Documentation ¶
Index ¶
- Variables
- func BoxOpen(encrypted []byte, sender *X25519PublicKey, recipient *X25519Key) ([]byte, error)
- func BoxSeal(b []byte, recipient *X25519PublicKey, sender *X25519Key) []byte
- func Bytes16(b []byte) *[16]byte
- func Bytes24(b []byte) *[24]byte
- func Bytes32(b []byte) *[32]byte
- func Bytes64(b []byte) *[64]byte
- func DecryptWithPassword(encrypted []byte, password string) ([]byte, error)
- func EncodeKey(key Key, enc Encoding, password string) (string, error)
- func EncodeSSHKey(key Key, password string) (string, error)
- func EncodeSaltpackKey(key Key, password string) (string, error)
- func EncryptWithPassword(b []byte, password string) []byte
- func HKDFSHA256(secret []byte, len int, salt []byte, info []byte) []byte
- func HMACSHA256(key []byte, msg []byte) []byte
- func IDsToString(ids []ID, delim string) string
- func IDsToStrings(ids []ID) []string
- func IsTemporaryError(err error) bool
- func IsValidID(s string) bool
- func KeyForPassword(password string, salt []byte) (*[32]byte, error)
- func NewErrNotFound(id string) error
- func PublicKeyIDEquals(expected ID, kid ID) bool
- func Rand16() *[16]byte
- func Rand24() *[24]byte
- func Rand32() *[32]byte
- func Rand32P4(n uint32) *[32]byte
- func RandBytes(length int) []byte
- func RandFileName() string
- func RandPassword(length int) string
- func RandPhrase() string
- func RandTempPath() string
- func RandUsername(length int) string
- func RandWords(numWords int) string
- func RetryE(fn func() error) error
- func RetrySE(fn func() (string, error)) (string, error)
- func SecretBoxOpen(encrypted []byte, secretKey *[32]byte) ([]byte, error)
- func SecretBoxSeal(b []byte, secretKey *[32]byte) []byte
- func SetLogger(l Logger)
- func SigchainHash(st *Statement) (*[32]byte, error)
- func StatementKey(kid ID, seq int) string
- type Address
- type Brand
- type CertificateKey
- type EdX25519Key
- func (k *EdX25519Key) Bytes() []byte
- func (k *EdX25519Key) Bytes64() *[64]byte
- func (k *EdX25519Key) EncodeToSSH(password []byte) ([]byte, error)
- func (k *EdX25519Key) Equal(o *EdX25519Key) bool
- func (k *EdX25519Key) ID() ID
- func (k *EdX25519Key) MarshalText() ([]byte, error)
- func (k *EdX25519Key) PrivateKey() *[ed25519.PrivateKeySize]byte
- func (k *EdX25519Key) PublicKey() *EdX25519PublicKey
- func (k *EdX25519Key) SSHSigner() ssh.Signer
- func (k *EdX25519Key) Seed() *[ed25519.SeedSize]byte
- func (k *EdX25519Key) Sign(b []byte) []byte
- func (k *EdX25519Key) SignDetached(b []byte) []byte
- func (k *EdX25519Key) Signer() crypto.Signer
- func (k *EdX25519Key) String() string
- func (k *EdX25519Key) Type() KeyType
- func (k *EdX25519Key) UnmarshalText(s []byte) error
- func (k *EdX25519Key) X25519Key() *X25519Key
- type EdX25519PublicKey
- func (s *EdX25519PublicKey) Bytes() []byte
- func (s *EdX25519PublicKey) Bytes32() *[32]byte
- func (k *EdX25519PublicKey) EncodeToSSHAuthorized() []byte
- func (s *EdX25519PublicKey) ID() ID
- func (s *EdX25519PublicKey) String() string
- func (s *EdX25519PublicKey) Type() KeyType
- func (s *EdX25519PublicKey) Verify(b []byte) ([]byte, error)
