spki

Documentation

Overview

Package spki provides marshalling functions for Ed25519 keys.

Quick guide to Ed25519: Public keys are 32 bytes and should be treated as opaque 32-byte values. Private keys, by convention, are 64 bytes and consist of the 32 byte private key seed value followed by the 32 bytes of the public key.

This means that you can obtain the public key from the private key (it's just privateKey[32:64]), you can reconstruct the full private key value from its first 32 bytes, and you can obtain the public key from the private key.

Ed25519 private keys can be converted to Curve25519 private keys and Ed25519 public keys can be converted to Curve25519 public keys without knowledge of the corresponding private key.

Note that the 'random seed value' constituting the Ed25519 private key actual is actually passed through SHA-512 before any elliptic curve operations (such as signing something or deriving the public key) are performed on it.

This is a key difference from Curve25519. In fact, the converted Curve25519 private key is obtained simply by performing the SHA-512 step (and some trivial bit masking). So Curve25519 conventionally works with post-hash private keys as inputs, whereas Ed25519 conventionally works with pre-hash private keys as inputs. This difference is to enable a hash collision-resistance property of Ed25519 signatures.

Anyway, this makes the Ed25519 key marshalling code provided by this package also suitable for storing keys used for Curve25519 applications.

Index

• Constants
• Variables
• func Babbleprint(p []byte) string
• func Dearmor(r io.Reader, checkFunc func(blk *armor.Block) error) (io.Reader, error)
• func DecodeB32(s string) ([]byte, error)
• func Ed25519RederivePublic(privateKey *[64]byte) (publicKey *[32]byte)
• func EncodeB32(b []byte) string
• func FormEd25519PrivateKey(privateKey *[64]byte) []interface{}
• func FormEd25519PublicKey(publicKey *[32]byte) []interface{}
• func FormEd25519PublicKeyFromPrivateKey(privateKey *[64]byte) []interface{}
• func LoadEd25519Key(v []interface{}, privateKey *[64]byte) (isPrivate bool, err error)
• func LoadKeyFile(r io.Reader, privateKey *[64]byte) (isPrivate bool, err error)
• type FileInfo
  • func HashFile(r io.Reader) (*FileInfo, error)
  • func LoadFileInfo(x []interface{}) (*FileInfo, error)
  • func (fi *FileInfo) Form() []interface{}
• type HashType
  • func LoadHash(x []interface{}) (HashType, []byte, error)
  • func ParseHashType(hashType string) (HashType, bool)
  • func (ht HashType) Form(b []byte) []interface{}
  • func (ht HashType) New() hash.Hash
  • func (ht HashType) String() string

Constants

const (
	// Vanilla Blake2b, 512-bit output.
	Blake2b HashType = "blake2b"
	// SHA-512, 512-bit output.
	SHA512 = "sha512"
	// SHA-256, 256-bit output.
	SHA256 = "sha256"
)

Variables

var ErrMalformedFileInfo = fmt.Errorf("not a well-formed file representation S-expression structure")

var ErrMalformedHash = fmt.Errorf("not a well-formed hash S-expression structure")

var ErrMalformedKey = fmt.Errorf("not a well-formed key S-expression structure")

var PreferredHashType = Blake2b

The currently preferred hash algorithm. May change at a later date.

Functions

func Babbleprint

func Babbleprint(p []byte) string

func Dearmor

func Dearmor(r io.Reader, checkFunc func(blk *armor.Block) error) (io.Reader, error)

Returns a reader which reads either the contents of an OpenPGP-armored file, or, if OpenPGP armor is not found, the file itself. If checkFunc is specified and OpenPGP armor is found, it is called with the block. Any errors returned from checkFunc short circuit and are returned.

func DecodeB32

func DecodeB32(s string) ([]byte, error)

func Ed25519RederivePublic

func Ed25519RederivePublic(privateKey *[64]byte) (publicKey *[32]byte)

Rederive an Ed25519 public key from a private key.

func EncodeB32

func EncodeB32(b []byte) string

func FormEd25519PrivateKey

func FormEd25519PrivateKey(privateKey *[64]byte) []interface{}

Form an S-expression structure representing an Ed25519 private key.

func FormEd25519PublicKey

func FormEd25519PublicKey(publicKey *[32]byte) []interface{}

Form an S-expression structure representing an Ed25519 public key.

func FormEd25519PublicKeyFromPrivateKey

func FormEd25519PublicKeyFromPrivateKey(privateKey *[64]byte) []interface{}

Form an S-expression structure representing an Ed25519 public key given the corresponding private key.

func LoadEd25519Key

func LoadEd25519Key(v []interface{}, privateKey *[64]byte) (isPrivate bool, err error)

If isPrivate is false, the public key is at privateKey[32:].

Otherwise the private key is at privateKey[0:32] and the public key is of course as always at privateKey[32:64].

func LoadKeyFile

func LoadKeyFile(r io.Reader, privateKey *[64]byte) (isPrivate bool, err error)

Load a keyfile. The file can contain either an OpenPGP-armored file or an unarmored S-expression.

Types

type FileInfo

type FileInfo struct {
	Filename string
	Length   int64
	HashType HashType
	Hash     []byte
}

Represents a file.

func HashFile

func HashFile(r io.Reader) (*FileInfo, error)

Reads all data from the reader and returns FileInfo. The filename will be blank; you should fill it in yourself.

func LoadFileInfo

func LoadFileInfo(x []interface{}) (*FileInfo, error)

func (*FileInfo) Form

func (fi *FileInfo) Form() []interface{}

type HashType

type HashType string

Represents a SPKI hash type.

Hashes are represented as (hash HASH-TYPE |the hash|), e.g. (hash blake2b |...|).

func LoadHash

func LoadHash(x []interface{}) (HashType, []byte, error)

func ParseHashType

func ParseHashType(hashType string) (HashType, bool)

func (HashType) Form

func (ht HashType) Form(b []byte) []interface{}

Returns a SPKI form representing a hash of the given HashType and a digest of b. Assumes that b is the output of the HashType.

func (HashType) New

func (ht HashType) New() hash.Hash

func (HashType) String

func (ht HashType) String() string