在Go的openpgp中验证gpg签名。

huangapple go评论98阅读模式
英文:

Verify gpg signature in Go openpgp

问题

我正在玩写一个Go程序,用于下载和验证文件。
我希望能够避免强制用户安装gnupg(如果可能的话)。

是否可以使用Go的openpgp库或其他Go库来验证使用gpg签名(asc文件)描述的下载文件,就像这里这里所描述的那样?

如果有任何示例演示如何使用openpgp来验证带有asc签名的文件,将不胜感激。

英文:

I'm playing with writing a Go program that downloads and verifies files.
I am hoping to avoid forcing the user to install gnupg (if possible).

Is it possible to verify a downloaded file with a gpg signature (asc file) as described here or here using Go's openpgp lib or some other Go library?

Any examples demonstrating how to use openpgp to verify a file with an asc signature would be appreciated.

答案1

得分: 4

我能够使用以下代码验证一个gpg签名:

package main

import (
	"fmt"
	"golang.org/x/crypto/openpgp"
	"os"
)

func main() {
	keyRingReader, err := os.Open("signer-pubkey.asc")
	if err != nil {
		fmt.Println(err)
		return
	}

	signature, err := os.Open("signature.asc")
	if err != nil {
		fmt.Println(err)
		return
	}

	verification_target, err := os.Open("mysql-5.7.9-win32.zip")
	if err != nil {
		fmt.Println(err)
		return
	}

	keyring, err := openpgp.ReadArmoredKeyRing(keyRingReader)
	if err != nil {
		fmt.Println("Read Armored Key Ring: " + err.Error())
		return
	}
	entity, err := openpgp.CheckArmoredDetachedSignature(keyring, verification_target, signature)
	if err != nil {
		fmt.Println("Check Detached Signature: " + err.Error())
		return
	}

	fmt.Println(entity)
}

完整代码:https://gist.github.com/lsowen/d420a64821414cd2adfb

英文:

I was able to verify a gpg signature using the following code:

package main

import (
        "fmt"
        "golang.org/x/crypto/openpgp"
        "os"
)

func main() {
        keyRingReader, err := os.Open("signer-pubkey.asc")
        if err != nil {
                fmt.Println(err)
                return
        }

        signature, err := os.Open("signature.asc")
        if err != nil {
                fmt.Println(err)
                return
        }

        verification_target, err := os.Open("mysql-5.7.9-win32.zip")
        if err != nil {
                fmt.Println(err)
                return
        }

        keyring, err := openpgp.ReadArmoredKeyRing(keyRingReader)
        if err != nil {
                fmt.Println("Read Armored Key Ring: " + err.Error())
                return
        }
        entity, err := openpgp.CheckArmoredDetachedSignature(keyring, verification_target, signature)
        if err != nil {
                fmt.Println("Check Detached Signature: " + err.Error())
                return
        }

        fmt.Println(entity)
}

Full code: https://gist.github.com/lsowen/d420a64821414cd2adfb

huangapple
  • 本文由 发表于 2015年11月28日 02:48:48
  • 转载请务必保留本文链接:https://go.coder-hub.com/33963284.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定