Documentation ¶
Overview ¶
Package keypair implements asymmetric key pair generation and some related functions.
Multiple types of key pair supported:
ECDSA SM2 EdDSA
Index ¶
- Constants
- func ComparePublicKey(k0, k1 PublicKey) bool
- func FindKey(list []PublicKey, key PublicKey) int
- func GenerateKeyPair(t KeyType, opts interface{}) (PrivateKey, PublicKey, error)
- func GetCurve(label byte) (elliptic.Curve, error)
- func GetCurveLabel(c elliptic.Curve) (byte, error)
- func GetNamedCurve(name string) (elliptic.Curve, error)
- func GetNamedCurveLabel(name string) (byte, error)
- func Key2WIF(key PrivateKey) ([]byte, error)
- func SerializePrivateKey(pri PrivateKey) []byte
- func SerializePublicKey(key PublicKey) []byte
- type DecryptError
- type EncryptError
- type KeyType
- type PrivateKey
- func DecryptPrivateKey(prot *ProtectedKey, pwd []byte) (PrivateKey, error)
- func DecryptWithCustomScrypt(prot *ProtectedKey, pwd []byte, param *ScryptParam) (PrivateKey, error)
- func DeserializePrivateKey(data []byte) (pri PrivateKey, err error)
- func GetP256KeyPairFromWIF(wif []byte) (PrivateKey, error)
- func WIF2Key(wif []byte) (PrivateKey, error)
- type ProtectedKey
- func EncryptPrivateKey(pri PrivateKey, addr string, pwd []byte) (*ProtectedKey, error)
- func EncryptWithCustomScrypt(pri PrivateKey, addr string, pwd []byte, param *ScryptParam) (*ProtectedKey, error)
- func ReencryptPrivateKey(prot *ProtectedKey, oldPwd, newPwd []byte, oldParam, newParam *ScryptParam) (*ProtectedKey, error)
- type PublicKey
- type ScryptParam
Constants ¶
const ( // ECDSA curve label P224 byte = 1 P256 byte = 2 P384 byte = 3 P521 byte = 4 // SM2 curve label SM2P256V1 byte = 20 // ED25519 curve label ED25519 byte = 25 )
const ( DEFAULT_N = 16384 DEFAULT_R = 8 DEFAULT_P = 8 DEFAULT_DERIVED_KEY_LENGTH = 64 )
Variables ¶
This section is empty.
Functions ¶
func ComparePublicKey ¶
ComparePublicKey checks whether the two public key are the same.
func FindKey ¶
FindKey finds the specified public key in the list and returns its index or -1 if not found.
func GenerateKeyPair ¶
func GenerateKeyPair(t KeyType, opts interface{}) (PrivateKey, PublicKey, error)
GenerateKeyPair generates a pair of private and public keys in type t. opts is the necessary parameter(s), which is defined by the key type:
ECDSA: a byte specifies the elliptic curve, which defined in package ec SM2: same as ECDSA EdDSA: a byte specifies the curve, only ED25519 supported currently.
func GetNamedCurveLabel ¶
func Key2WIF ¶
func Key2WIF(key PrivateKey) ([]byte, error)
func SerializePrivateKey ¶
func SerializePrivateKey(pri PrivateKey) []byte
SerializePrivateKey serializes the input private key into byte array as the following format:
|--------------------|------------------| | algorithm (1 byte) | private_key_data | |--------------------|------------------|
The private_key_data differs in algorithm:
- ECDSA & SM2 |----------------|---------|--------------------| | curve (1 byte) | d_bytes | encoded_public_key | |----------------|---------|--------------------| d_bytes is the byte sequence converted from the integer d in little endian, with the byte length specified by the curve. encoded_public_key is the public key data encoded in comopression mode.
- EdDSA Since only Ed25519 supported currently, it is just the 1 byte Ed25519 curve label followed by the byte sequence which could be handled as private key in package ed25519.
This function will panic if error occurs.
func SerializePublicKey ¶
SerializePublicKey serializes the public key to a byte sequence as the following format:
|--------------------|-----------------| | algorithm (1 byte) | public_key_data | |--------------------|-----------------|
public_key_data differs in the algorithm:
- ECDSA & SM2 |----------------|--------------------| | curve (1 byte) | encoded_public_key | |----------------|--------------------| encoded_public_key is the public key encoded in compression mode.
