6

I've been looking through the documentation for Go's openpgp package, and I think I must be missing some obvious points. For example, there's a ReadKeyRing function, but no WriteKeyRing. I can, on the other hand, Serialize an Entity, but I have no way to read it back. What's going on here? Does anyone actually use this package?

Anschel Schaffer-Cohen
  • 901
  • 6
  • 17

2 Answers2

2

An entity represents public+private GPG key information. The ReadKeyRing function allows you to read a list of GPG keys.

The Entity.Serialize function documentation states:

Serialize writes the public part of the given Entity to w. (No private key material will be output).

As it is only the public part of the entity, you can create a new entity with the serialized data as the public key.

A WriteKeyRing does indeed not exist. It would go through the list of entities and extract the public keys into an array.

Kissaki
  • 8,810
  • 5
  • 40
  • 42
  • 1
    Everything you've said is in the documentation, but I still don't understand how to use the package. For example, say I want a program which, when passed one flag, will create a keypair and write it to a file; when passed a different flag it should read that keypair and use it to sign something. How can I do that with only `ReadKeyRing` and `Serialize(Private)`? – Anschel Schaffer-Cohen Oct 15 '11 at 15:56
  • You can not create keypairs with Gos GPG package as it is. You can only use already existant keys. – Kissaki Oct 24 '11 at 13:31
  • 2
    Are you sure? What about http://golang.org/pkg/crypto/openpgp/#Entity.NewEntity ? – Anschel Schaffer-Cohen Oct 26 '11 at 01:29
1

I was also struggeling quite a lot with this - in the end I just learned it by example:

The thinking behind this is not made for a user, but seems to come strongly out of the actual way pgp is technically implemented.

I would suggest to generate the keys not via the package but just with a pgp command line tool.

Andreas
  • 1,691
  • 1
  • 15
  • 34