Documentation
¶
Overview ¶
Package bip25519 deals with BIP32-Ed25519 keys as specified in paper by Khovratovich and Law. Private key generated by this package are in an expanded form and can't be used with most of standard crypto tools and libraries
Example ¶
package main
import (
"crypto"
"crypto/ed25519"
"crypto/rand"
"crypto/sha256"
"encoding/hex"
"fmt"
"github.com/ecadlabs/hdw"
"github.com/ecadlabs/hdw/bip25519"
)
var seedData = "fffcf9f6f3f0edeae7e4e1dedbd8d5d2cfccc9c6c3c0bdbab7b4b1aeaba8a5a29f9c999693908d8a8784817e7b7875726f6c696663605d5a5754514e4b484542"
func main() {
// alternatively use hdw.NewSeedFromMnemonic
seed, err := hex.DecodeString(seedData)
if err != nil {
panic(err)
}
// generate the root key
root := bip25519.NewKeyFromSeed(seed, nil)
if root == nil {
panic("unusable seed")
}
path := hdw.Path{0, 1, 2}
// generate the derivative child private key
priv, err := root.DerivePath(path)
if err != nil {
panic(err)
}
digest := sha256.Sum256([]byte("text"))
sig, err := priv.Sign(rand.Reader, digest[:], crypto.Hash(0))
if err != nil {
panic(err)
}
// get the corresponding public key
pub := priv.Public()
// verify the signature
ok := ed25519.Verify(pub.(ed25519.PublicKey), digest[:], sig)
fmt.Printf("signature ok: %t\n", ok)
// derive the public key from the root's public
pub2, err := root.ExtendedPublic().DerivePath(path)
if err != nil {
panic(err)
}
// verify the signature
ok = ed25519.Verify(pub2.Naked().(ed25519.PublicKey), digest[:], sig)
fmt.Printf("signature ok: %t\n", ok)
}
Output: signature ok: true signature ok: true
Index ¶
Examples ¶
Constants ¶
const (
// MinSeedSize is the minimal allowed seed byte length
MinSeedSize = 32
)
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Mode ¶
type Mode int
Mode is the mode of root key generation
const ( ModeDefault Mode = iota // NewKeyFromSeed will return nil if the seed gave an unusable hash as specified in original paper by Khovratovich and Law ModeRetry // NewKeyFromSeed will rehash the result if the first attempt gave an unusable hash ModeForce // Clear undesired bits of the hash and continue )
type PrivateKey ¶
type PrivateKey struct {
ex25519.PrivateKey
ChainCode []byte
}
PrivateKey is the extended Ed25519 private key. It implements hdw.PrivateKey
func NewKeyFromSeed ¶
func NewKeyFromSeed(seed []byte, opt *Options) *PrivateKey
NewKeyFromSeed generates the root key from the seed
func (*PrivateKey) Derive ¶
func (p *PrivateKey) Derive(index uint32) (hdw.PrivateKey, error)
Derive returns a child key of the receiver using a single index
func (*PrivateKey) DerivePath ¶
func (s *PrivateKey) DerivePath(path hdw.Path) (hdw.PrivateKey, error)
Derive returns a child key of the receiver using a full path
func (*PrivateKey) ExtendedPublic ¶
func (p *PrivateKey) ExtendedPublic() hdw.PublicKey
ExtendedPublic returns the extended public key corresponding to the receiver
func (*PrivateKey) Naked ¶
func (p *PrivateKey) Naked() crypto.PrivateKey
Naked returns the naked private key of type ex25519.PrivateKey. This type implements crypto.Signer but it can't be used with the standard crypto library as it keeps the key data in expanded form which is equivalent to the Ed25519 post-hash 512 bit value
Source Files
Directories