- func (s *EdX25519PublicKey) VerifyDetached(sig []byte, b []byte) error
- func (s *EdX25519PublicKey) X25519PublicKey() *X25519PublicKey
- type Encoding
- type ErrNotFound
- type ID
- type IDSet
- type Key
- func Convert(key Key, to KeyType) (Key, error)
- func DecodeKey(s string, enc Encoding, password string) (Key, error)
- func DecodeSaltpackKey(msg string, password string, isHTML bool) (Key, error)
- func ParseKey(b []byte, password string) (Key, error)
- func ParseSSHKey(pemBytes []byte, passphrase []byte, trim bool) (Key, error)
- func ParseSSHPublicKey(s string) (Key, error)
- type KeyType
- type LogLevel
- type Logger
- type Sigchain
- func (s *Sigchain) Add(st *Statement) error
- func (s *Sigchain) AddAll(statements []*Statement) error
- func (s *Sigchain) FindAll(typ string) []*Statement
- func (s *Sigchain) FindLast(typ string) *Statement
- func (s *Sigchain) IsRevoked(seq int) bool
- func (s *Sigchain) KID() ID
- func (s *Sigchain) Last() *Statement
- func (s *Sigchain) LastSeq() int
- func (s *Sigchain) Length() int
- func (s *Sigchain) Revoke(revoke int, sk *EdX25519Key) (*Statement, error)
- func (s *Sigchain) Spew() *bytes.Buffer
- func (s *Sigchain) Statements() []*Statement
- func (s *Sigchain) VerifyStatement(st *Statement, prev *Statement) error
- type Sigchains
- func (s *Sigchains) Delete(kid ID) (bool, error)
- func (s *Sigchains) Exists(kid ID) (bool, error)
- func (s *Sigchains) Index(key Key) error
- func (s *Sigchains) KIDs() ([]ID, error)
- func (s *Sigchains) Lookup(kid ID) (ID, error)
- func (s *Sigchains) Save(sc *Sigchain) error
- func (s *Sigchains) SetClock(clock tsutil.Clock)
- func (s *Sigchains) Sigchain(kid ID) (*Sigchain, error)
- type Statement
- func NewRevokeStatement(sc *Sigchain, revoke int, sk *EdX25519Key) (*Statement, error)
- func NewSigchainStatement(sc *Sigchain, b []byte, sk *EdX25519Key, typ string, ts time.Time) (*Statement, error)
- func NewSignedStatement(b []byte, sk *EdX25519Key, typ string, ts time.Time) *Statement
- func NewStatement(sig []byte, data []byte, spk StatementPublicKey, seq int, prev []byte, ...) (*Statement, error)
- func NewUnverifiedStatement(sig []byte, data []byte, kid ID, seq int, prev []byte, revoke int, typ string, ...) (*Statement, error)
- type StatementPublicKey
- type X25519Key
- func (k *X25519Key) Bytes() []byte
- func (k *X25519Key) Bytes32() *[32]byte
- func (k *X25519Key) ID() ID
- func (k *X25519Key) Open(b []byte, nonce *[24]byte, sender *X25519PublicKey) ([]byte, bool)
- func (k *X25519Key) PrivateKey() *[32]byte
- func (k *X25519Key) PublicKey() *X25519PublicKey
- func (k *X25519Key) Seal(b []byte, nonce *[24]byte, recipient *X25519PublicKey) []byte
- func (k *X25519Key) Type() KeyType
- type X25519PublicKey
Examples ¶
Constants ¶
This section is empty.
Variables ¶
var ErrVerifyFailed = errors.New("verify failed")
ErrVerifyFailed if key verify failed.
Functions ¶
func BoxOpen ¶
func BoxOpen(encrypted []byte, sender *X25519PublicKey, recipient *X25519Key) ([]byte, error)
BoxOpen decrypts a message from a sender.
func BoxSeal ¶
func BoxSeal(b []byte, recipient *X25519PublicKey, sender *X25519Key) []byte
BoxSeal encrypts a message to a recipient.
