kbfscrypto

package
v0.0.0-...-fb60582 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 9, 2017 License: BSD-3-Clause Imports: 17 Imported by: 0

README

kbfscrypto

Crypto-related types and functions for KBFS. The package is named kbfscrypto rather than crypto for two reasons:

  1. To avoid conflicting with the crypto package.
  2. Some variables are named crypto already.

All errors returned by this package are wrapped with pkg/errors, and so need errors.Cause() to unwrap them.

Documentation

Index

Constants

View Source 
const (
	// SigED25519 is the signature type for ED25519
	SigED25519 = SigVer(iota + 1)
	// SigED25519ForKBFS is the signature type for ED25519 with a KBFS prefix.
	SigED25519ForKBFS
)
View Source 
const AuthTokenMinRefreshSeconds = 60

AuthTokenMinRefreshSeconds is the minimum number of seconds between refreshes.

View Source 
const DevRootCerts = `` /* 4438-byte string literal not displayed */

DevRootCerts are the root CA certificates for the dev VPC. During rotation multiple certificates are expected in the PEM blob.

View Source 
const (
	// EnvTestRootCertPEM is the environment variable name for the
	// CA cert PEM the client uses to verify the KBFS servers when
	// testing. Any certificate present here overrides any
	// certificate inferred from a server address.
	EnvTestRootCertPEM = "KEYBASE_TEST_ROOT_CERT_PEM"
)
View Source 
const ProductionRootCerts = `` /* 4451-byte string literal not displayed */

ProductionRootCerts are the root CA certificates for the production VPC. During rotation multiple certificates are expected in the PEM blob.

View Source 
const TestRootCert = `` /* 4195-byte string literal not displayed */

TestRootCert is a CA cert which can be used for testing TLS support. 127.0.0.1 is the only supported address.

View Source 
const TestRootKey = `` /* 1678-byte string literal not displayed */

TestRootKey can be used with the above cert+public key to test TLS support.

Variables

View Source 
var PublicTLFCryptKey = MakeTLFCryptKey([32]byte{
	0x18, 0x18, 0x18, 0x18, 0x18, 0x18, 0x18, 0x18,
	0x18, 0x18, 0x18, 0x18, 0x18, 0x18, 0x18, 0x18,
	0x18, 0x18, 0x18, 0x18, 0x18, 0x18, 0x18, 0x18,
	0x18, 0x18, 0x18, 0x18, 0x18, 0x18, 0x18, 0x18,
})

PublicTLFCryptKey is the TLFCryptKey used for all public TLFs. That means that anyone with just the block key for a public TLF can decrypt that block. This is not the zero TLFCryptKey so that we can distinguish it from an (erroneously?) unset TLFCryptKey.

Functions

func GetRootCerts 

func GetRootCerts(serverAddr string) []byte

GetRootCerts returns a byte array with the appropriate root certs for the given host:port string.

func RandRead 

func RandRead(buf []byte) error

RandRead is a belt-and-suspenders wrapper around crypto.rand.Read().

func Verify 

func Verify(msg []byte, sigInfo SignatureInfo) error

Verify verifies the given message against the given SignatureInfo, and returns nil if it verifies successfully, or an error otherwise.

Types

type AuthToken 

type AuthToken struct {
	// contains filtered or unexported fields
}

AuthToken encapsulates a timed authentication token.

func NewAuthToken 

func NewAuthToken(signer Signer, tokenType string, expireIn int,
	submoduleName, version string, rh AuthTokenRefreshHandler) *AuthToken

NewAuthToken creates a new authentication token.

func (*AuthToken) Shutdown 

func (a *AuthToken) Shutdown()

Shutdown is called to stop the refresh ticker.

func (*AuthToken) Sign 

func (a *AuthToken) Sign(ctx context.Context,
	currentUsername libkb.NormalizedUsername, currentUID keybase1.UID,
	currentVerifyingKey VerifyingKey,
	challengeInfo keybase1.ChallengeInfo) (string, error)

