diff --git a/README.md b/README.md index 08f583b..2f211ee 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,8 @@ -1. I have a GPG keypair in the same format as the one provided in `test-key.asc`. It is `ed25519`. -2. That key was used to encrypt a file with [age encryption](https://github.com/FiloSottile/age) as shown below -3. I want to decrypt that file, but only have a GPG secret key, as I couldn't - find out how to derive a SSH or age key from it. +# gpg2age -**GOAL**: Derive an age key from the provided GPG key that decrypt the file as -shown below. A SSH key is also enough, since it can be used with `ssh-to-age` to -derive the age key. +Derive private ed25519 SSH key from private PGP key. + +GPG itself only supports exporting _public_ SSH keys and other tools don't work for ed25519 keys. ##### Notes: @@ -13,60 +10,47 @@ derive the age key. - Work on `gnupg` was started for this feature, but never finished see this issue and commit: https://dev.gnupg.org/T6647 -## Example +## Instructions -Example key provided in `test-key.asc` to be imported. Use `--homedir` with -`gpg` to set a temporary `.gnupg` directory +First you need to export your PGP key from GPG: ```sh -❯ gpg --homedir ./gnupg --import test-key.asc impure ❄ ssh-to-age age -gpg: WARNING: unsafe permissions on homedir '/home/pinpox/code/github.com/pinpox/gpg2age/./gnupg' -gpg: key 76188CF30717B54E: public key "test (test) " imported -gpg: key 76188CF30717B54E: secret key imported -gpg: Total number processed: 1 -gpg: imported: 1 -gpg: secret keys read: 1 -gpg: secret keys imported: 1 - -❯ gpg --homedir ./gnupg_testkey/ -K -/home/pinpox/code/github.com/pinpox/gpg2age/./gnupg_testkey/pubring.kbx ------------------------------------------------------------------------ -sec ed25519 2024-03-25 [C] - 9FE4D484B69DB9F5C7AA208E76188CF30717B54E -uid [ultimate] test (test) -ssb ed25519 2024-03-25 [S] -ssb cv25519 2024-03-25 [E] -ssb ed25519 2024-03-25 [A] +❯ gpg2 --export-secret-keys --armor test@test.test >priv-gpg ``` -### Get age key and encrypt test file +Then identify the public SSH key that was used to encrypt your secret. +You can search for your GitHub username in: https://fluence-dao.s3.eu-west-1.amazonaws.com/metadata.json + +If you have multiple subkeys, usually it is the authenticate key highlighted with `[A]` in the output of: ```sh -❯ gpg --homedir ./gnupg --export-ssh-key 9FE4D484B69DB9F5C7AA208E76188CF30717B54E -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICYvKXGcG4a19tTT0Rycbn+D0r/YlKltLJ9dY2gR/Fjx openpgp:0x47C9F3FF +❯ gpg --list-secret-keys --with-keygrip ``` +### Derive private SSH key + ```sh -❯ gpg --homedir ./gnupg --export-ssh-key 9FE4D484B69DB9F5C7AA208E76188CF30717B54E | ssh-to-age impure ❄ ssh-to-age -age18s8m9hvlrwvltgys4lafyyqe356ntc7e06t4kd2nccqm5amsaa2s878mju # saved as age-public-key +❯ go run main.go ``` +It'll ask you for the path to your private PGP key, followed by choosing the key/subkey and if your PGP key is encrypted it'll ask for the passphrase. + +In the output, verify that the public SSH key printed matches the one in `metadata.json`. +If it matches, the last part of the output it will print the matching private SSH key. +You can save the key to a file and use how you want. + +### Example: Decrypt age files + +If you want to decrypt a file that was encryptd by `age` with your public SSH key, you can just use `age` as normal to decrypt the file using the SSH private key that we've got in the previous step: + ```sh -❯ age --encrypt -R age-public-key testfile.txt > testfile.txt.age +❯ age --decrypt --identity ./ssh-secret-key --output decrypted ./testfile.txt.age ``` -### Get secret age key +### Support & Donations -```sh -❯ go run main.go impure ❄ ssh-to-age age -AGE-SECRET-KEY-165W948VSG5QEM0RPEUX8T3K4YXJT2WF83C2GXQH8Q3Q0ZHCTH44SSV0H34 # saved as age-secret-key -``` +This project was built with lots of headaches by [pinpox](https://github.com/pinpox/) & [felschr](https://github.com/felschr/). If you need help, feel free to contact us. -### Try to decrypt -```sh -❯ age --decrypt --identity age-secret-key --output decrypted testfile.txt.age impure ❄ ssh-to-age age -age: error: no