Example ¶
package main import ( "fmt" "log" "github.com/keys-pub/keys" ) func main() { ak := keys.GenerateX25519Key() bk := keys.GenerateX25519Key() msg := "Hey bob, it's alice. The passcode is 12345." encrypted := keys.BoxSeal([]byte(msg), bk.PublicKey(), ak) out, err := keys.BoxOpen(encrypted, ak.PublicKey(), bk) if err != nil { log.Fatal(err) } fmt.Printf("%s\n", string(out)) }
Output: Hey bob, it's alice. The passcode is 12345.
func DecryptWithPassword ¶
DecryptWithPassword decrypts bytes using a password. It assumes a 16 byte salt before the encrypted bytes.
func EncodeSSHKey ¶ added in v0.1.1
EncodeSSHKey encodes key to SSH.
func EncodeSaltpackKey ¶ added in v0.1.1
EncodeSaltpackKey encrypts a key to saltpack with password.
func EncryptWithPassword ¶
EncryptWithPassword encrypts bytes with a password. Uses argon2.IDKey(password, salt, 1, 64*1024, 4, 32) with 16 byte salt. The salt bytes are prepended to the encrypted bytes. This uses nacl.secretbox, so the bytes/message should be small. If you need to encrypt large amounts of data, use Saltpack instead (TODO: More details here).
func HKDFSHA256 ¶
HKDFSHA256 expands a secret into another secret using HKDF with SHA256. The `len` for output byte length. The `salt` is non-secret salt, optional (can be nil), recommended: hash-length random value. The `info` is non-secret context info, optional (can be empty).
func HMACSHA256 ¶
HMACSHA256 does a HMAC-SHA256 on msg with key.
func IDsToString ¶
IDsToString returns string for joined Ikeys.
func IsTemporaryError ¶
IsTemporaryError returns true if the error has Temporary() function and that returns true
func KeyForPassword ¶
KeyForPassword generates a key from a password and salt.
func PublicKeyIDEquals ¶
PublicKeyIDEquals returns true if public keys are equal. It will also compare EdX25519 public keys and X25519 public keys.
func RandFileName ¶
func RandFileName() string
RandFileName returns a unique random file name. RandFileName() => CTGMMOLLZCXMGP7VR4BHKAI7PE
func RandPassword ¶
RandPassword returns a random password. It uses a-zA-Z0-9. It will contain an uppercase, a lowercase and a number. It will try not to repeat characters.
func RandPhrase ¶
func RandPhrase() string
RandPhrase creates random phrase (BIP39 encoded random 32 bytes).
func RandTempPath ¶
func RandTempPath() string
RandTempPath returns a unique random file name in os.TempDir. RandTempPath() => "/tmp/CTGMMOLLZCXMGP7VR4BHKAI7PE"
func RandUsername ¶
RandUsername returns random lowercase string of length.
func RetryE ¶
RetryE will retry the fn (error) if the error is temporary (such as a temporary net.Error)
func RetrySE ¶
RetrySE will retry the fn (string, error) if the error is temporary (such as a temporary net.Error)
func SecretBoxOpen ¶
SecretBoxOpen decrypt using a key. It assumes a 24 byte nonce before the encrypted bytes.
func SecretBoxSeal ¶
SecretBoxSeal encrypts using a key. It prepends a 24 byte nonce to the the encrypted bytes.
func SigchainHash ¶
SigchainHash returns hash for Sigchain Statement.
func StatementKey ¶
StatementKey returns key for Statement kid,seq. If seq is <= 0, then there is no key. Path looks like "kpe1a4yj333g68pvd6hfqvufqkv4vy54jfe6t33ljd3kc9rpfty8xlgsfte2sn-000000000000001".