Sign is called to create a new signed authentication token, including a challenge and username/uid/kid identifiers.

func (*AuthToken) SignUserless 

func (a *AuthToken) SignUserless(
	ctx context.Context, key VerifyingKey) (
	string, error)

SignUserless signs the token without a username, UID, or challenge. This is useful for server-to-server communication where identity is established using only the KID. Assume the client and server clocks are roughly synchronized.

type AuthTokenRefreshHandler 

type AuthTokenRefreshHandler interface {
	RefreshAuthToken(context.Context)
}

AuthTokenRefreshHandler defines a callback to be called when an auth token refresh is needed.

type BlockCryptKey 

type BlockCryptKey struct {
	// contains filtered or unexported fields
}

BlockCryptKey is used to encrypt/decrypt block data. (See § 4.1.2.)

func MakeBlockCryptKey 

func MakeBlockCryptKey(data [32]byte) BlockCryptKey

MakeBlockCryptKey returns a BlockCryptKey containing the given data.

Copies of BlockCryptKey objects are deep copies.

func UnmaskBlockCryptKey 

func UnmaskBlockCryptKey(serverHalf BlockCryptKeyServerHalf,
	tlfCryptKey TLFCryptKey) BlockCryptKey

UnmaskBlockCryptKey returns the block crypt key.

func (BlockCryptKey) Data 

func (c BlockCryptKey) Data() [32]byte

func (BlockCryptKey) MarshalBinary 

func (c BlockCryptKey) MarshalBinary() (data []byte, err error)

func (BlockCryptKey) MarshalText 

func (c BlockCryptKey) MarshalText() ([]byte, error)

func (BlockCryptKey) String 

func (c BlockCryptKey) String() string

func (*BlockCryptKey) UnmarshalBinary 

func (c *BlockCryptKey) UnmarshalBinary(data []byte) error

func (*BlockCryptKey) UnmarshalText 

func (c *BlockCryptKey) UnmarshalText(data []byte) error

type BlockCryptKeyServerHalf 

type BlockCryptKeyServerHalf struct {
	// contains filtered or unexported fields
}

BlockCryptKeyServerHalf is a masked version of a BlockCryptKey, which can be recovered only with the TLFCryptKey used to mask the server half.

Copies of BlockCryptKeyServerHalf objects are deep copies.

func MakeBlockCryptKeyServerHalf 

func MakeBlockCryptKeyServerHalf(data [32]byte) BlockCryptKeyServerHalf

MakeBlockCryptKeyServerHalf returns a BlockCryptKeyServerHalf containing the given data.

func MakeRandomBlockCryptKeyServerHalf 

func MakeRandomBlockCryptKeyServerHalf() (
	serverHalf BlockCryptKeyServerHalf, err error)

MakeRandomBlockCryptKeyServerHalf generates the server-side of a block crypt key.

func ParseBlockCryptKeyServerHalf 

func ParseBlockCryptKeyServerHalf(s string) (BlockCryptKeyServerHalf, error)

ParseBlockCryptKeyServerHalf returns a BlockCryptKeyServerHalf containing the given hex-encoded data, or an error.

func (BlockCryptKeyServerHalf) Data 

func (c BlockCryptKeyServerHalf) Data() [32]byte

func (BlockCryptKeyServerHalf) MarshalBinary 

func (c BlockCryptKeyServerHalf) MarshalBinary() (data []byte, err error)

func (BlockCryptKeyServerHalf) MarshalText 

func (c BlockCryptKeyServerHalf) MarshalText() ([]byte, error)

func (BlockCryptKeyServerHalf) String 

func (c BlockCryptKeyServerHalf) String() string

func (*BlockCryptKeyServerHalf) UnmarshalBinary 

func (c *BlockCryptKeyServerHalf) UnmarshalBinary(data []byte) error

func (*BlockCryptKeyServerHalf) UnmarshalText 

func (c *BlockCryptKeyServerHalf) UnmarshalText(data []byte) error

type CryptPrivateKey 

type CryptPrivateKey struct {
	// contains filtered or unexported fields
}

CryptPrivateKey is a private key for encryption/decryption.

