I dont think so, I'm just trying to remove a private entity from a file.

@Merovius
Copy link
Contributor

Merovius commented May 9, 2019

@WestleyK I'm afraid I don't really understand what you mean, then, by "removing a private entity from a file". What kind of file? A keyring? A serialized key packet - i.e. the output of gpg --export? And what do you mean by "private entity"? AFAIK entities in PGP aren't private or public, it's really the individual keys and signatures. Or do you mean you want to remove a specific private key (leaving others in)?

AIUI, you can remove a private keys from a serialized key packet by a) reading the file in (using ReadEntity) and b) writing everything but the private keys out using Serialize. The result will be, effectively, a new file with the private keys removed.

@WestleyK
Copy link
Author

WestleyK commented May 9, 2019

@Merovius, yes, a keyring. I want to do the equivalent of gpg --delete-secret-keys.

@Merovius
Copy link
Contributor

Merovius commented May 9, 2019

Disclaimer: All of this is to the best of my knowledge. So far, the keyring-handling of the openpgp packages is very minimal. In particular, I'm not sure it's possible to write out even a V1 keyring, which would be necessary for this. AIUI it's just a concatenated list of entities, so you might get by by calling Serialize or SerializePrivate, but I assume this wouldn't give the same result (i.e. it might modify keys you didn't touch). And even if you can write a V1 keyring - we still can't read V2 keyrings which are pretty common nowadays.

Personally, I think a package to handle keyrings (V1 and/or V2) better would be great and making this easier would likely be part of that. However, I don't really see that happen any time soon. It's also probably best realized as a separate package and so it can be prototyped in a third-party repo first, if anyone wants to take a stab at it.

So, ISTM: No, currently there is nothing like that and personally I think it's not a good idea to add this without a larger effort to improve keyring-handling in general. But someone else might well disagree :)

@WestleyK
Copy link
Author

WestleyK commented May 9, 2019

Okay, thanks for your time!

So right now its not possible to remove a private key from a keyring (like gpg), I do think that would be a nice feature to add.

My question did get answered. So, feel free to close this issue or leave it open as a feature request 👍

@golang golang locked and limited conversation to collaborators May 10, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Projects
None yet
Milestone
Unreleased
Development

No branches or pull requests
4 participants
@andybons @Merovius @gopherbot @WestleyK