- EdDSA Since only Ed25519 supported currently, it is just the 1 byte curve label followed by the byte sequence which could be handled as public key in package ed25519.
ECDSA public key with NIST P-256 curve is treated as a special case, which just use the encoded data as the serialization and starts with 0x02 or 0x03, with no flags ahead.
This function will panic if error occurs.
Types ¶
type DecryptError ¶
type DecryptError EncryptError
func NewDecryptError ¶
func NewDecryptError(msg string) *DecryptError
func (*DecryptError) Error ¶
func (e *DecryptError) Error() string
type EncryptError ¶
type EncryptError struct {
// contains filtered or unexported fields
}
func NewEncryptError ¶
func NewEncryptError(msg string) *EncryptError
func (*EncryptError) Error ¶
func (e *EncryptError) Error() string
type KeyType ¶
type KeyType byte
const ( PK_ECDSA KeyType = 0x12 PK_SM2 KeyType = 0x13 PK_EDDSA KeyType = 0x14 PK_P256_E KeyType = 0x02 PK_P256_O KeyType = 0x03 PK_P256_NC KeyType = 0x04 )
Supported key types
func GetKeyType ¶
type PrivateKey ¶
type PrivateKey interface { crypto.PrivateKey Public() crypto.PublicKey }
func DecryptPrivateKey ¶
func DecryptPrivateKey(prot *ProtectedKey, pwd []byte) (PrivateKey, error)
Decrypt the private key using the given password
func DecryptWithCustomScrypt ¶
func DecryptWithCustomScrypt(prot *ProtectedKey, pwd []byte, param *ScryptParam) (PrivateKey, error)
func DeserializePrivateKey ¶
func DeserializePrivateKey(data []byte) (pri PrivateKey, err error)
DeserializePrivateKey parses the input byte array into private key.
func GetP256KeyPairFromWIF ¶
func GetP256KeyPairFromWIF(wif []byte) (PrivateKey, error)
Parse ECDSA P-256 private key in WIF
func WIF2Key ¶
func WIF2Key(wif []byte) (PrivateKey, error)
type ProtectedKey ¶
type ProtectedKey struct { Address string `json:"address"` EncAlg string `json:"enc-alg"` Key []byte `json:"key"` Alg string `json:"algorithm"` Salt []byte `json:"salt,omitempty"` Hash string `json:"hash,omitempty"` Param map[string]string `json:"parameters,omitempty"` }
ProtectedKey stores the encrypted private key and related data
func EncryptPrivateKey ¶
func EncryptPrivateKey(pri PrivateKey, addr string, pwd []byte) (*ProtectedKey, error)
Encrypt the private key with the given password. The password is used to derive a key via scrypt function. AES with GCM mode is used for encryption. The first 12 bytes of the derived key is used as the nonce, and the last 32 bytes is used as the encryption key.
func EncryptWithCustomScrypt ¶
func EncryptWithCustomScrypt(pri PrivateKey, addr string, pwd []byte, param *ScryptParam) (*ProtectedKey, error)
func ReencryptPrivateKey ¶
func ReencryptPrivateKey(prot *ProtectedKey, oldPwd, newPwd []byte, oldParam, newParam *ScryptParam) (*ProtectedKey, error)
Re-encrypt the private key with the new password and scrypt parameters. The old password and scrypt parameters are used for decryption first. The scrypt parameters will be reseted to the default after this function.
type PublicKey ¶
func DeserializePublicKey ¶
DeserializePublicKey parse the byte sequencce to a public key.
func SortPublicKeys ¶
SorPublicKeys sorts the input PublicKey slice and return it. The sorting rules is as follows:
- if keys have different types, then sorted by the KeyType value.
- else, 2.1. ECDSA or SM2: 2.1.1. if on different curves, then sorted by the curve label. 2.1.2. else if x values are different, then sorted by x. 2.1.3. else sorted by y. 2.2. EdDSA: sorted by the byte sequence directly.
type ScryptParam ¶
type ScryptParam struct { P int `json:"p"` N int `json:"n"` R int `json:"r"` DKLen int `json:"dkLen,omitempty"` }
ScryptParam contains the parameters used in scrypt function
func GetScryptParameters ¶
func GetScryptParameters() *ScryptParam
Return the default parameters used in scrypt function