func MakeFakeCryptPrivateKeyOrBust 

func MakeFakeCryptPrivateKeyOrBust(seed string) CryptPrivateKey

MakeFakeCryptPrivateKeyOrBust makes a new crypt private key from fake randomness made from the given seed.

func NewCryptPrivateKey 

func NewCryptPrivateKey(kp libkb.NaclDHKeyPair) CryptPrivateKey

NewCryptPrivateKey returns a CryptPrivateKey using the given key pair.

func (CryptPrivateKey) Data 

func (k CryptPrivateKey) Data() [32]byte

Data returns the private key's data, suitable to be used with box.Open or box.Seal.

TODO: Make the CryptPrivateKey handle the Open/Seal itself.

func (CryptPrivateKey) GetPublicKey 

func (k CryptPrivateKey) GetPublicKey() CryptPublicKey

GetPublicKey returns the public key corresponding to this private key.

type CryptPublicKey 

type CryptPublicKey struct {
	// contains filtered or unexported fields
}

CryptPublicKey (M_u^i) is used (with a TLFEphemeralPrivateKey) to encrypt TLFCryptKeyClientHalf objects (See §§ 4.1.1, 6.1.1, 6.3.) These are also sometimes known as subkeys.

Copies of CryptPublicKey objects are deep copies.

func MakeCryptPublicKey 

func MakeCryptPublicKey(kid keybase1.KID) CryptPublicKey

MakeCryptPublicKey returns a CryptPublicKey containing the given KID.

func MakeFakeCryptPublicKeyOrBust 

func MakeFakeCryptPublicKeyOrBust(seed string) CryptPublicKey

MakeFakeCryptPublicKeyOrBust makes the public key corresponding to the crypt private key made with the same seed.

func (CryptPublicKey) KID 

func (k CryptPublicKey) KID() keybase1.KID

func (CryptPublicKey) MarshalBinary 

func (k CryptPublicKey) MarshalBinary() (data []byte, err error)

func (CryptPublicKey) MarshalJSON 

func (k CryptPublicKey) MarshalJSON() ([]byte, error)

func (CryptPublicKey) String 

func (k CryptPublicKey) String() string

func (*CryptPublicKey) UnmarshalBinary 

func (k *CryptPublicKey) UnmarshalBinary(data []byte) error

func (*CryptPublicKey) UnmarshalJSON 

func (k *CryptPublicKey) UnmarshalJSON(s []byte) error

type InvalidByte32DataError 

type InvalidByte32DataError struct {
	// contains filtered or unexported fields
}

InvalidByte32DataError is returned whenever invalid data for a 32-byte type is detected.

func (InvalidByte32DataError) Error 

func (e InvalidByte32DataError) Error() string

type InvalidKIDError 

type InvalidKIDError struct {
	// contains filtered or unexported fields
}

InvalidKIDError is returned whenever an invalid KID is detected.

func (InvalidKIDError) Error 

func (e InvalidKIDError) Error() string

type SigVer 

type SigVer int

SigVer denotes a signature version.

func (SigVer) IsNil 

func (v SigVer) IsNil() bool

IsNil returns true if this SigVer is nil.

type SignatureInfo 

type SignatureInfo struct {
	// Exported only for serialization purposes.
	Version      SigVer       `codec:"v"`
	Signature    []byte       `codec:"s"`
	VerifyingKey VerifyingKey `codec:"k"`
}

SignatureInfo contains all the info needed to verify a signature for a message.

func (SignatureInfo) DeepCopy 

func (s SignatureInfo) DeepCopy() SignatureInfo

DeepCopy makes a complete copy of this SignatureInfo.

func (SignatureInfo) Equals 

func (s SignatureInfo) Equals(other SignatureInfo) bool

Equals returns true if this SignatureInfo matches the given one.

