Documentation ¶
Overview ¶
Package epk implements an encrypted private key on top of the Ed25519 signature scheme. Given the passphrase and a message it can also unlock the key and sign the message.
It uses scrypt as key derivation function and ChaCha20/Poly1305 for encryption.
Index ¶
- type EncryptedPrivateKey
- func (e *EncryptedPrivateKey) Armor() (string, error)
- func (e *EncryptedPrivateKey) GobDecode(buf []byte) error
- func (e *EncryptedPrivateKey) GobEncode() ([]byte, error)
- func (e *EncryptedPrivateKey) Public(passphrase string) (ed25519.PublicKey, error)
- func (e *EncryptedPrivateKey) Sign(passphrase string, message []byte) ([]byte, error)
- func (e *EncryptedPrivateKey) Store(w io.Writer) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type EncryptedPrivateKey ¶
type EncryptedPrivateKey struct { // the private key type: Ed25519 Keytype string // the used KDF: scrypt KDF string // the used KDF parameters: N=65536;r=8;p=1 KDFParam string // the used encryption algorithm: ChaCha20Poly1305 EncAlgorithm string // 24 byte salt for the KDF, 12 of which are also // used as AEAD nonce Salt []byte // contains filtered or unexported fields }
EncryptedPrivateKey implements an encrypted private key
func New ¶
func New(passphrase string) (*EncryptedPrivateKey, ed25519.PublicKey, error)
New returns the plain public and encrypted private key for a generated keypair.
func ReadFrom ¶
func ReadFrom(r io.Reader) (*EncryptedPrivateKey, error)
ReadFrom reconstructs EncryptedPrivateKey from line data read in from r. Comment lines starting with a '#' as well as lines that are empty or only contain whitespace are skipped. The first non-skipped line is expected to be the output of Armor() on a single line, surrounding whitespace is ignored. Additional lines are ignored.
ReadFrom returns io.ErrUnexpectedEOF if no data line could be found as well as any error that occurred.
func (*EncryptedPrivateKey) Armor ¶
func (e *EncryptedPrivateKey) Armor() (string, error)
Armor returns the ascii armored binary serialization of e. The ASCII armor is encoded using standard base64.
func (*EncryptedPrivateKey) GobDecode ¶
func (e *EncryptedPrivateKey) GobDecode(buf []byte) error
GobDecode implements the gob.GobDecoder interface
func (*EncryptedPrivateKey) GobEncode ¶
func (e *EncryptedPrivateKey) GobEncode() ([]byte, error)
GobEncode implements the gob.GobEncoder interface
func (*EncryptedPrivateKey) Public ¶
func (e *EncryptedPrivateKey) Public(passphrase string) (ed25519.PublicKey, error)
Public unlocks the private key and generates the public key from it