identity matched any of the recipients -age: report unexpected or unhelpful errors at https://filippo.io/age/report -``` - -FAIL :( +And if you want to thank us, you can send us any crypto or token to our Ethereum / Polygon wallets 😊: +pinpox: `0x3d479e19ae8d1a67becdaeaf8d2d37c8e425bd03` +felschr: `0xD66753D737603E18018281E298Df86DE402d313E` \ No newline at end of file diff --git a/go.mod b/go.mod index 539d3f4..9aeb8c0 100644 --- a/go.mod +++ b/go.mod @@ -3,9 +3,7 @@ module gpg2age go 1.21.8 require ( - github.com/Mic92/ssh-to-age v0.0.0-20240304065525-796b05d6e3b3 github.com/ProtonMail/go-crypto v1.0.0 - github.com/davecgh/go-spew v1.1.1 golang.org/x/crypto v0.20.0 golang.org/x/term v0.18.0 ) diff --git a/go.sum b/go.sum index 8682c81..c4d2a06 100644 --- a/go.sum +++ b/go.sum @@ -1,13 +1,9 @@ -github.com/Mic92/ssh-to-age v0.0.0-20240304065525-796b05d6e3b3 h1:YT+DB0TTQ/Li1AQOAAP20k2kCT3XndzsprKgTg5GCIc= -github.com/Mic92/ssh-to-age v0.0.0-20240304065525-796b05d6e3b3/go.mod h1:M/OUOt0/3WI/tYzEYBhQNyU5OB1YStcJEkUaTDnjxJI= github.com/ProtonMail/go-crypto v1.0.0 h1:LRuvITjQWX+WIfr930YHG2HNfjR1uOfyf5vE0kC2U78= github.com/ProtonMail/go-crypto v1.0.0/go.mod h1:EjAoLdwvbIOoOQr3ihjnSoLZRtE8azugULFRteWMNc0= github.com/bwesterb/go-ristretto v1.2.3/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0= github.com/cloudflare/circl v1.3.3/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA= github.com/cloudflare/circl v1.3.7 h1:qlCDlTPz2n9fu58M0Nh1J/JzcFpfgkFHHX3O35r5vcU= github.com/cloudflare/circl v1.3.7/go.mod h1:sRTcRWXGLrKw6yIGJ+l7amYJFfAXbZG0kBSc8r4zxgA= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= -github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= diff --git a/main.go b/main.go index f9ec46c..d9d0cdb 100644 --- a/main.go +++ b/main.go @@ -1,33 +1,22 @@ package main import ( - "crypto/sha512" + "encoding/pem" "fmt" "log" "os" - "syscall" - "strings" - "encoding/pem" + "syscall" "github.com/ProtonMail/go-crypto/openpgp" "github.com/ProtonMail/go-crypto/openpgp/armor" - "github.com/ProtonMail/go-crypto/openpgp/eddsa" + "github.com/ProtonMail/go-crypto/openpgp/eddsa" "github.com/ProtonMail/go-crypto/openpgp/packet" "crypto/ed25519" "errors" - "github.com/Mic92/ssh-to-age/bech32" - "github.com/davecgh/go-spew/spew" - "golang.org/x/term" - "golang.org/x/crypto/curve25519" "golang.org/x/crypto/ssh" - // "bytes" - // "golang.org/x/crypto/ssh" - // "golang.org/x/crypto/curve25519" - // "https://pkg.go.dev/crypto/ed25519#PrivateKey - // "crypto/ed25519"ccc1be8d-24dc-41ad-9d66-b657711419d7 + "golang.org/x/term" "reflect" - // "filippo.io/edwards25519" ) func readEntity(keypath string) (*openpgp.Entity, error) { @@ -49,136 +38,79 @@ var ( UnsupportedKeyType = errors.New("only ed25519 keys are supported") ) -func ed25519PrivateKeyToCurve25519(pk ed25519.PrivateKey) ([]byte, error) { - h := sha512.New() - _, err := h.Write(pk.Seed()) - if err != nil { - return []byte{}, err - } - out := h.Sum(nil) - return out[:curve25519.ScalarSize], nil -} - -func SSHPrivateKeyToAge(bytes []byte) (*string, error) { - s, err := bech32.Encode("AGE-SECRET-KEY-", bytes) - if err != nil { - return nil, err - } - s = strings.ToUpper(s) - return &s, nil -} - func main() { - // TODO turn these into CLI inputs - // keyfile := "/home/pinpox/gnutmp/0xA5BCEFD22D30118A.priv.asc" - keyfile := "./test-key.asc" + var keyfile string + log.Println("Enter path to private PGP key (default: ./priv.asc):") + _, err := fmt.Scanf("%s", &keyfile) + if err != nil && err.Error() == "unexpected newline" { + keyfile := "./priv.asc" + } else if err != nil { + log.Fatal(err) + } e, err := readEntity(keyfile) if err != nil { log.Fatal(err) } - spew.Config.MaxDepth = 2 - spew.Config.Indent = " " + log.Println("Keys:") + log.Println("[0]", e.PrimaryKey.KeyIdString()+" (primary)") + for i := 0; i < len(e.Subkeys); i++ { + log.Println(fmt.Sprintf("[%d]", i+1), e.Subkeys[i].PublicKey.KeyIdString()+" (subkey)") + } - log.Println("Keys:") - log.Println("[0]", e.PrimaryKey.KeyIdString() + " (primary)") - for i := 0; i < len(e.Subkeys); i++ { - log.Println(fmt.Sprintf("[%d]", i + 1), e.Subkeys[i].PublicKey.KeyIdString() + " (subkey)") - } + log.Println("Choose