func (SignatureInfo) IsNil 

func (s SignatureInfo) IsNil() bool

IsNil returns true if this SignatureInfo is nil.

func (SignatureInfo) String 

func (s SignatureInfo) String() string

String implements the fmt.Stringer interface for SignatureInfo.

type Signer 

type Signer interface {
	// Sign signs msg with some internal private key.
	Sign(ctx context.Context, msg []byte) (sigInfo SignatureInfo, err error)
	// SignForKBFS signs msg with some internal private key on behalf of KBFS.
	SignForKBFS(ctx context.Context, msg []byte) (sigInfo SignatureInfo, err error)
	// SignToString signs msg with some internal private key and
	// outputs the full serialized NaclSigInfo.
	SignToString(ctx context.Context, msg []byte) (signature string, err error)
}

A Signer is something that can sign using an internal private key.

type SigningKey 

type SigningKey struct {
	// contains filtered or unexported fields
}

SigningKey is a key pair for signing.

func MakeFakeSigningKeyOrBust 

func MakeFakeSigningKeyOrBust(seed string) SigningKey

MakeFakeSigningKeyOrBust makes a new signing key from fake randomness made from the given seed.

func NewSigningKey 

func NewSigningKey(kp libkb.NaclSigningKeyPair) SigningKey

NewSigningKey returns a SigningKey using the given key pair.

func (SigningKey) GetVerifyingKey 

func (k SigningKey) GetVerifyingKey() VerifyingKey

GetVerifyingKey returns the public key half of this signing key.

func (SigningKey) Sign 

func (k SigningKey) Sign(data []byte) SignatureInfo

Sign signs the given data and returns a SignatureInfo.

func (SigningKey) SignForKBFS 

func (k SigningKey) SignForKBFS(data []byte) (SignatureInfo, error)

SignForKBFS signs the given data with the KBFS prefix and returns a SignatureInfo.

func (SigningKey) SignToString 

func (k SigningKey) SignToString(data []byte) (sig string, err error)

SignToString signs the given data and returns a string.

type SigningKeySigner 

type SigningKeySigner struct {
	Key SigningKey
}

SigningKeySigner is a Signer wrapper around a SigningKey.

func (SigningKeySigner) Sign 

func (s SigningKeySigner) Sign(
	ctx context.Context, data []byte) (SignatureInfo, error)

Sign implements Signer for SigningKeySigner.

func (SigningKeySigner) SignForKBFS 

func (s SigningKeySigner) SignForKBFS(
	ctx context.Context, data []byte) (SignatureInfo, error)

SignForKBFS implements Signer for SigningKeySigner.

func (SigningKeySigner) SignToString 

func (s SigningKeySigner) SignToString(
	ctx context.Context, data []byte) (sig string, err error)

SignToString implements Signer for SigningKeySigner.

type TLFCryptKey 

type TLFCryptKey struct {
	// contains filtered or unexported fields
}

TLFCryptKey (s^{f,0}) is used to encrypt/decrypt the private portion of TLF metadata. It is also used to mask BlockCryptKeys. (See §§ 4.1.1, 4.1.2.)

Copies of TLFCryptKey objects are deep copies.

func MakeRandomTLFCryptKey 

func MakeRandomTLFCryptKey() (TLFCryptKey, error)

MakeRandomTLFCryptKey returns a random top-level folder crypt key.

func MakeTLFCryptKey 

func MakeTLFCryptKey(data [32]byte) TLFCryptKey

MakeTLFCryptKey returns a TLFCryptKey containing the given data.

func UnmaskTLFCryptKey 

func UnmaskTLFCryptKey(serverHalf TLFCryptKeyServerHalf,
	clientHalf TLFCryptKeyClientHalf) TLFCryptKey

UnmaskTLFCryptKey returns the top-level folder crypt key.

