chainkd

package
v1.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 23, 2020 License: AGPL-3.0 Imports: 11 Imported by: 54

Documentation

Overview

Package chainkd This is an extension to ed25519.Sign that is compatible with NaCl `crypto_sign` function taking 64-byte expanded private key (where the left part is a pre-multiplied scalar and the right part is "prefix" used for generating a nonce).

Invariants: 1) Expanded(PrivateKey).Sign() == PrivateKey.Sign() 2) InnerSign(Expanded(PrivateKey)) == Sign(PrivateKey)

Index

Constants

View Source
const (
	// ExpandedPrivateKeySize is the size, in bytes, of a "secret key" as defined in NaCl.
	ExpandedPrivateKeySize = 64
)

Variables

View Source
var (
	ErrBadKeyLen = errors.New("bad key length")
	ErrBadKeyStr = errors.New("bad key string")
)

Functions

func Ed25519InnerSign added in v0.4.0

func Ed25519InnerSign(privateKey ExpandedPrivateKey, message []byte) []byte

Ed25519InnerSign signs the message with expanded private key and returns a signature. It will panic if len(privateKey) is not ExpandedPrivateKeySize.

func NewXKeys

func NewXKeys(r io.Reader) (xprv XPrv, xpub XPub, err error)

func XPubKeys

func XPubKeys(xpubs []XPub) []ed25519.PublicKey

Types

type ExpandedPrivateKey added in v0.4.0

type ExpandedPrivateKey []byte

ExpandedPrivateKey is the type of NaCl secret keys. It implements crypto.Signer.

func (ExpandedPrivateKey) Public added in v0.4.0

func (priv ExpandedPrivateKey) Public() crypto.PublicKey

Public returns the PublicKey corresponding to secret key.

func (ExpandedPrivateKey) Sign added in v0.4.0

func (priv ExpandedPrivateKey) Sign(rand io.Reader, message []byte, opts crypto.SignerOpts) (signature []byte, err error)

Sign signs the given message with expanded private key. Ed25519 performs two passes over messages to be signed and therefore cannot handle pre-hashed messages. Thus opts.HashFunc() must return zero to indicate the message hasn't been hashed. This can be achieved by passing crypto.Hash(0) as the value for opts.

type XPrv

type XPrv [64]byte

XPrv external private key

func NewXPrv

func NewXPrv(r io.Reader) (xprv XPrv, err error)

NewXPrv takes a source of random bytes and produces a new XPrv. If r is nil, crypto/rand.Reader is used.

func RootXPrv added in v0.4.0

func RootXPrv(seed []byte) (xprv XPrv)

RootXPrv takes a seed binary string and produces a new xprv.

func (XPrv) Bytes

func (xprv XPrv) Bytes() []byte

func (XPrv) Child

func (xprv XPrv) Child(sel []byte, hardened bool) XPrv

Child derives a child xprv based on `selector` string and `hardened` flag. If `hardened` is false, child xpub can be derived independently from the parent xpub without using the parent xprv. If `hardened` is true, child key can only be derived from the parent xprv.

func (XPrv) Derive

func (xprv XPrv) Derive(path [][]byte) XPrv

Derive generates a child xprv by recursively deriving non-hardened child xprvs over the list of selectors: `Derive([a,b,c,...]) == Child(a).Child(b).Child(c)...`

func (XPrv) ExpandedPrivateKey added in v0.4.0

func (xprv XPrv) ExpandedPrivateKey() ExpandedPrivateKey

ExpandedPrivateKey generates a 64-byte key where the first half is the scalar copied from xprv, and the second half is the `prefix` is generated via PRF from the xprv.

func (XPrv) MarshalText

func (xprv XPrv) MarshalText() ([]byte, error)

func (XPrv) Sign

func (xprv XPrv) Sign(msg []byte) []byte

Sign creates an EdDSA signature using expanded private key derived from the xprv.

func (XPrv) String

func (xprv XPrv) String() string

func (*XPrv) UnmarshalText

func (xprv *XPrv) UnmarshalText(inp []byte) error

func (XPrv) XPub

func (xprv XPrv) XPub() (xpub XPub)

XPub derives an extended public key from a given xprv.

type XPub

type XPub [64]byte

XPub external public key

func DeriveXPubs

func DeriveXPubs(xpubs []XPub, path [][]byte) []XPub

func (XPub) Bytes

func (xpub XPub) Bytes() []byte

func (XPub) Child

func (xpub XPub) Child(sel []byte) (res XPub)

Child derives a child xpub based on `selector` string. The corresponding child xprv can be derived from the parent xprv using non-hardened derivation: `parentxprv.Child(sel, false)`.

func (XPub) Derive

func (xpub XPub) Derive(path [][]byte) XPub

Derive generates a child xpub by recursively deriving non-hardened child xpubs over the list of selectors: `Derive([a,b,c,...]) == Child(a).Child(b).Child(c)...`

func (XPub) MarshalText

func (xpub XPub) MarshalText() ([]byte, error)

func (XPub) PublicKey

func (xpub XPub) PublicKey() ed25519.PublicKey

PublicKey extracts the ed25519 public key from an xpub.

func (XPub) String

func (xpub XPub) String() string

func (*XPub) UnmarshalText

func (xpub *XPub) UnmarshalText(inp []byte) error

func (XPub) Verify

func (xpub XPub) Verify(msg []byte, sig []byte) bool

Verify checks an EdDSA signature using public key extracted from the first 32 bytes of the xpub.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL