keys: Index | Examples | Files | Directories

package keys

import ""



Package Files

address.go box.go cert.go changes.go detect.go document.go documents.go ed25519.go edx25519.go encode.go errors.go func.go id.go iterator.go key.go keyring.go keystore.go log.go marshal.go mem.go parse.go path.go rand.go request.go scs.go secretbox.go secretkey.go set.go sha.go sigchain.go spew.go ssh.go statement.go time.go user.go usersearch.go userstore.go watch.go x25519.go


const (
    // RFC3339Milli is RFC3339 with millisecond precision
    RFC3339Milli = "2006-01-02T15:04:05.000Z07:00"
const RevokeLabel = "revoke"

RevokeLabel is label for revoking an earlier statement

const SecretKeySize = 32

SecretKeySize is the size of secret key bytes.


var ErrNoKeyring = errors.New("no keyring set")

ErrNoKeyring if no keyring is set.

var ErrUserAlreadySet = errors.New("user set in sigchain already")

ErrUserAlreadySet is user already set in sigchain.

func AsPassphrase Uses

func AsPassphrase(item *keyring.Item) (string, error)

AsPassphrase returns passphrase for keyring Item.

func BoxOpen Uses

func BoxOpen(encrypted []byte, sender *X25519PublicKey, recipient *X25519Key) ([]byte, error)

BoxOpen decrypts a message from a sender.

func BoxSeal Uses

func BoxSeal(b []byte, recipient *X25519PublicKey, sender *X25519Key) []byte

BoxSeal encrypts a message to a recipient.


ak := keys.GenerateX25519Key()
bk := keys.GenerateX25519Key()

msg := "Hey bob, it's alice. The passcode is 12345."
encrypted := keys.BoxSeal([]byte(msg), bk.PublicKey(), ak)

out, err := keys.BoxOpen(encrypted, ak.PublicKey(), bk)
if err != nil {

fmt.Printf("%s\n", string(out))


Hey bob, it's alice. The passcode is 12345.

func Bytes16 Uses

func Bytes16(b []byte) *[16]byte

Bytes16 converts byte slice to *[16]byte.

func Bytes24 Uses

func Bytes24(b []byte) *[24]byte

Bytes24 converts byte slice to *[24]byte.

func Bytes32 Uses

func Bytes32(b []byte) *[32]byte

Bytes32 converts byte slice to *[32]byte.

func Bytes64 Uses

func Bytes64(b []byte) *[64]byte

Bytes64 converts byte slice to *[64]byte.

func DecryptWithPassword Uses

func DecryptWithPassword(encrypted []byte, password string) ([]byte, error)

DecryptWithPassword decrypts bytes using a password.

func DocumentPaths Uses

func DocumentPaths(docs []*Document) []string

DocumentPaths from Document's.

func EncodeKeyToSaltpack Uses

func EncodeKeyToSaltpack(key Key, password string) (string, error)

EncodeKeyToSaltpack encrypts a key to saltpack with password.

func EncryptWithPassword Uses

func EncryptWithPassword(b []byte, password string) []byte

EncryptWithPassword encrypts bytes with a password. Uses argon2.IDKey(password, salt, 1, 64*1024, 4, 32) with 16 byte salt.

func FirstPathComponent Uses

func FirstPathComponent(path string) string

FirstPathComponent returns first path component.

func HMACSHA256 Uses

func HMACSHA256(key []byte, msg []byte) []byte

HMACSHA256 does a HMAC-SHA256 on msg with key.

func IDsToString Uses

func IDsToString(ids []ID, delim string) string

IDsToString returns string for joined Ikeys.

func IDsToStrings Uses

func IDsToStrings(ids []ID) []string

IDsToStrings returns []strings for []ID.

func IsTemporaryError Uses

func IsTemporaryError(err error) bool

IsTemporaryError returns true if the error has Temporary() function and that returns true

func IsValidID Uses

func IsValidID(s string) bool

IsValidID returns true if string is a valid ID.

func LastPathComponent Uses

func LastPathComponent(path string) string

LastPathComponent returns last path component.

func Marshal Uses

func Marshal(es []MarshalValue) []byte

Marshal map entries.

func NewCertificateKeyItem Uses

func NewCertificateKeyItem(id string, certKey *CertificateKey) *keyring.Item

NewCertificateKeyItem creates an Item for a certificate private key.

func NewEdX25519KeyItem Uses

func NewEdX25519KeyItem(signKey *EdX25519Key) *keyring.Item

NewEdX25519KeyItem creates keyring item for EdX25519Key.

func NewEdX25519PublicKeyItem Uses

func NewEdX25519PublicKeyItem(publicKey *EdX25519PublicKey) *keyring.Item

NewEdX25519PublicKeyItem creates keyring item for EdX25519PublicKey.

func NewErrNotFound Uses

func NewErrNotFound(id string) error

NewErrNotFound constructs a ErrNotFound.

func NewPassphraseItem Uses

func NewPassphraseItem(id string, passphrase string) *keyring.Item

NewPassphraseItem creates keyring item for a passphrase.

func NewSecretKeyItem Uses

func NewSecretKeyItem(kid string, secretKey SecretKey) *keyring.Item

NewSecretKeyItem creates keyring item for SecretKey.

func NewX25519KeyItem Uses

func NewX25519KeyItem(key *X25519Key) *keyring.Item

NewX25519KeyItem creates keyring item for X25519Key.

func NewX25519PublicKeyItem Uses

func NewX25519PublicKeyItem(publicKey *X25519PublicKey) *keyring.Item

NewX25519PublicKeyItem creates keyring item for X25519PublicKey.

func Path Uses

func Path(paths ...interface{}) string

Path returns a path string from the specified paths or path components. The components can be strings, values with a String() function.

For example,

Path("a", "b") => "/a/b"
Path("") => "/"
Path("/a/") => "/a"
Path("/a//b") => "/a/b"

func PathComponents Uses

func PathComponents(path string) []string

PathComponents returns the components of a path.

func PublicKeyIDEquals Uses

func PublicKeyIDEquals(expected ID, kid ID) bool

PublicKeyIDEquals returns true if public keys are equal. It will also compare EdX25519 public key and X25519 public keys.

func Rand16 Uses

func Rand16() *[16]byte

Rand16 generates random 16 bytes.

func Rand24 Uses

func Rand24() *[24]byte

Rand24 generates random 24 bytes.

func Rand32 Uses

func Rand32() *[32]byte

Rand32 generates random 32 bytes.

func Rand3262 Uses

func Rand3262() string

Rand3262 returns random 32 bytes Base62 encoded (length 43).

func Rand32P4 Uses

func Rand32P4(n uint32) *[32]byte

Rand32P4 is random 32 bytes with 4 byte prefix.

func RandBytes Uses

func RandBytes(length int) []byte

RandBytes returns random bytes of length.

func RandPassphrase Uses

func RandPassphrase(length int) string

RandPassphrase returns random bytes base62 encoded of length. This will panic, if length < 12.

func RandPhrase Uses

func RandPhrase() string

RandPhrase creates random phrase (bip39 encoded random 32 bytes).

func RandTempPath Uses

func RandTempPath(ext string) string

RandTempPath returns a unique random path.

func RandUsername Uses

func RandUsername(length int) string

RandUsername returns random lowercase string of length.

func RandWords Uses

func RandWords(numWords int) string

RandWords returns random words. numWords must be 1 to 24.

func RetryE Uses

func RetryE(fn func() error) error

RetryE will retry the fn (error) if the error is temporary (such as a temporary net.Error)

func RetrySE Uses

func RetrySE(fn func() (string, error)) (string, error)

RetrySE will retry the fn (string, error) if the error is temporary (such as a temporary net.Error)

func SHA256 Uses

func SHA256(b []byte) []byte

SHA256 for bytes.

func SecretBoxOpen Uses

func SecretBoxOpen(encrypted []byte, secretKey SecretKey) ([]byte, error)

SecretBoxOpen decrypt using SecretKey.

func SecretBoxSeal Uses

func SecretBoxSeal(b []byte, secretKey SecretKey) []byte

SecretBoxSeal encrypt using SecretKey.

func SetLogger Uses

func SetLogger(l Logger)

SetLogger sets logger for the package.

func SigchainHash Uses

func SigchainHash(st *Statement) (*[32]byte, error)

SigchainHash returns hash for Sigchain Statement.

func Sign Uses

func Sign(b []byte, sk *EdX25519Key) []byte

Sign bytes.


alice := keys.GenerateEdX25519Key()
msg := "I'm alice 🤓"
sig := keys.Sign([]byte(msg), alice)
out, err := alice.PublicKey().Verify(sig)
if err != nil {
fmt.Printf("%s\n", string(out))


I'm alice 🤓

func SignDetached Uses

func SignDetached(b []byte, sk *EdX25519Key) []byte

SignDetached sign bytes detached.

func Spew Uses

func Spew(iter DocumentIterator, opts *SpewOpts) (*bytes.Buffer, error)

Spew writes DocumentIterator to buffer.

func SpewOut Uses

func SpewOut(iter DocumentIterator, opts *SpewOpts, out io.Writer) error

SpewOut writes DocumentIterator to io.Writer. You need to specify a path or prefix, since listing root is not supported.

func StatementKey Uses

func StatementKey(kid ID, seq int) string

StatementKey returns key for Statement kid,seq. If seq is <= 0, then there is no key. Path looks like "kpe1a4yj333g68pvd6hfqvufqkv4vy54jfe6t33ljd3kc9rpfty8xlgsfte2sn-000000000000001".

func TimeFromMillis Uses

func TimeFromMillis(m TimeMs) time.Time

TimeFromMillis returns time.Time from milliseconds since epoch.

type Address Uses

type Address struct {
    // contains filtered or unexported fields

Address is a list of IDs.

func NewAddress Uses

func NewAddress(recipients ...ID) (*Address, error)

NewAddress returns address from recipient ids.

func ParseAddress Uses

func ParseAddress(saddrs ...string) (*Address, error)

ParseAddress returns address from a string.

func (*Address) Contains Uses

func (a *Address) Contains(id ID) bool

Contains returns true if address contains the specified id.

func (*Address) RecipientStrings Uses

func (a *Address) RecipientStrings() []string

RecipientStrings returns recipient IDs as strings.

func (Address) Recipients Uses

func (a Address) Recipients() []ID

Recipients returns Ikeys.

func (*Address) String Uses

func (a *Address) String() string

String returns a canonical string representation of an address. The first address part is less than the second part.

NewAddress("bob", "alice").String() => "alice:bob"

type Brand Uses

type Brand string

Brand is saltpack brand.

const EdX25519Brand Brand = "EDX25519 KEY"

EdX25519Brand is saltpack brand for EdX25519 key.

const X25519Brand Brand = "CURVE25519 KEY"

X25519Brand is saltpack brand for X25519 key.

type CertificateKey Uses

type CertificateKey struct {
    // contains filtered or unexported fields

CertificateKey with is a PEM encoded X.509v3 certificate (public key) and a PEM encoded EC private key.

func AsCertificateKey Uses

func AsCertificateKey(item *keyring.Item) (*CertificateKey, error)

AsCertificateKey returns CertificateKey for keyring Item.

func GenerateCertificateKey Uses

func GenerateCertificateKey(commonName string, isCA bool, parent *x509.Certificate) (*CertificateKey, error)

GenerateCertificateKey creates a certificate key.

func NewCertificateKey Uses

func NewCertificateKey(private string, public string) (*CertificateKey, error)

NewCertificateKey from PEM encoded X.509v3 certificate data and PEM encoded EC private key ASN.1, DER format

func (CertificateKey) Private Uses

func (c CertificateKey) Private() string

Private returns a PEM encoded EC private key ASN.1, DER format.

func (CertificateKey) Public Uses

func (c CertificateKey) Public() string

Public returns a PEM encoded X.509v3 certificate.

func (CertificateKey) TLSCertificate Uses

func (c CertificateKey) TLSCertificate() tls.Certificate

TLSCertificate returns a tls.Certificate.

func (CertificateKey) X509Certificate Uses

func (c CertificateKey) X509Certificate() (*x509.Certificate, error)

X509Certificate returns a x509.Certificate.

type Change Uses

type Change struct {
    Path      string    `json:"path" firestore:"path"`
    Timestamp time.Time `json:"ts" firestore:"ts"`

Change is used to track changes at a path. If this format changes, you should also change in firestore and other backends that don't directly use this struct on set.

type Changes Uses

type Changes interface {
    ChangeAdd(ctx context.Context, name string, id string, ref string) error
    Changes(ctx context.Context, name string, from time.Time, limit int, direction Direction) ([]*Change, time.Time, error)

Changes describes changes to a path.

type Collection Uses

type Collection struct {
    // Path to Document's.
    Path string

Collection is a location for Document's.

func CollectionsFromIterator Uses

func CollectionsFromIterator(iter CollectionIterator) ([]*Collection, error)

CollectionsFromIterator returns Collection's from CollectionIterator.

type CollectionIterator Uses

type CollectionIterator interface {
    // Next collection, or nil.
    Next() (*Collection, error)
    // Release resources associated with the iterator.

CollectionIterator is an iterator for Collection's.

func NewCollectionIterator Uses

func NewCollectionIterator(cols []*Collection) CollectionIterator

NewCollectionIterator returns an iterator for a Collection slice.

type ContextLogger Uses

type ContextLogger interface {
    Debugf(ctx context.Context, format string, args ...interface{})
    Infof(ctx context.Context, format string, args ...interface{})
    Warningf(ctx context.Context, format string, args ...interface{})
    Errorf(ctx context.Context, format string, args ...interface{})

ContextLogger interface used in this package with request context.

func NewContextLogger Uses

func NewContextLogger(lev LogLevel) ContextLogger

NewContextLogger ...

type DataType Uses

type DataType = string
const (
    // UnknownType is unknown
    UnknownType DataType = ""
    // IDType is string identifier (keys.ID)
    IDType DataType = "id"

    // SaltpackType is armored saltpack encoding.
    SaltpackArmoredType DataType = "saltpack-armored"