Types ¶
type Address ¶
type Address struct {
// contains filtered or unexported fields
}
Address is a canonical list of IDs.
func NewAddress ¶
NewAddress returns an Address from a list of IDs.
func ParseAddress ¶
ParseAddress returns address from a string.
type Brand ¶
type Brand string
Brand is saltpack brand.
const EdX25519Brand Brand = "EDX25519 KEY"
EdX25519Brand is saltpack brand for EdX25519 key.
const X25519Brand Brand = "X25519 KEY"
X25519Brand is saltpack brand for X25519 key.
type CertificateKey ¶
type CertificateKey struct {
// contains filtered or unexported fields
}
CertificateKey with is a PEM encoded X.509v3 certificate (public key) and a PEM encoded EC private key.
func GenerateCertificateKey ¶
func GenerateCertificateKey(commonName string, isCA bool, parent *x509.Certificate) (*CertificateKey, error)
GenerateCertificateKey creates a certificate key.
func NewCertificateKey ¶
func NewCertificateKey(private string, public string) (*CertificateKey, error)
NewCertificateKey from PEM encoded X.509v3 certificate data and PEM encoded EC private key ASN.1, DER format
func (CertificateKey) Private ¶
func (c CertificateKey) Private() string
Private returns a PEM encoded EC private key ASN.1, DER format.
func (CertificateKey) Public ¶
func (c CertificateKey) Public() string
Public returns a PEM encoded X.509v3 certificate.
func (CertificateKey) TLSCertificate ¶
func (c CertificateKey) TLSCertificate() tls.Certificate
TLSCertificate returns a tls.Certificate.
func (CertificateKey) X509Certificate ¶
func (c CertificateKey) X509Certificate() (*x509.Certificate, error)
X509Certificate returns a x509.Certificate.
type EdX25519Key ¶
type EdX25519Key struct {
// contains filtered or unexported fields
}
EdX25519Key is a EdX25519 key capable of signing and encryption (converted to a X25519 key).
func GenerateEdX25519Key ¶
func GenerateEdX25519Key() *EdX25519Key
GenerateEdX25519Key generates a EdX25519Key (EdX25519).
Example ¶
package main import ( "fmt" "github.com/keys-pub/keys" ) func main() { alice := keys.GenerateEdX25519Key() fmt.Printf("Alice: %s\n", alice.ID()) }
Output:
func NewEdX25519KeyFromPrivateKey ¶
func NewEdX25519KeyFromPrivateKey(privateKey *[ed25519.PrivateKeySize]byte) *EdX25519Key
NewEdX25519KeyFromPrivateKey constructs EdX25519Key from a private key. The public key is derived from the private key.
func NewEdX25519KeyFromSeed ¶
func NewEdX25519KeyFromSeed(seed *[ed25519.SeedSize]byte) *EdX25519Key
NewEdX25519KeyFromSeed constructs EdX25519Key from an ed25519 seed. The private key is derived from this seed and the public key is derived from the private key.
func (*EdX25519Key) EncodeToSSH ¶
func (k *EdX25519Key) EncodeToSSH(password []byte) ([]byte, error)
EncodeToSSH encodes a EdX25519Key for SSH.
func (*EdX25519Key) Equal ¶
func (k *EdX25519Key) Equal(o *EdX25519Key) bool
Equal returns true if equal to key.
func (*EdX25519Key) MarshalText ¶
func (k *EdX25519Key) MarshalText() ([]byte, error)
MarshalText for encoding.TextMarshaler interface.
func (*EdX25519Key) PrivateKey ¶
func (k *EdX25519Key) PrivateKey() *[ed25519.PrivateKeySize]byte
PrivateKey returns private key part.
func (*EdX25519Key) PublicKey ¶
func (k *EdX25519Key) PublicKey() *EdX25519PublicKey
PublicKey returns public part.
func (*EdX25519Key) Seed ¶
func (k *EdX25519Key) Seed() *[ed25519.SeedSize]byte
Seed returns information on how to generate this key from ed25519 package seed.
func (*EdX25519Key) Sign ¶
func (k *EdX25519Key) Sign(b []byte) []byte
Sign bytes with the (sign) private key.
Example ¶
package main import ( "fmt" "log" "github.com/keys-pub/keys" ) func main() { alice := keys.GenerateEdX25519Key() msg := "I'm alice 🤓" sig := alice.Sign([]byte(msg)) out, err := alice.PublicKey().Verify(sig) if err != nil { log.Fatal(err) } fmt.Printf("%s\n", string(out)) }
Output: I'm alice 🤓
func (*EdX25519Key) SignDetached ¶
func (k *EdX25519Key) SignDetached(b []byte) []byte
SignDetached sign bytes detached.
func (*EdX25519Key) String ¶
func (k *EdX25519Key) String() string
func (*EdX25519Key) UnmarshalText ¶
func (k *EdX25519Key) UnmarshalText(s []byte) error
UnmarshalText for encoding.TextUnmarshaler interface.
func (*EdX25519Key) X25519Key ¶
func (k *EdX25519Key) X25519Key() *X25519Key
X25519Key converts EdX25519Key to X25519Key.
type EdX25519PublicKey ¶
type EdX25519PublicKey struct {
// contains filtered or unexported fields
}
EdX25519PublicKey is the public part of EdX25519 key pair.
func NewEdX25519PublicKey ¶
func NewEdX25519PublicKey(b *[ed25519.PublicKeySize]byte) *EdX25519PublicKey
NewEdX25519PublicKey creates a EdX25519PublicKey.
func NewEdX25519PublicKeyFromID ¶
func NewEdX25519PublicKeyFromID(id ID) (*EdX25519PublicKey, error)
NewEdX25519PublicKeyFromID creates a EdX25519PublicKey from an ID.
func (*EdX25519PublicKey) Bytes32 ¶
func (s *EdX25519PublicKey) Bytes32() *[32]byte
Bytes32 for key.
func (*EdX25519PublicKey) EncodeToSSHAuthorized ¶
func (k *EdX25519PublicKey) EncodeToSSHAuthorized() []byte
EncodeToSSHAuthorized encodes a EdX25519PublicKey for SSH.
func (*EdX25519PublicKey) String ¶
func (s *EdX25519PublicKey) String() string
func (*EdX25519PublicKey) Verify ¶
func (s *EdX25519PublicKey) Verify(b []byte) ([]byte, error)
Verify verifies a message and signature with public key.
func (*EdX25519PublicKey) VerifyDetached ¶
func (s *EdX25519PublicKey) VerifyDetached(sig []byte, b []byte) error
VerifyDetached verifies a detached message.
func (*EdX25519PublicKey) X25519PublicKey ¶
func (s *EdX25519PublicKey) X25519PublicKey() *X25519PublicKey
X25519PublicKey converts the ed25519 public key to a x25519 public key.
type Encoding ¶ added in v0.1.1
type Encoding string
Encoding is the type of data.
const ( // UnknownEncoding is unknown. UnknownEncoding Encoding = "" // IDEncoding is a key ID string. IDEncoding Encoding = "id" // SaltpackEncoding is armored saltpack encoding. SaltpackEncoding Encoding = "saltpack" // SSHEncoding is ssh private key "-----BEGIN OPENSSH PRIVATE..." // or public key as "ssh-ed25519 AAAAC3Nz..." SSHEncoding Encoding = "ssh" )
func DetectEncoding ¶ added in v0.1.1
DetectEncoding tries to find out what encoding the bytes are. Returns bytes which may be different from input (for example, if whitespace is stripped).
type ErrNotFound ¶
type ErrNotFound struct {
ID string
}
ErrNotFound describes a key not found error when a key is required.
func (ErrNotFound) Error ¶
func (e ErrNotFound) Error() string
type ID ¶
type ID string
ID a bech32 encoded string.
func (ID) IsEdX25519 ¶
IsEdX25519 returns true if ID represents a EdX25519 key.