func (TLFCryptKey) Data 

func (c TLFCryptKey) Data() [32]byte

func (TLFCryptKey) MarshalBinary 

func (c TLFCryptKey) MarshalBinary() (data []byte, err error)

func (TLFCryptKey) MarshalText 

func (c TLFCryptKey) MarshalText() ([]byte, error)

func (TLFCryptKey) String 

func (c TLFCryptKey) String() string

func (*TLFCryptKey) UnmarshalBinary 

func (c *TLFCryptKey) UnmarshalBinary(data []byte) error

func (*TLFCryptKey) UnmarshalText 

func (c *TLFCryptKey) UnmarshalText(data []byte) error

type TLFCryptKeyClientHalf 

type TLFCryptKeyClientHalf struct {
	// contains filtered or unexported fields
}

TLFCryptKeyClientHalf (t_u^{f,k,i} for a user u, a folder f, a key generation k, and a device i) is the masked, client-side half of a TLFCryptKey, which can be recovered only with both halves. (See §§ 4.1.1, 6.1.1, 6.3.)

Copies of TLFCryptKeyClientHalf objects are deep copies.

func MakeTLFCryptKeyClientHalf 

func MakeTLFCryptKeyClientHalf(data [32]byte) TLFCryptKeyClientHalf

MakeTLFCryptKeyClientHalf returns a TLFCryptKeyClientHalf containing the given data.

func MaskTLFCryptKey 

func MaskTLFCryptKey(serverHalf TLFCryptKeyServerHalf,
	key TLFCryptKey) TLFCryptKeyClientHalf

MaskTLFCryptKey returns the client side of a top-level folder crypt key.

func (TLFCryptKeyClientHalf) Data 

func (c TLFCryptKeyClientHalf) Data() [32]byte

func (TLFCryptKeyClientHalf) MarshalBinary 

func (c TLFCryptKeyClientHalf) MarshalBinary() (data []byte, err error)

func (TLFCryptKeyClientHalf) MarshalText 

func (c TLFCryptKeyClientHalf) MarshalText() ([]byte, error)

func (TLFCryptKeyClientHalf) String 

func (c TLFCryptKeyClientHalf) String() string

func (*TLFCryptKeyClientHalf) UnmarshalBinary 

func (c *TLFCryptKeyClientHalf) UnmarshalBinary(data []byte) error

func (*TLFCryptKeyClientHalf) UnmarshalText 

func (c *TLFCryptKeyClientHalf) UnmarshalText(data []byte) error

type TLFCryptKeyServerHalf 

type TLFCryptKeyServerHalf struct {
	// contains filtered or unexported fields
}

TLFCryptKeyServerHalf (s_u^{f,0,i}) is the masked, server-side half of a TLFCryptKey, which can be recovered only with both halves. (See § 4.1.1.)

Copies of TLFCryptKeyServerHalf objects are deep copies.

func MakeRandomTLFCryptKeyServerHalf 

func MakeRandomTLFCryptKeyServerHalf() (
	serverHalf TLFCryptKeyServerHalf, err error)

MakeRandomTLFCryptKeyServerHalf generates the server-side of a top-level folder crypt key.

func MakeTLFCryptKeyServerHalf 

func MakeTLFCryptKeyServerHalf(data [32]byte) TLFCryptKeyServerHalf

MakeTLFCryptKeyServerHalf returns a TLFCryptKeyServerHalf containing the given data.

func (TLFCryptKeyServerHalf) Data 

func (c TLFCryptKeyServerHalf) Data() [32]byte

func (TLFCryptKeyServerHalf) MarshalBinary 

func (c TLFCryptKeyServerHalf) MarshalBinary() (data []byte, err error)

func (TLFCryptKeyServerHalf) MarshalText 

func (c TLFCryptKeyServerHalf) MarshalText() ([]byte, error)

func (TLFCryptKeyServerHalf) String 

func (c TLFCryptKeyServerHalf) String() string

func (*TLFCryptKeyServerHalf) UnmarshalBinary 

func (c *TLFCryptKeyServerHalf) UnmarshalBinary(data []byte) error

func (*TLFCryptKeyServerHalf) UnmarshalText 

func (c *TLFCryptKeyServerHalf) UnmarshalText(data []byte) error

type TLFEphemeralPrivateKey 

type TLFEphemeralPrivateKey struct {
	// contains filtered or unexported fields
}

TLFEphemeralPrivateKey (m_e) is used (with a CryptPublicKey) to encrypt TLFCryptKeyClientHalf objects for non-public directories. (See §§ 4.1.1, 6.1.1, 6.3.) It is never stored permanently.