    // SSHPublicType is ssh public key "ssh-ed25519 AAAAC3Nz..."
    SSHPublicType DataType = "ssh-public"
    // SSHType is ssh private key "-----BEGIN OPENSSH PRIVATE..."
    SSHType DataType = "ssh"

func DetectDataType Uses

func DetectDataType(b []byte) DataType

DetectDataType tries to find out what data type the bytes are.

type Direction Uses

type Direction string

Direction is ascending or descending.

const (
    Ascending  Direction = "asc"
    Descending Direction = "desc"

type Document Uses

type Document struct {
    // Path of document.
    Path string
    // Data ...
    Data []byte

    // CreatedAt (read only). The time at which the document was created.
    CreatedAt time.Time
    // UpdatedAt (read only). The time at which the document was last changed.
    UpdatedAt time.Time

Document is a data at a path with metadata.

func DocumentsFromIterator Uses

func DocumentsFromIterator(iter DocumentIterator) ([]*Document, error)

DocumentsFromIterator returns Document's from DocumentIterator.

func NewDocument Uses

func NewDocument(path string, data []byte) *Document

NewDocument creates a datastore document.

func (*Document) Contains Uses

func (d *Document) Contains(contains string) bool

Contains returns true if path or value contains the string.

func (*Document) Pretty Uses

func (d *Document) Pretty() []byte

Pretty returns "prettified" output, if data is a format that supports it.

func (Document) String Uses

func (d Document) String() string

type DocumentIterator Uses

type DocumentIterator interface {
    // Next document, or nil.
    Next() (*Document, error)
    // Release resources associated with the iterator.

DocumentIterator is an iterator for Document's.

func NewDocumentIterator Uses

func NewDocumentIterator(docs []*Document) DocumentIterator

NewDocumentIterator returns an iterator for a Document slice.

type DocumentStore Uses

type DocumentStore interface {
    // Create data at path.
    // ErrPathExists if path already exists.
    Create(ctx context.Context, path string, b []byte) error

    // Create or set data at path.
    Set(ctx context.Context, path string, b []byte) error

    // Get path.
    // If not found, returns nil.
    Get(ctx context.Context, path string) (*Document, error)

    // GetAll at paths.
    // If a path is not found, it is ignored.
    GetAll(ctx context.Context, paths []string) ([]*Document, error)

    // Exists, if exists at path.
    Exists(ctx context.Context, path string) (bool, error)

    // Delete at path.
    Delete(ctx context.Context, path string) (bool, error)
    // If a path is not found, it is ignored.
    DeleteAll(ctx context.Context, paths []string) error

    // Documents for Document's.
    Documents(ctx context.Context, parent string, opts *DocumentsOpts) (DocumentIterator, error)

    // Collections are parents of Document's.
    Collections(ctx context.Context, parent string) (CollectionIterator, error)

DocumentStore is a place for Document's.

type DocumentsOpts Uses

type DocumentsOpts struct {
    // Prefix to filter on.
    Prefix string
    // Index is offset into number of documents.
    Index int
    // Limit is number of documents (max) to return.
    Limit int
    // PathOnly to only include only path in Document (no data).
    PathOnly bool

DocumentsOpts are options for iterating documents.

type EdX25519Key Uses

type EdX25519Key struct {
    // contains filtered or unexported fields

EdX25519Key is a EdX25519 key capable of signing and encryption (converted to a X25519 key).

func AsEdX25519Key Uses

func AsEdX25519Key(item *keyring.Item) (*EdX25519Key, error)

AsEdX25519Key returns EdX25519Key for keyring Item.

func GenerateEdX25519Key Uses

func GenerateEdX25519Key() *EdX25519Key

GenerateEdX25519Key generates a EdX25519Key (EdX25519).


alice := keys.GenerateEdX25519Key()
fmt.Printf("Alice: %s\n", alice.ID())

func NewEdX25519KeyFromPrivateKey Uses

func NewEdX25519KeyFromPrivateKey(privateKey *[ed25519.PrivateKeySize]byte) *EdX25519Key

NewEdX25519KeyFromPrivateKey constructs EdX25519Key from a private key. The public key is derived from the private key.

func NewEdX25519KeyFromSeed Uses

func NewEdX25519KeyFromSeed(seed *[ed25519.SeedSize]byte) *EdX25519Key

NewEdX25519KeyFromSeed constructs EdX25519Key from an ed25519 seed. The private key is derived from this seed and the public key is derived from the private key.

func ParseSSHKey Uses

func ParseSSHKey(pemBytes []byte, passphrase []byte, trim bool) (*EdX25519Key, error)

func (EdX25519Key) Bytes Uses

func (k EdX25519Key) Bytes() []byte

Bytes for key.

func (EdX25519Key) Bytes64 Uses

func (k EdX25519Key) Bytes64() *[64]byte

Bytes64 for key.

func (EdX25519Key) ID Uses

func (k EdX25519Key) ID() ID

ID ...

func (EdX25519Key) PrivateKey Uses

func (k EdX25519Key) PrivateKey() *[ed25519.PrivateKeySize]byte

PrivateKey returns private key part.

func (EdX25519Key) PublicKey Uses

func (k EdX25519Key) PublicKey() *EdX25519PublicKey

PublicKey returns public part.

func (EdX25519Key) Seed Uses

func (k EdX25519Key) Seed() *[ed25519.SeedSize]byte

Seed returns information on how to generate this key from ed25519 package seed.

func (*EdX25519Key) Sign Uses

func (k *EdX25519Key) Sign(b []byte) []byte

Sign bytes with the (sign) private key.

func (*EdX25519Key) SignDetached Uses

func (k *EdX25519Key) SignDetached(b []byte) []byte

SignDetached sign bytes detached.

func (EdX25519Key) String Uses

func (k EdX25519Key) String() string

func (EdX25519Key) Type Uses

func (k EdX25519Key) Type() KeyType

Type ...

func (*EdX25519Key) X25519Key Uses

func (k *EdX25519Key) X25519Key() *X25519Key

X25519Key converts EdX25519Key to X25519Key.

type EdX25519PublicKey Uses

type EdX25519PublicKey struct {
    // contains filtered or unexported fields

EdX25519PublicKey is the public part of EdX25519 key pair.

func AsEdX25519PublicKey Uses

func AsEdX25519PublicKey(item *keyring.Item) (*EdX25519PublicKey, error)

AsEdX25519PublicKey returns EdX25519PublicKey for keyring Item.

func NewEdX25519PublicKey Uses

func NewEdX25519PublicKey(b *[ed25519.PublicKeySize]byte) *EdX25519PublicKey

NewEdX25519PublicKey creates a EdX25519PublicKey.

func NewEdX25519PublicKeyFromID Uses

func NewEdX25519PublicKeyFromID(id ID) (*EdX25519PublicKey, error)

NewEdX25519PublicKeyFromID converts ID to EdX25519PublicKey.

func ParseSSHPublicKey Uses

func ParseSSHPublicKey(s string) (*EdX25519PublicKey, error)

func (EdX25519PublicKey) Bytes Uses

func (s EdX25519PublicKey) Bytes() []byte

Bytes for key.

func (EdX25519PublicKey) Bytes32 Uses

func (s EdX25519PublicKey) Bytes32() *[32]byte

Bytes32 for key.

func (EdX25519PublicKey) ID Uses

func (s EdX25519PublicKey) ID() ID

ID for sign public key.

func (EdX25519PublicKey) String Uses

func (s EdX25519PublicKey) String() string

func (*EdX25519PublicKey) Type Uses

func (s *EdX25519PublicKey) Type() KeyType

Type ...

func (EdX25519PublicKey) Verify Uses

func (s EdX25519PublicKey) Verify(b []byte) ([]byte, error)

Verify verifies a message and signature with public key.

func (EdX25519PublicKey) VerifyDetached Uses

func (s EdX25519PublicKey) VerifyDetached(sig []byte, b []byte) error

VerifyDetached verifies a detached message.

func (EdX25519PublicKey) X25519PublicKey Uses

func (s EdX25519PublicKey) X25519PublicKey() *X25519PublicKey

X25519PublicKey converts the ed25519 public key to a x25519 public key.

type ErrHTTP Uses

type ErrHTTP struct {
    StatusCode int

ErrHTTP is an HTTP Error.

func (ErrHTTP) Error Uses

func (e ErrHTTP) Error() string

type ErrNotFound Uses

type ErrNotFound struct {
    ID string

ErrNotFound describes a key not found error when a key is required.

func (ErrNotFound) Error Uses

func (e ErrNotFound) Error() string

type ErrPathExists Uses

type ErrPathExists struct {
    Path string

ErrPathExists is trying to set value that already exists.

func NewErrPathExists Uses

func NewErrPathExists(path string) ErrPathExists

NewErrPathExists ...

func (ErrPathExists) Error Uses

func (e ErrPathExists) Error() string

type ErrTemporary Uses

type ErrTemporary struct {
    // contains filtered or unexported fields

ErrTemporary means there was a temporary error

func NewErrTemporary Uses

func NewErrTemporary(msg string) ErrTemporary

NewErrTemporary creates temporary error.

func (ErrTemporary) Error Uses

func (e ErrTemporary) Error() string

func (ErrTemporary) Temporary Uses

func (e ErrTemporary) Temporary() bool

Temporary returns true.

type ErrTimeout Uses

type ErrTimeout struct {
    // contains filtered or unexported fields

ErrTimeout is a timeout error.

type ID Uses

type ID string

ID a bech32 encoded string.

func MustID Uses

func MustID(hrp string, b []byte) ID

MustID returns ID from HRP (human readable part) and bytes, or panics if invalid.

func NewID Uses

func NewID(hrp string, b []byte) (ID, error)

NewID creates ID from HRP (human readable part) and bytes.

func ParseID Uses

func ParseID(s string) (ID, error)

ParseID parses a string and validates an ID.

func ParseIDs Uses

func ParseIDs(strs []string) ([]ID, error)

ParseIDs returns IDs from strings.

func RandID Uses

func RandID(hrp string) ID

RandID returns random ID

func (ID) Decode Uses

func (i ID) Decode() (string, []byte, error)

Decode ID into HRP (human readable part) and bytes (data).

func (ID) IsEdX25519 Uses

func (i ID) IsEdX25519() bool

IsEdX25519 returns true if ID represents a EdX25519 key.

func (ID) IsX25519 Uses

func (i ID) IsX25519() bool

IsX25519 returns true if ID represents a X25519 key.

func (ID) Key Uses

func (i ID) Key() (Key, error)

Key is the public key from an ID.

func (ID) PublicKeyType Uses

func (i ID) PublicKeyType() KeyType

PublicKeyType returns public key type that ID represents or empty string if unknown.

func (ID) String Uses

func (i ID) String() string

func (ID) WithSeq Uses

func (i ID) WithSeq(seq int) string

WithSeq returns string with a sequence value appended to the ID.

type IDSet Uses

type IDSet struct {
    // contains filtered or unexported fields

IDSet is a set of strings.

func NewIDSet Uses

func NewIDSet(ids ...ID) *IDSet

NewIDSet creates IDSet.

func NewIDSetWithCapacity Uses

func NewIDSetWithCapacity(capacity int) *IDSet

NewIDSetWithCapacity ..

func (*IDSet) Add Uses

func (s *IDSet) Add(id ID)

Add to set.

func (*IDSet) AddAll Uses

func (s *IDSet) AddAll(ids []ID)

AddAll to set.

func (*IDSet) Clear Uses

func (s *IDSet) Clear()

Clear set.

func (*IDSet) Contains Uses

func (s *IDSet) Contains(id ID) bool

Contains returns true if set contains string.

func (*IDSet) IDs Uses

func (s *IDSet) IDs() []ID

IDs returns IDs in set.

func (*IDSet) Size Uses

func (s *IDSet) Size() int

Size for set.

type Key Uses

type Key interface {
    // ID for the key.
    ID() ID

    // Type of key.
    Type() KeyType

    // Bytes are key data.
    Bytes() []byte

Key with identifier, bytes and type string.

func DecodeKeyFromSaltpack Uses

func DecodeKeyFromSaltpack(msg string, password string, isHTML bool) (Key, error)

DecodeKeyFromSaltpack decrypts a saltpack encrypted key.

func ParseKey Uses

func ParseKey(b []byte, password string) (Key, error)

ParseKey tries to determine what key type and parses the key bytes.

type KeyType Uses

type KeyType string

KeyType ...

const EdX25519 KeyType = "edx25519"

EdX25519 key.

const EdX25519Public KeyType = "ed25519-public"

EdX25519Public public key.

const X25519 KeyType = "x25519"

X25519 key type.

const X25519Public KeyType = "x25519-public"

X25519Public public key type.

type Keystore Uses

type Keystore struct {
    // contains filtered or unexported fields

Keystore can saves to the keyring.

func NewKeystore Uses

func NewKeystore(kr keyring.Keyring) *Keystore

NewKeystore constructs a Keystore.

func NewMemKeystore Uses

func NewMemKeystore() *Keystore

NewMemKeystore returns Keystore backed by an in memory keyring. This is useful for testing or ephemeral key stores.

func (*Keystore) Delete Uses

func (k *Keystore) Delete(kid ID) (bool, error)

Delete removes an item from the keystore.

func (*Keystore) EdX25519Key Uses

func (k *Keystore) EdX25519Key(kid ID) (*EdX25519Key, error)

EdX25519Key returns sign key for a key identifier.

func (Keystore) EdX25519Keys Uses

func (k Keystore) EdX25519Keys() ([]*EdX25519Key, error)

EdX25519Keys from the Keystore.

func (*Keystore) EdX25519PublicKey Uses

func (k *Keystore) EdX25519PublicKey(kid ID) (*EdX25519PublicKey, error)

EdX25519PublicKey returns sign public key from the Keystore. Since the public key itself is in the ID, you can convert the ID without getting it from the keystore via NewEdX25519PublicKeyFromID.

func (Keystore) EdX25519PublicKeys Uses

func (k Keystore) EdX25519PublicKeys() ([]*EdX25519PublicKey, error)

EdX25519PublicKeys from the Keystore. Includes public keys of EdX25519Key's.

func (*Keystore) ExportSaltpack Uses

func (k *Keystore) ExportSaltpack(id ID, password string) (string, error)

ExportSaltpack exports key from the keystore to a saltpack message.