func (ID) PublicKeyType ¶
PublicKeyType returns public key type that ID represents or empty string if unknown.
type IDSet ¶
type IDSet struct {
// contains filtered or unexported fields
}
IDSet is a set of strings.
type Key ¶
type Key interface { // ID for the key. ID() ID // Type of key. Type() KeyType // Bytes are key data. Bytes() []byte }
Key with identifier, bytes and a type.
func Convert ¶ added in v0.1.2
Convert tries to convert a Key to another key type. This currently only converts a EdX25519Public key to a X25519Public key.
func DecodeKey ¶ added in v0.1.1
DecodeKey decodes a key using the specified encoding. If you don't know the encoding you can try ParseKey instead.
func DecodeSaltpackKey ¶ added in v0.1.1
DecodeSaltpackKey decrypts a saltpack encrypted key.
Example ¶
package main import ( "fmt" "log" "github.com/keys-pub/keys" ) func main() { key := `BEGIN X25519 KEY MESSAGE. umCRo9iHIudLWoz 4Ugt0hUXQVJ7lhV p7A9mb3kOTg6PeV fhqetAc9ZOUjagi 91gENEkp0xfjF2E Tyakwe90kzo1FNT gRacWRL5B59strN OoZYHQooqvlMKM. END X25519 KEY MESSAGE.` bob, err := keys.DecodeSaltpackKey(key, "", true) if err != nil { log.Fatal(err) } fmt.Printf("bob: %s\n", bob.ID()) }
Output: bob: kbx18x22l7nemmxcj76f9l3aaflc5487lp5u5q778gpe3t3wzhlqvu8qxa9z07
func ParseSSHKey ¶
ParseSSHKey parses a SSH private key.
func ParseSSHPublicKey ¶
ParseSSHPublicKey parses a SSH public key.
type KeyType ¶
type KeyType string
KeyType ...
const EdX25519 KeyType = "edx25519"
EdX25519 key type.
const EdX25519Public KeyType = "ed25519-public"
EdX25519Public public key type.
const X25519 KeyType = "x25519"
X25519 key type.
const X25519Public KeyType = "x25519-public"
X25519Public public key type.
type Logger ¶
type Logger interface { Debugf(format string, args ...interface{}) Infof(format string, args ...interface{}) Warningf(format string, args ...interface{}) Errorf(format string, args ...interface{}) Fatalf(format string, args ...interface{}) }
Logger interface used in this package.
type Sigchain ¶
type Sigchain struct {
// contains filtered or unexported fields
}
Sigchain is a chain of signed statements by a sign key.
func NewSigchain ¶
NewSigchain returns a new Sigchain for a EdX25519PublicKey.
Example ¶
package main import ( "fmt" "log" "github.com/keys-pub/keys" "github.com/keys-pub/keys/tsutil" ) func main() { clock := tsutil.NewTestClock() alice := keys.GenerateEdX25519Key() sc := keys.NewSigchain(alice.ID()) // Create root statement st, err := keys.NewSigchainStatement(sc, []byte("hi! 🤓"), alice, "", clock.Now()) if err != nil { log.Fatal(err) } if err := sc.Add(st); err != nil { log.Fatal(err) } // Add 2nd statement st2, err := keys.NewSigchainStatement(sc, []byte("2nd message"), alice, "", clock.Now()) if err != nil { log.Fatal(err) } if err := sc.Add(st2); err != nil { log.Fatal(err) } // Revoke 2nd statement _, err = sc.Revoke(2, alice) if err != nil { log.Fatal(err) } // Spew spew := sc.Spew() fmt.Println(spew.String()) }
Output:
func (*Sigchain) FindLast ¶
FindLast search from the last statement to the first, returning after If type is specified, we will search for that statement type. If we found a statement and it was revoked, we return nil.
func (*Sigchain) LastSeq ¶
LastSeq returns last signed statment seq (or 0 if no signed statements exist).