Copies of TLFEphemeralPrivateKey objects are deep copies.

func MakeTLFEphemeralPrivateKey 

func MakeTLFEphemeralPrivateKey(data [32]byte) TLFEphemeralPrivateKey

MakeTLFEphemeralPrivateKey returns a TLFEphemeralPrivateKey containing the given data.

func (TLFEphemeralPrivateKey) Data 

func (c TLFEphemeralPrivateKey) Data() [32]byte

func (TLFEphemeralPrivateKey) MarshalBinary 

func (c TLFEphemeralPrivateKey) MarshalBinary() (data []byte, err error)

func (TLFEphemeralPrivateKey) MarshalText 

func (c TLFEphemeralPrivateKey) MarshalText() ([]byte, error)

func (TLFEphemeralPrivateKey) String 

func (c TLFEphemeralPrivateKey) String() string

func (*TLFEphemeralPrivateKey) UnmarshalBinary 

func (c *TLFEphemeralPrivateKey) UnmarshalBinary(data []byte) error

func (*TLFEphemeralPrivateKey) UnmarshalText 

func (c *TLFEphemeralPrivateKey) UnmarshalText(data []byte) error

type TLFEphemeralPublicKey 

type TLFEphemeralPublicKey struct {
	// contains filtered or unexported fields
}

TLFEphemeralPublicKey (M_e) is used along with a crypt private key to decrypt TLFCryptKeyClientHalf objects for non-public directories. (See §§ 4.1.1, 6.1.1, 6.3.)

Copies of TLFEphemeralPublicKey objects are deep copies.

func MakeTLFEphemeralPublicKey 

func MakeTLFEphemeralPublicKey(data [32]byte) TLFEphemeralPublicKey

MakeTLFEphemeralPublicKey returns a TLFEphemeralPublicKey containing the given data.

func (TLFEphemeralPublicKey) Data 

func (c TLFEphemeralPublicKey) Data() [32]byte

func (TLFEphemeralPublicKey) MarshalBinary 

func (c TLFEphemeralPublicKey) MarshalBinary() (data []byte, err error)

func (TLFEphemeralPublicKey) MarshalText 

func (c TLFEphemeralPublicKey) MarshalText() ([]byte, error)

func (TLFEphemeralPublicKey) String 

func (c TLFEphemeralPublicKey) String() string

func (*TLFEphemeralPublicKey) UnmarshalBinary 

func (c *TLFEphemeralPublicKey) UnmarshalBinary(data []byte) error

func (*TLFEphemeralPublicKey) UnmarshalText 

func (c *TLFEphemeralPublicKey) UnmarshalText(data []byte) error

type TLFEphemeralPublicKeys 

type TLFEphemeralPublicKeys []TLFEphemeralPublicKey

TLFEphemeralPublicKeys stores a list of TLFEphemeralPublicKey

type TLFPrivateKey 

type TLFPrivateKey struct {
	// contains filtered or unexported fields
}

A TLFPrivateKey (m_f) is the private half of the permanent keypair associated with a TLF. (See §§ 4.1.1, 5.3.)