func (*Keystore) FindEdX25519PublicKey Uses

func (k *Keystore) FindEdX25519PublicKey(kid ID) (*EdX25519PublicKey, error)

FindEdX25519PublicKey searches all our EdX25519 public keys for a match to a converted X25519 public key.

func (*Keystore) ImportSaltpack Uses

func (k *Keystore) ImportSaltpack(msg string, password string, isHTML bool) (Key, error)

ImportSaltpack imports key into the keystore from a saltpack message.

func (*Keystore) Key Uses

func (k *Keystore) Key(id ID) (Key, error)

Key for id.

func (*Keystore) Keyring Uses

func (k *Keystore) Keyring() (keyring.Keyring, error)

Keyring for Keystore.

func (*Keystore) Keys Uses

func (k *Keystore) Keys(opts *Opts) ([]Key, error)

Keys lists keys in the keyring. It ignores keyring items that aren't keys or of the specified types.

func (*Keystore) SaveEdX25519Key Uses

func (k *Keystore) SaveEdX25519Key(signKey *EdX25519Key) error

SaveEdX25519Key saves a EdX25519Key to the Keystore.

func (*Keystore) SaveEdX25519PublicKey Uses

func (k *Keystore) SaveEdX25519PublicKey(spk *EdX25519PublicKey) error

SaveEdX25519PublicKey saves EdX25519PublicKey to the Keystore.

func (*Keystore) SaveKey Uses

func (k *Keystore) SaveKey(key Key) error

SaveKey saves Key based on its type.

func (*Keystore) SavePublicKey Uses

func (k *Keystore) SavePublicKey(kid ID) error

SavePublicKey saves a public key from a key identifier.

func (*Keystore) SaveX25519Key Uses

func (k *Keystore) SaveX25519Key(bk *X25519Key) error

SaveX25519Key saves a X25519Key to the Keystore.

func (*Keystore) SaveX25519PublicKey Uses

func (k *Keystore) SaveX25519PublicKey(bpk *X25519PublicKey) error

SaveX25519PublicKey saves a X25519PublicKey to the Keystore.

func (*Keystore) X25519Key Uses

func (k *Keystore) X25519Key(kid ID) (*X25519Key, error)

X25519Key returns a box key for an identifier

func (*Keystore) X25519Keys Uses

func (k *Keystore) X25519Keys() ([]*X25519Key, error)

X25519Keys from the Keystore. Also includes edx25519 keys converted to x25519 keys.

func (*Keystore) X25519PublicKey Uses

func (k *Keystore) X25519PublicKey(kid ID) (*X25519PublicKey, error)

X25519PublicKey returns box public key from the Keystore. Since the public key itself is in the ID, you can convert the ID without getting it from the keystore via X25519PublicKeyForID.

type LogLevel Uses

type LogLevel int

LogLevel ...

const (
    // DebugLevel ...
    DebugLevel LogLevel = 3
    // InfoLevel ...
    InfoLevel LogLevel = 2
    // WarnLevel ...
    WarnLevel LogLevel = 1
    // ErrLevel ...
    ErrLevel LogLevel = 0

func (LogLevel) String Uses

func (l LogLevel) String() string

type Logger Uses

type Logger interface {
    Debugf(format string, args ...interface{})
    Infof(format string, args ...interface{})
    Warningf(format string, args ...interface{})
    Errorf(format string, args ...interface{})
    Fatalf(format string, args ...interface{})

Logger interface used in this package.

func NewLogger Uses

func NewLogger(lev LogLevel) Logger

NewLogger ...

type MarshalValue Uses

type MarshalValue interface {
    Marshal() string

MarshalValue to string.

func NewIntEntry Uses

func NewIntEntry(key string, value int) MarshalValue

NewIntEntry ...

func NewStringEntry Uses

func NewStringEntry(key string, value string) MarshalValue

NewStringEntry ...

type Mem Uses

type Mem struct {
    // contains filtered or unexported fields

Mem is an in memory DocumentStore implementation.

func NewMem Uses

func NewMem() *Mem

NewMem creates an in memory DocumentStore implementation.

func (*Mem) ChangeAdd Uses

func (m *Mem) ChangeAdd(ctx context.Context, name string, id string, ref string) error

ChangeAdd ...

func (*Mem) Changes Uses

func (m *Mem) Changes(ctx context.Context, name string, ts time.Time, limit int, direction Direction) ([]*Change, time.Time, error)

Changes ...

func (*Mem) Collections Uses

func (m *Mem) Collections(ctx context.Context, parent string) (CollectionIterator, error)

Collections ...

func (*Mem) Create Uses

func (m *Mem) Create(ctx context.Context, path string, b []byte) error

Create at path. ErrPathExists if entry already exists.

func (*Mem) Delete Uses

func (m *Mem) Delete(ctx context.Context, path string) (bool, error)

Delete ...

func (*Mem) DeleteAll Uses

func (m *Mem) DeleteAll(ctx context.Context, paths []string) error

func (*Mem) Documents Uses

func (m *Mem) Documents(ctx context.Context, parent string, opts *DocumentsOpts) (DocumentIterator, error)

Documents ...

func (*Mem) Exists Uses

func (m *Mem) Exists(ctx context.Context, path string) (bool, error)

Exists returns true if path exists.

func (*Mem) Get Uses

func (m *Mem) Get(ctx context.Context, path string) (*Document, error)

Get data at path.

func (*Mem) GetAll Uses

func (m *Mem) GetAll(ctx context.Context, paths []string) ([]*Document, error)

GetAll paths

func (*Mem) Now Uses

func (m *Mem) Now() time.Time

Now returns current time.

func (*Mem) Set Uses

func (m *Mem) Set(ctx context.Context, path string, b []byte) error

Set data at path.

func (*Mem) SetTimeNow Uses

func (m *Mem) SetTimeNow(nowFn func() time.Time)

SetTimeNow to use a custom time.Now.

func (*Mem) StopWatching Uses

func (m *Mem) StopWatching(path string)

StopWatching ...

func (*Mem) StopWatchingAll Uses

func (m *Mem) StopWatchingAll()

StopWatchingAll ...

func (*Mem) URI Uses

func (m *Mem) URI() string

URI ...

func (*Mem) Watch Uses

func (m *Mem) Watch(path string, ln WatchLn) error

Watch ...

type MockRequestor Uses

type MockRequestor struct {
    // contains filtered or unexported fields

MockRequestor ...

func NewMockRequestor Uses

func NewMockRequestor() *MockRequestor

NewMockRequestor with mocked responses.

func (*MockRequestor) RequestURL Uses

func (r *MockRequestor) RequestURL(ctx context.Context, u *url.URL) ([]byte, error)

RequestURL ...

func (*MockRequestor) Response Uses

func (r *MockRequestor) Response(url string) ([]byte, error)

Response returns mocked response.

func (*MockRequestor) SetError Uses

func (r *MockRequestor) SetError(url string, err error)

SetError ...

func (*MockRequestor) SetResponse Uses

func (r *MockRequestor) SetResponse(url string, b []byte)

SetResponse ...

type Opts Uses

type Opts struct {
    Types []KeyType

Opts are options for listing keys.

type PathType Uses

type PathType string

PathType denotes the type of path.

const KeyPathType PathType = "key"

KeyPathType is a path with 2 components, meant for a syncable key/value store, like Firebase or leveldb.

const URLPathType PathType = "url"

URLPathType is a path with more than 2 components for web APIs.

type Requestor Uses

type Requestor interface {
    RequestURL(ctx context.Context, u *url.URL) ([]byte, error)

Requestor defines how to get bytes from a URL.

func NewHTTPRequestor Uses

func NewHTTPRequestor() Requestor

NewHTTPRequestor creates a Requestor for HTTP URLs.

type SecretKey Uses

type SecretKey *[SecretKeySize]byte

SecretKey is a symmetric key.

func AsSecretKey Uses

func AsSecretKey(item *keyring.Item) (SecretKey, error)

AsSecretKey returns SecretKey for keyring Item.

func GenerateSecretKey Uses

func GenerateSecretKey() SecretKey

GenerateSecretKey generates a SecretKey.

func NewSecretKey Uses

func NewSecretKey(b []byte) (SecretKey, error)

NewSecretKey from bytes.

func RandKey Uses

func RandKey() SecretKey

RandKey generates a random secret key.

type Sigchain Uses

type Sigchain struct {
    // contains filtered or unexported fields

Sigchain is a chain of signed statements by a sign key.

func NewSigchain Uses

func NewSigchain(kid ID) *Sigchain

NewSigchain returns a new Sigchain for a EdX25519PublicKey.


clock := newClock()
alice := keys.GenerateEdX25519Key()
sc := keys.NewSigchain(alice.ID())

// Create root statement
st, err := keys.NewSigchainStatement(sc, []byte("hi! 🤓"), alice, "", clock.Now())
if err != nil {
if err := sc.Add(st); err != nil {

// Add 2nd statement
st2, err := keys.NewSigchainStatement(sc, []byte("2nd message"), alice, "", clock.Now())
if err != nil {
if err := sc.Add(st2); err != nil {

// Revoke 2nd statement
_, err = sc.Revoke(2, alice)
if err != nil {

// Spew
spew, err := sc.Spew()
if err != nil {

func (*Sigchain) Add Uses

func (s *Sigchain) Add(st *Statement) error

Add signed statement to the Sigchain.

func (*Sigchain) AddAll Uses

func (s *Sigchain) AddAll(statements []*Statement) error

AddAll pushes signed statements to the Sigchain.

func (Sigchain) FindAll Uses

func (s Sigchain) FindAll(typ string) []*Statement

FindAll returns statements of type.

func (Sigchain) FindLast Uses

func (s Sigchain) FindLast(typ string) *Statement

FindLast search from the last statement to the first, returning after If type is specified, we will search for that statement type. If we found a statement and it was revoked, we return nil.

func (Sigchain) IsRevoked Uses

func (s Sigchain) IsRevoked(seq int) bool

IsRevoked returns true if statement was revoked.

func (*Sigchain) KID Uses

func (s *Sigchain) KID() ID

KID is the sign public key ID.

func (Sigchain) Last Uses

func (s Sigchain) Last() *Statement

Last returns last statement or nil if none.

func (Sigchain) LastSeq Uses

func (s Sigchain) LastSeq() int

LastSeq returns last signed statment seq (or 0 if no signed statements exist).

func (Sigchain) Length Uses

func (s Sigchain) Length() int

Length of Sigchain.

func (*Sigchain) Revoke Uses

func (s *Sigchain) Revoke(revoke int, sk *EdX25519Key) (*Statement, error)

Revoke a signed statement in the Sigchain.

func (*Sigchain) Spew Uses

func (s *Sigchain) Spew() (*bytes.Buffer, error)

Spew shows formatted sigchain output.

func (Sigchain) Statements Uses

func (s Sigchain) Statements() []*Statement

Statements are all the signed statements.

func (*Sigchain) User Uses

func (s *Sigchain) User() (*User, error)

User (statement) signed into the sigchain.

func (Sigchain) VerifyStatement Uses

func (s Sigchain) VerifyStatement(st *Statement, prev *Statement) error

VerifyStatement verifies a signed statement against a previous statement (in a Sigchain).

type SigchainStore Uses

type SigchainStore interface {
    // KIDs returns all the sigchain KIDs.
    KIDs() ([]ID, error)

    // Sigchain for kid.
    Sigchain(kid ID) (*Sigchain, error)

    // SaveSigchain saves sigchain to the store.
    SaveSigchain(sc *Sigchain) error
    // DeleteSigchain deletes sigchain from the store.
    DeleteSigchain(kid ID) (bool, error)

    // SigchainExists if true, has sigchain
    SigchainExists(kid ID) (bool, error)

    // Now is current time.
    Now() time.Time
    // SetTimeNow sets clock.
    SetTimeNow(nowFn func() time.Time)

SigchainStore provides access to sigchains, usually backed by a DocumentStore, such as a local db.

func NewSigchainStore Uses

func NewSigchainStore(dst DocumentStore) SigchainStore

NewSigchainStore creates a SigchainStore from a DocumentStore.

type SpewFormat Uses

type SpewFormat string

SpewFormat is format for Spew.

const (
    // SpewFormatDefault ...
    SpewFormatDefault SpewFormat = ""
    // SpewFormatTable is in a grid, each entry separated by newlines.
    SpewFormatTable SpewFormat = "table"
    // SpewFormatFlat are fields separated by newlines and entries separated by empty lines.
    SpewFormatFlat SpewFormat = "flat"

type SpewOpts Uses

type SpewOpts struct {
    Format SpewFormat

SpewOpts are options for Spew.

type Statement Uses

type Statement struct {
    // Sig is the signature bytes.
    Sig []byte

    // Data.
    Data []byte
    // KID is the key that signed.
    KID ID

    // Seq in a sigchain (1 is root, optional if not in sigchain).
    Seq int
    // Prev is a hash of the previous item in the sigchain (optional if root).
    Prev []byte
    // Revoke refers to a previous signed seq to revoke (optional).
    Revoke int

    // Type (optional).
    Type string

    // Timestamp (optional).
    Timestamp time.Time
    // contains filtered or unexported fields

Statement signed.

func NewRevokeStatement Uses

func NewRevokeStatement(sc *Sigchain, revoke int, sk *EdX25519Key) (*Statement, error)

NewRevokeStatement creates a revoke Statement.

func NewSigchainStatement Uses

func NewSigchainStatement(sc *Sigchain, b []byte, sk *EdX25519Key, typ string, ts time.Time) (*Statement, error)

NewSigchainStatement creates a signed Statement to be added to the Sigchain.

func NewSignedStatement Uses

func NewSignedStatement(b []byte, sk *EdX25519Key, typ string, ts time.Time) *Statement

NewSignedStatement creates a signed Statement. Use NewSigchainStatement if part of a Sigchain.

func NewStatement Uses

func NewStatement(sig []byte, data []byte, spk StatementPublicKey, seq int, prev []byte, revoke int, typ string, ts time.Time) (*Statement, error)

NewStatement creates a new statement from specified parameters. Use NewSigchainStatement for a signed Sigchain Statement. Use NewSignedStatement for a signed Statement outside a Sigchain.