func (*Sigchain) Revoke ¶
func (s *Sigchain) Revoke(revoke int, sk *EdX25519Key) (*Statement, error)
Revoke a signed statement in the Sigchain.
func (*Sigchain) Statements ¶
Statements are all the signed statements.
type Sigchains ¶ added in v0.1.2
type Sigchains struct {
// contains filtered or unexported fields
}
Sigchains stores sigchains.
func NewSigchains ¶ added in v0.1.2
NewSigchains creates a Sigchains from Documents.
type Statement ¶
type Statement struct { // Sig is the signature bytes. Sig []byte // Data. Data []byte // KID is the key that signed. KID ID // Seq in a sigchain (1 is root, optional if not in sigchain). Seq int // Prev is a hash of the previous item in the sigchain (optional if root). Prev []byte // Revoke refers to a previous signed seq to revoke (optional). Revoke int // Type (optional). Type string // Timestamp (optional). Timestamp time.Time // contains filtered or unexported fields }
Statement in a sigchain.
func NewRevokeStatement ¶
func NewRevokeStatement(sc *Sigchain, revoke int, sk *EdX25519Key) (*Statement, error)
NewRevokeStatement creates a revoke Statement.
func NewSigchainStatement ¶
func NewSigchainStatement(sc *Sigchain, b []byte, sk *EdX25519Key, typ string, ts time.Time) (*Statement, error)
NewSigchainStatement creates a signed Statement to be added to the Sigchain.
func NewSignedStatement ¶
NewSignedStatement creates a signed Statement. Use NewSigchainStatement if part of a Sigchain.
Example ¶
sk := keys.NewEdX25519KeyFromSeed(testSeed(0x01)) st := keys.NewSignedStatement(bytes.Repeat([]byte{0x01}, 16), sk, "", time.Time{}) data := st.SpecificSerialization() fmt.Printf("%s\n", string(data)) b, err := st.Bytes() if err != nil { log.Fatal(err) } fmt.Printf("%s\n", string(b))
Output: {".sig":"","data":"AQEBAQEBAQEBAQEBAQEBAQ==","kid":"kex132yw8ht5p8cetl2jmvknewjawt9xwzdlrk2pyxlnwjyqrdq0dawqqph077"} {".sig":"lXVLUr1eRfI0c5an0h9VBN717o46TAcsC04L0oYvr8h3XUASYskGywo5PaT2V61nQvPE1PYx7OsV4jOocc4pAA==","data":"AQEBAQEBAQEBAQEBAQEBAQ==","kid":"kex132yw8ht5p8cetl2jmvknewjawt9xwzdlrk2pyxlnwjyqrdq0dawqqph077"}
func NewStatement ¶
func NewStatement(sig []byte, data []byte, spk StatementPublicKey, seq int, prev []byte, revoke int, typ string, ts time.Time) (*Statement, error)
NewStatement creates a new statement from specified parameters. Use NewSigchainStatement for a signed Sigchain Statement. Use NewSignedStatement for a signed Statement outside a Sigchain.
func NewUnverifiedStatement ¶
func NewUnverifiedStatement(sig []byte, data []byte, kid ID, seq int, prev []byte, revoke int, typ string, ts time.Time) (*Statement, error)
NewUnverifiedStatement creates an unverified statement.
func (*Statement) Key ¶
Key for a Statement. If Seq is not set, then there is no key. Key looks like "kpe1a4yj333g68pvd6hfqvufqkv4vy54jfe6t33ljd3kc9rpfty8xlgsfte2sn-000000000000001".
func (*Statement) MarshalJSON ¶
MarshalJSON marshals statement to JSON.
func (*Statement) SpecificSerialization ¶
SpecificSerialization is the specific serialization or the bytes to sign. It is the statement serialized without the sig value.
