keys: github.com/keys-pub/keys Index | Examples | Files | Directories

package keys

import "github.com/keys-pub/keys"

Index

Examples

Package Files

address.go box.go cert.go detect.go ed25519.go edx25519.go encode.go errors.go func.go hkdf.go id.go key.go log.go parse.go password.go rand.go secretbox.go sha.go sigchain.go sigchainstore.go ssh.go statement.go x25519.go

Constants

const RevokeLabel = "revoke"

RevokeLabel is label for revoking an earlier statement

func BoxOpen Uses

func BoxOpen(encrypted []byte, sender *X25519PublicKey, recipient *X25519Key) ([]byte, error)

BoxOpen decrypts a message from a sender.

func BoxSeal Uses

func BoxSeal(b []byte, recipient *X25519PublicKey, sender *X25519Key) []byte

BoxSeal encrypts a message to a recipient.

Code:

ak := keys.GenerateX25519Key()
bk := keys.GenerateX25519Key()

msg := "Hey bob, it's alice. The passcode is 12345."
encrypted := keys.BoxSeal([]byte(msg), bk.PublicKey(), ak)

out, err := keys.BoxOpen(encrypted, ak.PublicKey(), bk)
if err != nil {
    log.Fatal(err)
}

fmt.Printf("%s\n", string(out))

Output:

Hey bob, it's alice. The passcode is 12345.

func Bytes16 Uses

func Bytes16(b []byte) *[16]byte

Bytes16 converts byte slice to *[16]byte.

func Bytes24 Uses

func Bytes24(b []byte) *[24]byte

Bytes24 converts byte slice to *[24]byte.

func Bytes32 Uses

func Bytes32(b []byte) *[32]byte

Bytes32 converts byte slice to *[32]byte.

func Bytes64 Uses

func Bytes64(b []byte) *[64]byte

Bytes64 converts byte slice to *[64]byte.

func DecryptWithPassword Uses

func DecryptWithPassword(encrypted []byte, password string) ([]byte, error)

DecryptWithPassword decrypts bytes using a password. It assumes a 16 byte salt before the encrypted bytes.

func EncodeKey Uses

func EncodeKey(key Key, enc Encoding, password string) (string, error)

EncodeKey encodes the key using the specified encoding.

func EncodeSSHKey Uses

func EncodeSSHKey(key Key, password string) (string, error)

EncodeSSHKey encodes key to SSH.

func EncodeSaltpackKey Uses

func EncodeSaltpackKey(key Key, password string) (string, error)

EncodeSaltpackKey encrypts a key to saltpack with password.

func EncryptWithPassword Uses

func EncryptWithPassword(b []byte, password string) []byte

EncryptWithPassword encrypts bytes with a password. Uses argon2.IDKey(password, salt, 1, 64*1024, 4, 32) with 16 byte salt. The salt bytes are prepended to the encrypted bytes. This uses nacl.secretbox, so the bytes/message should be small. If you need to encrypt large amounts of data, use Saltpack instead (TODO: More details here).

func HKDFSHA256 Uses

func HKDFSHA256(secret []byte, len int, salt []byte, info []byte) []byte

HKDFSHA256 expands a secret into another secret using HKDF with SHA256. The `len` for output byte length. The `salt` is non-secret salt, optional (can be nil), recommended: hash-length random value. The `info` is non-secret context info, optional (can be empty).

func HMACSHA256 Uses

func HMACSHA256(key []byte, msg []byte) []byte

HMACSHA256 does a HMAC-SHA256 on msg with key.

func IDsToString Uses

func IDsToString(ids []ID, delim string) string

IDsToString returns string for joined Ikeys.

func IDsToStrings Uses

func IDsToStrings(ids []ID) []string

IDsToStrings returns []strings for []ID.

func IsTemporaryError Uses

func IsTemporaryError(err error) bool

IsTemporaryError returns true if the error has Temporary() function and that returns true

func IsValidID Uses

func IsValidID(s string) bool

IsValidID returns true if string is a valid ID.

func KeyForPassword Uses

func KeyForPassword(password string, salt []byte) (*[32]byte, error)

KeyForPassword generates a key from a password and salt.

func NewErrNotFound Uses

func NewErrNotFound(id string) error

NewErrNotFound constructs a ErrNotFound.

func PublicKeyIDEquals Uses

func PublicKeyIDEquals(expected ID, kid ID) bool

PublicKeyIDEquals returns true if public keys are equal. It will also compare EdX25519 public keys and X25519 public keys.

func Rand16 Uses

func Rand16() *[16]byte

Rand16 generates random 16 bytes.

func Rand24 Uses

func Rand24() *[24]byte

Rand24 generates random 24 bytes.

func Rand32 Uses

func Rand32() *[32]byte

Rand32 generates random 32 bytes.

func Rand32P4 Uses

func Rand32P4(n uint32) *[32]byte

Rand32P4 is random 32 bytes with 4 byte prefix.

func RandBytes Uses

func RandBytes(length int) []byte

RandBytes returns random bytes of length.