func NewUnverifiedStatement Uses

func NewUnverifiedStatement(sig []byte, data []byte, kid ID, seq int, prev []byte, revoke int, typ string, ts time.Time) *Statement

NewUnverifiedStatement creates an unverified statement.

func NewUserSigchainStatement Uses

func NewUserSigchainStatement(sc *Sigchain, user *User, sk *EdX25519Key, ts time.Time) (*Statement, error)

NewUserSigchainStatement for a user to add to a Sigchain. Returns ErrUserAlreadySet is user already exists in the Sigchain.

func StatementFromBytes Uses

func StatementFromBytes(b []byte) (*Statement, error)

StatementFromBytes returns Statement from JSON bytes.

func (*Statement) Bytes Uses

func (s *Statement) Bytes() []byte

Bytes is the serialized Statement.

func (Statement) Key Uses

func (s Statement) Key() string

Key for a Statement. If Seq is not set, then there is no key. Key looks like "kpe1a4yj333g68pvd6hfqvufqkv4vy54jfe6t33ljd3kc9rpfty8xlgsfte2sn-000000000000001".

func (Statement) MarshalJSON Uses

func (s Statement) MarshalJSON() ([]byte, error)

MarshalJSON marshals statement to JSON.

func (Statement) SpecificSerialization Uses

func (s Statement) SpecificSerialization() []byte

SpecificSerialization is the specific serialization or the bytes to sign. It is the statement serialized without the sig value.

func (Statement) URL Uses

func (s Statement) URL() string

URL returns path string for a Statement in the HTTP API. If Seq is not set, then there is no path. Path looks like "/ed1a4yj333g68pvd6hfqvufqkv4vy54jfe6t33ljd3kc9rpfty8xlgsfte2sn/1".

func (*Statement) UnmarshalJSON Uses

func (s *Statement) UnmarshalJSON(b []byte) error

UnmarshalJSON unmarshals a statement from JSON.

func (*Statement) Verify Uses

func (s *Statement) Verify() error

Verify statement.

type StatementPublicKey Uses

type StatementPublicKey interface {
    ID() ID
    Verify(b []byte) ([]byte, error)
    VerifyDetached(sig []byte, b []byte) error

StatementPublicKey is public key for a Statement.

func StatementPublicKeyFromID Uses

func StatementPublicKeyFromID(id ID) (StatementPublicKey, error)

StatementPublicKeyFromID converts ID to StatementPublicKey.

type StringSet Uses

type StringSet struct {
    // contains filtered or unexported fields

StringSet is a set of strings.

func NewStringSet Uses

func NewStringSet(s ...string) *StringSet

NewStringSet creates StringSet.

func NewStringSetSplit Uses

func NewStringSetSplit(s string, delim string) *StringSet

NewStringSetSplit creates StringSet for split string.

func NewStringSetWithCapacity Uses

func NewStringSetWithCapacity(capacity int) *StringSet

NewStringSetWithCapacity ..

func (*StringSet) Add Uses

func (s *StringSet) Add(str string)

Add to set.

func (*StringSet) AddAll Uses

func (s *StringSet) AddAll(strs []string)

AddAll to set.

func (*StringSet) Clear Uses

func (s *StringSet) Clear()

Clear set.

func (*StringSet) Contains Uses

func (s *StringSet) Contains(str string) bool

Contains returns true if set contains string.

func (*StringSet) Remove Uses

func (s *StringSet) Remove(str string)

Remove from set.

func (*StringSet) Size Uses

func (s *StringSet) Size() int

Size for set.

func (*StringSet) Sorted Uses

func (s *StringSet) Sorted() []string

Sorted returns strings in set, sorted.

func (*StringSet) Strings Uses

func (s *StringSet) Strings() []string

Strings returns strings in set.

type TimeMs Uses

type TimeMs int64

TimeMs is time as number of milliseconds from epoch.

func TimePtrToMillis Uses

func TimePtrToMillis(t *time.Time) TimeMs

TimePtrToMillis returns milliseconds since epoch from time.Time. If t is nil or t.IsZero() we return 0.

func TimeToMillis Uses

func TimeToMillis(t time.Time) TimeMs

TimeToMillis returns milliseconds since epoch from time.Time. If t.IsZero() we return 0.

type User Uses

type User struct {
    Name    string
    KID     ID
    Seq     int
    Service string
    URL     string

User describes a name on a service with a signed statement at a URL, signed into a sigchain at (KID, seq).

func NewUser Uses

func NewUser(ust *UserStore, kid ID, service string, name string, rawurl string, seq int) (*User, error)

NewUser returns User used in a signing statement.

func NewUserForSigning Uses

func NewUserForSigning(ust *UserStore, kid ID, service string, name string) (*User, error)

NewUserForSigning returns User for signing (doesn't have remote URL yet).

func VerifyUser Uses

func VerifyUser(msg string, kid ID, user *User) (*User, error)

VerifyUser armored message for a user. If user is specified, we will verify it matches the User in the verified message.

func (User) Bytes Uses

func (u User) Bytes() []byte

Bytes is a serialized User.

func (User) MarshalJSON Uses

func (u User) MarshalJSON() ([]byte, error)

MarshalJSON marshals user to JSON.

func (*User) Sign Uses

func (u *User) Sign(key *EdX25519Key) (string, error)

Sign user into an armored message.

func (User) String Uses

func (u User) String() string

func (*User) UnmarshalJSON Uses

func (u *User) UnmarshalJSON(b []byte) error

UnmarshalJSON unmarshals a user from JSON.

type UserResult Uses

type UserResult struct {
    Err        string     `json:"err,omitempty"`
    Status     UserStatus `json:"status"`
    Timestamp  TimeMs     `json:"ts"`
    User       *User      `json:"user"`
    VerifiedAt TimeMs     `json:"vts"`

UserResult is result of a user result.

func (UserResult) Expired Uses

func (r UserResult) Expired(now time.Time, dt time.Duration) bool

Expired returns true if result is older than dt.

func (UserResult) String Uses

func (r UserResult) String() string

type UserSearchRequest Uses

type UserSearchRequest struct {
    // Query to search for.
    Query string
    // Limit number of results.
    Limit int

UserSearchRequest ...

type UserSearchResult Uses

type UserSearchResult struct {
    KID        ID
    UserResult *UserResult

UserSearchResult ...

type UserStatus Uses

type UserStatus string

UserStatus is the status of the user statement.

const (
    // UserStatusOK if user was found and verified.
    UserStatusOK UserStatus = "ok"
    // UserStatusResourceNotFound if resource (URL) was not found.
    UserStatusResourceNotFound UserStatus = "resource-not-found"
    // UserStatusContentNotFound if resource was found, but message was missing.
    UserStatusContentNotFound UserStatus = "content-not-found"
    // UserStatusStatementInvalid if statement was found but was invalid.
    UserStatusStatementInvalid UserStatus = "statement-invalid"
    // UserStatusContentInvalid if statement was valid, but other data was invalid.
    UserStatusContentInvalid UserStatus = "content-invalid"
    // UserStatusConnFailure if there was a network connection failure.
    UserStatusConnFailure UserStatus = "connection-fail"
    // UserStatusFailure is any other failure.
    UserStatusFailure UserStatus = "fail"
    // UserStatusUnknown is unknown.
    UserStatusUnknown UserStatus = "unknown"

func VerifyContent Uses

func VerifyContent(b []byte, result *UserResult, kid ID) (UserStatus, error)