Copies of TLFPrivateKey objects are deep copies.

func MakeTLFPrivateKey 

func MakeTLFPrivateKey(data [32]byte) TLFPrivateKey

MakeTLFPrivateKey returns a TLFPrivateKey containing the given data.

func (TLFPrivateKey) Data 

func (c TLFPrivateKey) Data() [32]byte

func (TLFPrivateKey) MarshalBinary 

func (c TLFPrivateKey) MarshalBinary() (data []byte, err error)

func (TLFPrivateKey) MarshalText 

func (c TLFPrivateKey) MarshalText() ([]byte, error)

func (TLFPrivateKey) String 

func (c TLFPrivateKey) String() string

func (*TLFPrivateKey) UnmarshalBinary 

func (c *TLFPrivateKey) UnmarshalBinary(data []byte) error

func (*TLFPrivateKey) UnmarshalText 

func (c *TLFPrivateKey) UnmarshalText(data []byte) error

type TLFPublicKey 

type TLFPublicKey struct {
	// contains filtered or unexported fields
}

A TLFPublicKey (M_f) is the public half of the permanent keypair associated with a TLF. It is included in the site-wide private-data Merkle tree. (See §§ 4.1.1, 5.3.)

Copies of TLFPublicKey objects are deep copies.

func MakeTLFPublicKey 

func MakeTLFPublicKey(data [32]byte) TLFPublicKey

MakeTLFPublicKey returns a TLFPublicKey containing the given data.

func (TLFPublicKey) Data 

func (c TLFPublicKey) Data() [32]byte

func (TLFPublicKey) MarshalBinary 

func (c TLFPublicKey) MarshalBinary() (data []byte, err error)

func (TLFPublicKey) MarshalText 

func (c TLFPublicKey) MarshalText() ([]byte, error)

func (TLFPublicKey) String 

func (c TLFPublicKey) String() string

func (*TLFPublicKey) UnmarshalBinary 

func (c *TLFPublicKey) UnmarshalBinary(data []byte) error

func (*TLFPublicKey) UnmarshalText 

func (c *TLFPublicKey) UnmarshalText(data []byte) error

type UnexpectedShortCryptoRandRead 

type UnexpectedShortCryptoRandRead struct {
}

UnexpectedShortCryptoRandRead indicates that fewer bytes were read from crypto.rand.Read() than expected.

func (UnexpectedShortCryptoRandRead) Error 

func (e UnexpectedShortCryptoRandRead) Error() string

Error implements the error interface for UnexpectedShortRandRead.

type UnknownSigVer 

type UnknownSigVer struct {
	Ver SigVer
}

UnknownSigVer indicates that we can't process a signature because it has an unknown version.

func (UnknownSigVer) Error 

func (e UnknownSigVer) Error() string

Error implements the error interface for UnknownSigVer

type VerifyingKey 

type VerifyingKey struct {
	// contains filtered or unexported fields
}

A VerifyingKey is a public key that can be used to verify a signature created by the corresponding private signing key. In particular, VerifyingKeys are used to authenticate home and public TLFs. (See 4.2, 4.3.)

These are also sometimes known as sibkeys.

Copies of VerifyingKey objects are deep copies.

func MakeFakeVerifyingKeyOrBust 

func MakeFakeVerifyingKeyOrBust(seed string) VerifyingKey

MakeFakeVerifyingKeyOrBust makes a new key suitable for verifying signatures made from the fake signing key made with the same seed.

func MakeVerifyingKey 

func MakeVerifyingKey(kid keybase1.KID) VerifyingKey

MakeVerifyingKey returns a VerifyingKey containing the given KID.

func (VerifyingKey) IsNil 

func (k VerifyingKey) IsNil() bool

IsNil returns true if the VerifyingKey is nil.

func (VerifyingKey) KID 

func (k VerifyingKey) KID() keybase1.KID

func (VerifyingKey) MarshalBinary 

func (k VerifyingKey) MarshalBinary() (data []byte, err error)

func (VerifyingKey) MarshalJSON 

func (k VerifyingKey) MarshalJSON() ([]byte, error)

func (VerifyingKey) String 

func (k VerifyingKey) String() string

func (*VerifyingKey) UnmarshalBinary 

func (k *VerifyingKey) UnmarshalBinary(data []byte) error

func (*VerifyingKey) UnmarshalJSON 

func (k *VerifyingKey) UnmarshalJSON(s []byte) error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.