diff --git a/README.md b/README.md new file mode 100644 index 0000000..7640110 --- /dev/null +++ b/README.md @@ -0,0 +1,40 @@ + +Example key provided in `./gnupg` + +``` +❯ gpg --homedir ./gnupg_testkey/ -K +/home/pinpox/code/github.com/pinpox/gpg2age/./gnupg_testkey/pubring.kbx +----------------------------------------------------------------------- +sec ed25519 2024-03-25 [C] + 9FE4D484B69DB9F5C7AA208E76188CF30717B54E +uid [ultimate] test (test) +ssb ed25519 2024-03-25 [S] +ssb cv25519 2024-03-25 [E] +ssb ed25519 2024-03-25 [A] +``` + +### Get age key and encrypt test file + +```sh +❯ gpg --homedir ./gnupg --export-ssh-key 9FE4D484B69DB9F5C7AA208E76188CF30717B54E +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICYvKXGcG4a19tTT0Rycbn+D0r/YlKltLJ9dY2gR/Fjx openpgp:0x47C9F3FF +``` + +```sh +❯ gpg --homedir ./gnupg --export-ssh-key 9FE4D484B69DB9F5C7AA208E76188CF30717B54E | ssh-to-age impure ❄ ssh-to-age +age18s8m9hvlrwvltgys4lafyyqe356ntc7e06t4kd2nccqm5amsaa2s878mju # saved as age-public-key +``` + +```sh +❯ age --encrypt -R age-public-key testfile.txt > testfile.txt.age +``` + +### Try to decrypt + +```sh +❯ age --decrypt --identity age-secret-key --output decrypted testfile.txt.age impure ❄ ssh-to-age age +age: error: no identity matched any of the recipients +age: report unexpected or unhelpful errors at https://filippo.io/age/report +``` + +FAIL :( diff --git a/age-public-key b/age-public-key new file mode 100644 index 0000000..026d4f5 --- /dev/null +++ b/age-public-key @@ -0,0 +1 @@ +age18s8m9hvlrwvltgys4lafyyqe356ntc7e06t4kd2nccqm5amsaa2s878mju diff --git a/age-secret-key b/age-secret-key new file mode 100644 index 0000000..64b2a91 --- /dev/null +++ b/age-secret-key @@ -0,0 +1 @@ +AGE-SECRET-KEY-165W948VSG5QEM0RPEUX8T3K4YXJT2WF83C2GXQH8Q3Q0ZHCTH44SSV0H34 diff --git a/gnupg/pubring.kbx b/gnupg/pubring.kbx new file mode 100644 index 0000000..6dd583c Binary files /dev/null and b/gnupg/pubring.kbx differ diff --git a/gnupg/trustdb.gpg b/gnupg/trustdb.gpg new file mode 100644 index 0000000..dd1c247 Binary files /dev/null and b/gnupg/trustdb.gpg differ diff --git a/main.go b/main.go index c123d2b..f3f43e3 100644 --- a/main.go +++ b/main.go @@ -16,12 +16,14 @@ import ( "crypto/ed25519" "errors" "github.com/Mic92/ssh-to-age/bech32" + "github.com/davecgh/go-spew/spew" "golang.org/x/crypto/curve25519" - // "github.com/davecgh/go-spew/spew" // "bytes" // "golang.org/x/crypto/ssh" // "golang.org/x/crypto/curve25519" - // "reflect" + // "https://pkg.go.dev/crypto/ed25519#PrivateKey + // "crypto/ed25519"ccc1be8d-24dc-41ad-9d66-b657711419d7 + "reflect" // "filippo.io/edwards25519" ) @@ -54,12 +56,7 @@ func ed25519PrivateKeyToCurve25519(pk ed25519.PrivateKey) ([]byte, error) { return out[:curve25519.ScalarSize], nil } -func SSHPrivateKeyToAge(privatekey ed25519.PrivateKey, passphrase []byte) (*string, error) { - - bytes, err := ed25519PrivateKeyToCurve25519(privatekey) - if err != nil { - return nil, err - } +func SSHPrivateKeyToAge(bytes, passphrase []byte) (*string, error) { s, err := bech32.Encode("AGE-SECRET-KEY-", bytes) if err != nil { @@ -71,22 +68,31 @@ func SSHPrivateKeyToAge(privatekey ed25519.PrivateKey, passphrase []byte) (*stri func main() { - e, err := readEntity("test-key.asc") + keyfile := "./gnupg/test-key.asc" + + e, err := readEntity(keyfile) if err != nil { log.Fatal(err) } - // log.Println(reflect.TypeOf(e.PrivateKey.PrivateKey)) - + spew.Config.MaxDepth = 2 + spew.Config.Indent = " " + log.Println(reflect.TypeOf(e.PrivateKey.PrivateKey)) castkey, ok := e.PrivateKey.PrivateKey.(*eddsa.PrivateKey) if !ok { log.Fatal("failed to cast") } - // spew.Dump(castkey) + spew.Dump(castkey) - // TODO: Not sure if these are the correct bytes ?????? - agekey, err := SSHPrivateKeyToAge(castkey.D, []byte{}) + // TODO: are these the correct bytes? + var privkey ed25519.PrivateKey = castkey.D + bytes, err := ed25519PrivateKeyToCurve25519(privkey) + if err != nil { + log.Fatal(err) + } + + agekey, err := SSHPrivateKeyToAge(bytes, []byte{}) if err != nil { log.Fatal(err) } diff --git a/ssh-pubkey b/ssh-pubkey new file mode 100644 index 0000000..a771288 --- /dev/null +++ b/ssh-pubkey @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICYvKXGcG4a19tTT0Rycbn+D0r/YlKltLJ9dY2gR/Fjx openpgp:0x47C9F3FF diff --git a/test-key.asc b/test-key.asc index 28b6294..e2ffe57 100644 --- a/test-key.asc +++ b/test-key.asc @@ -1,15 +1,26 @@ -----BEGIN PGP PRIVATE KEY BLOCK----- -lFgEZfs3+hYJKwYBBAHaRw8BAQdA84KtNLJxo2+ouxNljoM1WFWFgQ8p5OruK9wF -VciSD88AAQCk+SB8eNvB8Hlh5DZaDa6/CmIlVn4mUvtfEJiHeG2FOg8QtBR0ZXN0 -IDx0ZXN0QHRlc3QuY29tPoiZBBMWCgBBFiEEtlDulB3vc9KgkwiDlRKRhMfGt/wF -AmX7N/oCGwMFCQWjmoAFCwkIBwICIgIGFQoJCAsCBBYCAwECHgcCF4AACgkQlRKR -hMfGt/xSBwEAqCZ8UZy757lz9ydWTM0DmlS6f2uCrnKZrtdl6R9Gr5UA/itADi8T -wvjQNE7AuNC8f4vTo6j5oyNn3EcirKewQ6oPnF0EZfs3+hIKKwYBBAGXVQEFAQEH -QDBidLlxD/45Qm/ptsndH9sO+KyJmTMFvDrEa8PuI1pAAwEIBwAA/2vJFIBIXPfo -J/uKbcYQtuFqkxhQIHXZCVz1u/bmlPLQEuqIfgQYFgoAJhYhBLZQ7pQd73PSoJMI -g5USkYTHxrf8BQJl+zf6AhsMBQkFo5qAAAoJEJUSkYTHxrf8oSMA/2kGBPEiL6lm -4lJnV4Sju5XlhQgtJ1gMoXQd90xHyyL1AP4h+cq+z6vDMV0epoIw85PU1aNlfKoE -551zUvwEsJa0Ag== -=UGWS +lFgEZgGUQBYJKwYBBAHaRw8BAQdAMKqz0/asx4jNcVll94PNWK0GhUbJn2vvLWZu +xos9Oz4AAQDC2iB2GpUXbtJMPyn7x9T+jZDP5s0DFR9va2V/upKfchBytBt0ZXN0 +ICh0ZXN0KSA8dGVzdEB0ZXN0LmNvbT6IkwQTFgoAOxYhBJ/k1IS2nbn1x6ogjnYY +jPMHF7VOBQJmAZRAAhsBBQsJCAcCAiICBhUKCQgLAgQWAgMBAh4HAheAAAoJEHYY +jPMHF7VOvpMBAJJi5eOZVErrSHyvSfic4LufaR7fUd89L9eynHSx5Cp5AQCZogU5 +HSv+paIFol1TAE6+NmmowMB1AfoPRfgmJkEvDJxYBGYBlSMWCSsGAQQB2kcPAQEH +QInBN59L8q33LhfUuxJCR/DSsoQCJA0lkXnxrm9R6q+sAAD+I5FMI4vPF90QuU6T +C80aGfQ6etYMQc1iUAPEAlB0LzQNXojvBBgWCgAgFiEEn+TUhLadufXHqiCOdhiM +8wcXtU4FAmYBlSMCGwIAgQkQdhiM8wcXtU52IAQZFgoAHRYhBCdPmI8t9EpgeCgC +WfMLK/n7oQXBBQJmAZUjAAoJEPMLK/n7oQXBN2gBAN8oHUADMQ8WDduc2Elhjiaw +aQ19ygb3rpcHrNW1rlWeAQCTVM4oogoecqYGDthvHV+5wk6nYhkpuLkDKm1hgTep +C3Q+AP9mE3YjRNcpeGZVceqsiPcdLUEfbMTqAYfAOAmn9FRUpwEA6SXje0n6umix +ArKnOkPfH9ctJxMGdJmti8Oo8y0ovAScXQRmAZUwEgorBgEEAZdVAQUBAQdARxBe +90CUDkw7l0PHidsEueTLijE9eXZ01JlHLDoZx2ADAQgHAAD/egF2H4MKU6pEU2ar +uuKfpa+TJg1I6WlhQoraoWgJ3nAPl4h4BBgWCgAgFiEEn+TUhLadufXHqiCOdhiM +8wcXtU4FAmYBlTACGwwACgkQdhiM8wcXtU5H2wD/Q4etKCvgr4WTJ/9iON+Ptwm/ +P/KJrtSi2QKB0ZlCJFMBAOFkBbjsFDYxfWyX1uu4mQyBHB9dFEKExlmQMaWbgF0C +nFgEZgGVShYJKwYBBAHaRw8BAQdAJi8pcZwbhrX21NPRHJxuf4PSv9iUqW0sn11j +aBH8WPEAAP4wjI46SYrEwGL8kOAfAsVmsYW1Cwo4uKL44Nj7qolUUhIJiHgEGBYK +ACAWIQSf5NSEtp259ceqII52GIzzBxe1TgUCZgGVSgIbIAAKCRB2GIzzBxe1TpHO +AP9rBhTpMlh89hXBXl74V3dW6ACI79udkSbl8APYP2KUHwEAj5+PDPqO1kTNT4/o +D3FU4DR8FKcXGRCSOnDCEIA+nA0= +=24OF -----END PGP PRIVATE KEY BLOCK----- diff --git a/testfile.txt b/testfile.txt new file mode 100644 index 0000000..a47f3eb --- /dev/null +++ b/testfile.txt @@ -0,0 +1 @@ +This is some secret text diff --git a/testfile.txt.age b/testfile.txt.age new file mode 100644 index 0000000..aa65a26 --- /dev/null +++ b/testfile.txt.age @@ -0,0 +1,5 @@ +age-encryption.org/v1 +-> X25519 XM0StGPW8M4eD+lA5iNrkaC+gWoV+q7QSBld/vvR3iY +NqvNuPIYKOL/w3ZgAcBUmcS1WEcYUGPprdqacZlqWqg +--- zF6LCW7uBZqp+twB5K7KmP2fWpiqSXs8S5Ic0DI2wUI +IB T^W6nHp~(THEӥ:/ϰzdNg8S!ψL \ No newline at end of file