VerifyContent checks content.

type UserStore Uses

type UserStore struct {
    // contains filtered or unexported fields

UserStore is the environment for user results.

func NewUserStore Uses

func NewUserStore(dst DocumentStore, scs SigchainStore, req Requestor, nowFn func() time.Time) (*UserStore, error)

NewUserStore creates UserStore.

func (*UserStore) Check Uses

func (u *UserStore) Check(ctx context.Context, user *User, kid ID) (*UserResult, error)

Check a user. Doesn't index result.

func (*UserStore) CheckSigchain Uses

func (u *UserStore) CheckSigchain(ctx context.Context, sc *Sigchain) (*UserResult, error)

CheckSigchain looks for user in a Sigchain.

func (*UserStore) Expired Uses

func (u *UserStore) Expired(ctx context.Context, dt time.Duration) ([]ID, error)

Expired returns KIDs that haven't been checked in a duration.

func (*UserStore) Get Uses

func (u *UserStore) Get(ctx context.Context, kid ID) (*UserResult, error)

Get user result for KID. Retrieves cached result. If Update(kid) has not been called or there is no user statement, this will return nil.

func (*UserStore) Now Uses

func (u *UserStore) Now() time.Time

Now returns current time.

func (*UserStore) Requestor Uses

func (u *UserStore) Requestor() Requestor

Requestor ...

func (*UserStore) Search Uses

func (u *UserStore) Search(ctx context.Context, req *UserSearchRequest) ([]*UserSearchResult, error)

Search for users.

func (*UserStore) Update Uses

func (u *UserStore) Update(ctx context.Context, kid ID) (*UserResult, error)

Update index for sigchain KID.

func (*UserStore) User Uses

func (u *UserStore) User(ctx context.Context, user string) (*UserResult, error)

User result for user name@service. Retrieves cached result. If Update(kid) has not been called or there is no user statement, this will return nil.

func (*UserStore) ValidateStatement Uses

func (u *UserStore) ValidateStatement(st *Statement) error

ValidateStatement returns error if statement is not a valid user statement.

type Watch Uses

type Watch interface {
    Watch(path string, ln WatchLn) error
    StopWatching(path string)

Watch for changes at path.

type WatchEvent Uses

type WatchEvent struct {
    Status WatchStatus
    Path   string

WatchEvent gives updates to watch status and version.

type WatchLn Uses

type WatchLn func(*WatchEvent)

WatchLn is a listener that receives WatchEvent.

type WatchStatus Uses

type WatchStatus string

WatchStatus is status for watch.

const (
    // WatchStatusNone is an known status
    WatchStatusNone WatchStatus = ""
    // WatchStatusOutage is a status for a remote outage that persists
    WatchStatusOutage WatchStatus = "outage"
    // WatchStatusDisrupted is a status for a temporary disruption
    WatchStatusDisrupted WatchStatus = "disrupted"
    // WatchStatusStarting is a status for when watch is starting
    WatchStatusStarting WatchStatus = "starting"
    // WatchStatusStopping is a status for when watch is stopping
    WatchStatusStopping WatchStatus = "stopping"
    // WatchStatusData is a status for when data has changed
    WatchStatusData WatchStatus = "data"

type X25519Key Uses

type X25519Key struct {
    // contains filtered or unexported fields

X25519Key is a X25519 assymmetric encryption key.

func AsX25519Key Uses

func AsX25519Key(item *keyring.Item) (*X25519Key, error)

AsX25519Key returns X25519Key for keyring Item. If item is EdX25519Key returns converted to X25519Key.

func GenerateX25519Key Uses

func GenerateX25519Key() *X25519Key

GenerateX25519Key creates a new X25519Key.


alice := keys.GenerateX25519Key()
fmt.Printf("Alice: %s\n", alice.ID())

func NewX25519KeyFromPrivateKey Uses

func NewX25519KeyFromPrivateKey(privateKey *[32]byte) *X25519Key

NewX25519KeyFromPrivateKey creates a X25519Key from private key bytes.

func NewX25519KeyFromSeed Uses

func NewX25519KeyFromSeed(seed *[32]byte) *X25519Key

NewX25519KeyFromSeed from seed.

func (X25519Key) Bytes Uses

func (k X25519Key) Bytes() []byte

Bytes for key.

func (X25519Key) Bytes32 Uses

func (k X25519Key) Bytes32() *[32]byte

Bytes32 for key.

func (X25519Key) ID Uses

func (k X25519Key) ID() ID

ID is key identifer.

func (*X25519Key) Open Uses

func (k *X25519Key) Open(b []byte, nonce *[24]byte, sender *X25519PublicKey) ([]byte, bool)

Open decrypts message with Open.

func (X25519Key) PrivateKey Uses

func (k X25519Key) PrivateKey() *[32]byte

PrivateKey returns private part of this X25519Key.

func (X25519Key) PublicKey Uses

func (k X25519Key) PublicKey() *X25519PublicKey

PublicKey returns public part of this X25519Key.

func (*X25519Key) Seal Uses

func (k *X25519Key) Seal(b []byte, nonce *[24]byte, recipient *X25519PublicKey) []byte

Seal encrypts message with Seal.

func (X25519Key) Type Uses

func (k X25519Key) Type() KeyType

Type of key.

type X25519PublicKey Uses

type X25519PublicKey struct {
    // contains filtered or unexported fields

X25519PublicKey is the public key part of a x25519 key.

func AsX25519PublicKey Uses

func AsX25519PublicKey(item *keyring.Item) (*X25519PublicKey, error)

AsX25519PublicKey returns X25519PublicKey for keyring Item.

func NewX25519PublicKey Uses

func NewX25519PublicKey(b *[32]byte) *X25519PublicKey

NewX25519PublicKey creates X25519PublicKey.

func NewX25519PublicKeyFromEdX25519ID Uses

func NewX25519PublicKeyFromEdX25519ID(id ID) (*X25519PublicKey, error)

NewX25519PublicKeyFromEdX25519ID creates public key from EdX25519 key ID.

func NewX25519PublicKeyFromID Uses

func NewX25519PublicKeyFromID(id ID) (*X25519PublicKey, error)

NewX25519PublicKeyFromID converts ID to X25519PublicKey.

func (X25519PublicKey) Bytes Uses

func (k X25519PublicKey) Bytes() []byte

Bytes for key.

func (X25519PublicKey) Bytes32 Uses

func (k X25519PublicKey) Bytes32() *[32]byte

Bytes32 for key.

func (X25519PublicKey) ID Uses

func (k X25519PublicKey) ID() ID

ID for box public key.

func (X25519PublicKey) Type Uses

func (k X25519PublicKey) Type() KeyType

Type of key.


bech32Package bech32 is a modified version of the reference implementation of BIP173.

Package keys imports 49 packages (graph) and is imported by 10 packages. Updated 2020-04-09. Refresh now. Tools for package owners.