key by index (default: 0):") - log.Println("Please choose a key by index (default: 0):") + var keyIndex int + _, err = fmt.Scanf("%d", &keyIndex) + if err != nil && err.Error() == "unexpected newline" { + keyIndex = 0 + } else if err != nil { + log.Fatal(err) + } - var keyIndex int - _, err = fmt.Scanf("%d", &keyIndex) - if err != nil && err.Error() == "unexpected newline" { - keyIndex = 0 - } else if err != nil { - log.Fatal(err) - } + var targetKey *packet.PrivateKey + if keyIndex == 0 { + log.Println(fmt.Sprintf("Continuing with key [%d]", keyIndex), e.PrimaryKey.KeyIdString()) + targetKey = e.PrivateKey + } else if keyIndex > 0 { + var subkey = e.Subkeys[keyIndex-1] + log.Println(fmt.Sprintf("Continuing with key [%d]", keyIndex), subkey.PublicKey.KeyIdString()) + targetKey = subkey.PrivateKey + } else { + log.Fatal("Invalid key index") + } - var targetKey *packet.PrivateKey - if keyIndex == 0 { - log.Println(fmt.Sprintf("Continuing with key [%d]", keyIndex), e.PrimaryKey.KeyIdString()) - targetKey = e.PrivateKey - } else if keyIndex > 0 { - var subkey = e.Subkeys[keyIndex - 1] - log.Println(fmt.Sprintf("Continuing with key [%d]", keyIndex), subkey.PublicKey.KeyIdString()) - targetKey = subkey.PrivateKey - } else { - log.Fatal("Invalid key index") - } + if targetKey.Encrypted { + log.Println("Please enter passphrase to decrypt PGP key:") + bytePassphrase, err := term.ReadPassword(int(syscall.Stdin)) + if err != nil { + log.Fatal(err) + } + targetKey.Decrypt(bytePassphrase) + } - if targetKey.Encrypted { - log.Println("Please enter passphrase to decrypt PGP key:") - bytePassphrase, err := term.ReadPassword(int(syscall.Stdin)) - if err != nil { - log.Fatal(err) - } - targetKey.Decrypt(bytePassphrase) - } + log.Println("private key type:", reflect.TypeOf(targetKey.PrivateKey)) + castkey, ok := targetKey.PrivateKey.(*eddsa.PrivateKey) + if !ok { + log.Fatal("failed to cast") + } - log.Println("private key type:", reflect.TypeOf(targetKey.PrivateKey)) - castkey, ok := targetKey.PrivateKey.(*eddsa.PrivateKey) - if !ok { - log.Fatal("failed to cast") - } - // spew.Dump(castkey) - - // get public key as OpenSSH key - log.Println("public key type:", reflect.TypeOf(castkey.PublicKey)) + log.Println("public key type:", reflect.TypeOf(castkey.PublicKey)) var pubkey ed25519.PublicKey = castkey.PublicKey.X - agePub, err := bech32.Encode("age", pubkey) - if err != nil { - log.Fatal(err) - } - log.Println("public age key:", string(agePub)) - - sshPub, err := ssh.NewPublicKey(pubkey) - if err != nil { - log.Fatal(err) - } - // log.Println("public key SSH key wire format:", sshPub.Marshal()) - // log.Println("public key SHA256:", ssh.FingerprintSHA256(sshPub)) - log.Println("public SSH key:", string(ssh.MarshalAuthorizedKey(sshPub))) - - // TODO: are these the correct bytes? - // var privkey ed25519.PrivateKey = castkey.D - // var privkey ed25519.PrivateKey = castkey.MarshalByteSecret() - var privkey = ed25519.NewKeyFromSeed(castkey.D) - - // TODO is this right? - bytes, err := ed25519PrivateKeyToCurve25519(privkey) + sshPub, err := ssh.NewPublicKey(pubkey) if err != nil { log.Fatal(err) } + log.Println("public SSH key:\n" + string(ssh.MarshalAuthorizedKey(sshPub))) - // bytes = privkee + var privkey = ed25519.NewKeyFromSeed(castkey.D) - // TODO trying to get private key as age key - agekey, err := SSHPrivateKeyToAge(bytes) + privPem, err := ssh.MarshalPrivateKey(&privkey, "") if err != nil { log.Fatal(err) } - fmt.Println(*agekey) - - // TODO trying to get private key as OpenSSH key - privPem, err := ssh.MarshalPrivateKey(privkey, "") - if err != nil { - log.Fatal(err) - } - if err := pem.Encode(os.Stdout, privPem); err != nil { - log.Fatal(err) - } - - // TODO make sure public key is still the same - var priv ed25519.PrivateKey = bytes - var pubkey2 = priv.Public() - // var pubkey2 = privkey.Public() - sshPub2, err := ssh.NewPublicKey(pubkey2) - if err != nil { - log.Fatal(err) - } - log.Println("verify public SSH key:", string(ssh.MarshalAuthorizedKey(sshPub2))) + privateKeyPem := pem.EncodeToMemory(privPem) + log.Println("Private SSH key:\n" + string(privateKeyPem)) }