func (*Statement) URL ¶
URL returns path string for a Statement in the HTTP API. If Seq is not set, then there is no path. Path looks like "/ed1a4yj333g68pvd6hfqvufqkv4vy54jfe6t33ljd3kc9rpfty8xlgsfte2sn/1".
func (*Statement) UnmarshalJSON ¶
UnmarshalJSON unmarshals a statement from JSON.
type StatementPublicKey ¶
type StatementPublicKey interface { ID() ID Verify(b []byte) ([]byte, error) VerifyDetached(sig []byte, b []byte) error }
StatementPublicKey is public key for a Statement.
func StatementPublicKeyFromID ¶
func StatementPublicKeyFromID(id ID) (StatementPublicKey, error)
StatementPublicKeyFromID converts ID to StatementPublicKey. TODO: Support other key types.
type X25519Key ¶
type X25519Key struct {
// contains filtered or unexported fields
}
X25519Key is a X25519 assymmetric encryption key.
func GenerateX25519Key ¶
func GenerateX25519Key() *X25519Key
GenerateX25519Key creates a new X25519Key.
Example ¶
package main import ( "fmt" "github.com/keys-pub/keys" ) func main() { alice := keys.GenerateX25519Key() fmt.Printf("Alice: %s\n", alice.ID()) }
Output:
func NewX25519KeyFromPrivateKey ¶
NewX25519KeyFromPrivateKey creates a X25519Key from private key bytes.
func NewX25519KeyFromSeed ¶
NewX25519KeyFromSeed from seed.
func (*X25519Key) PrivateKey ¶
PrivateKey returns private part of this X25519Key.
func (*X25519Key) PublicKey ¶
func (k *X25519Key) PublicKey() *X25519PublicKey
PublicKey returns public part of this X25519Key.
type X25519PublicKey ¶
type X25519PublicKey struct {
// contains filtered or unexported fields
}
X25519PublicKey is the public key part of a x25519 key.
func NewX25519PublicKey ¶
func NewX25519PublicKey(b *[32]byte) *X25519PublicKey
NewX25519PublicKey creates X25519PublicKey. Metadata is optional.
func NewX25519PublicKeyFromEdX25519ID ¶
func NewX25519PublicKeyFromEdX25519ID(id ID) (*X25519PublicKey, error)
NewX25519PublicKeyFromEdX25519ID creates a X25519PublicKey from a EdX25519 ID.
func NewX25519PublicKeyFromID ¶
func NewX25519PublicKeyFromID(id ID) (*X25519PublicKey, error)
NewX25519PublicKeyFromID converts ID to X25519PublicKey.
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
Package bech32 is a modified version of the reference implementation of BIP173.
|
Package bech32 is a modified version of the reference implementation of BIP173. |
Package docs provides a document store.
|
Package docs provides a document store. |
events
Package events provides an event log.
|
Package events provides an event log. |
Package encoding provides encoding and decoding of different formats like Base62, Saltpack, BIP39.
|
Package encoding provides encoding and decoding of different formats like Base62, Saltpack, BIP39. |
Package env provides paths on different platforms.
|
Package env provides paths on different platforms. |
Package json provides a simpler JSON marshaller for strings and ints only.
|
Package json provides a simpler JSON marshaller for strings and ints only. |
Package keyring provides a cross-platform secure keyring.
|
Package keyring provides a cross-platform secure keyring. |
Package link defines services capable of linking keys to users.
|
Package link defines services capable of linking keys to users. |
Package noise integrates keys with the Noise protocol.
|
Package noise integrates keys with the Noise protocol. |
Package request provides clients for requesting data.
|
Package request provides clients for requesting data. |
Package saltpack integrates keys with Saltpack (saltpack.org).
|
Package saltpack integrates keys with Saltpack (saltpack.org). |
Package secret defines secret types.
|
Package secret defines secret types. |
Package tsutil provides timestamp and time utilities.
|
Package tsutil provides timestamp and time utilities. |
Package user defines user statements, store and search.
|
Package user defines user statements, store and search. |