func RandFileName Uses

func RandFileName() string

RandFileName returns a unique random file name. RandFileName() => CTGMMOLLZCXMGP7VR4BHKAI7PE

func RandPassword Uses

func RandPassword(length int) string

RandPassword returns a random password. It uses a-zA-Z0-9. It will contain an uppercase, a lowercase and a number. It will try not to repeat characters.

func RandPhrase Uses

func RandPhrase() string

RandPhrase creates random phrase (BIP39 encoded random 32 bytes).

func RandTempPath Uses

func RandTempPath() string

RandTempPath returns a unique random file name in os.TempDir. RandTempPath() => "/tmp/CTGMMOLLZCXMGP7VR4BHKAI7PE"

func RandUsername Uses

func RandUsername(length int) string

RandUsername returns random lowercase string of length.

func RandWords Uses

func RandWords(numWords int) string

RandWords returns random (BIP39) words. numWords must be 1 to 24.

func RetryE Uses

func RetryE(fn func() error) error

RetryE will retry the fn (error) if the error is temporary (such as a temporary net.Error)

func RetrySE Uses

func RetrySE(fn func() (string, error)) (string, error)

RetrySE will retry the fn (string, error) if the error is temporary (such as a temporary net.Error)

func SHA256 Uses

func SHA256(b []byte) []byte

SHA256 for bytes.

func SecretBoxOpen Uses

func SecretBoxOpen(encrypted []byte, secretKey *[32]byte) ([]byte, error)

SecretBoxOpen decrypt using a key. It assumes a 24 byte nonce before the encrypted bytes.

func SecretBoxSeal Uses

func SecretBoxSeal(b []byte, secretKey *[32]byte) []byte

SecretBoxSeal encrypts using a key. It prepends a 24 byte nonce to the the encrypted bytes.

func SetLogger Uses

func SetLogger(l Logger)

SetLogger sets logger for the package.

func SigchainHash Uses

func SigchainHash(st *Statement) (*[32]byte, error)

SigchainHash returns hash for Sigchain Statement.

func StatementKey Uses

func StatementKey(kid ID, seq int) string

StatementKey returns key for Statement kid,seq. If seq is <= 0, then there is no key. Path looks like "kpe1a4yj333g68pvd6hfqvufqkv4vy54jfe6t33ljd3kc9rpfty8xlgsfte2sn-000000000000001".

type Address Uses

type Address struct {
    // contains filtered or unexported fields
}

Address is a canonical list of IDs.

func NewAddress Uses

func NewAddress(ids ...ID) (*Address, error)

NewAddress returns an Address from a list of IDs.

func ParseAddress Uses

func ParseAddress(saddrs ...string) (*Address, error)

ParseAddress returns address from a string.

func (*Address) Contains Uses

func (a *Address) Contains(id ID) bool

Contains returns true if address contains the specified id.

func (*Address) String Uses

func (a *Address) String() string

String returns a canonical string representation of an address. The first address part is less than the second part.

NewAddress("bob", "alice").String() => "alice:bob"

func (*Address) Strings Uses

func (a *Address) Strings() []string

Strings returns IDs as strings.

type Brand Uses

type Brand string

Brand is saltpack brand.

const EdX25519Brand Brand = "EDX25519 KEY"

EdX25519Brand is saltpack brand for EdX25519 key.

const X25519Brand Brand = "X25519 KEY"

X25519Brand is saltpack brand for X25519 key.

type CertificateKey Uses

type CertificateKey struct {
    // contains filtered or unexported fields
}

CertificateKey with is a PEM encoded X.509v3 certificate (public key) and a PEM encoded EC private key.

func GenerateCertificateKey Uses

func GenerateCertificateKey(commonName string, isCA bool, parent *x509.Certificate) (*CertificateKey, error)

GenerateCertificateKey creates a certificate key.

func NewCertificateKey Uses

func NewCertificateKey(private string, public string) (*CertificateKey, error)

NewCertificateKey from PEM encoded X.509v3 certificate data and PEM encoded EC private key ASN.1, DER format

func (CertificateKey) Private Uses

func (c CertificateKey) Private() string

Private returns a PEM encoded EC private key ASN.1, DER format.

func (CertificateKey) Public Uses

func (c CertificateKey) Public() string

Public returns a PEM encoded X.509v3 certificate.

func (CertificateKey) TLSCertificate Uses

func (c CertificateKey) TLSCertificate() tls.Certificate

TLSCertificate returns a tls.Certificate.

func (CertificateKey) X509Certificate Uses

func (c CertificateKey) X509Certificate() (*x509.Certificate, error)

X509Certificate returns a x509.Certificate.

type EdX25519Key Uses

type EdX25519Key struct {
    // contains filtered or unexported fields
}

EdX25519Key is a EdX25519 key capable of signing and encryption (converted to a X25519 key).

func GenerateEdX25519Key Uses

func GenerateEdX25519Key() *EdX25519Key

GenerateEdX25519Key generates a EdX25519Key (EdX25519).

Code:

alice := keys.GenerateEdX25519Key()
fmt.Printf("Alice: %s\n", alice.ID())

func NewEdX25519KeyFromPrivateKey Uses

func NewEdX25519KeyFromPrivateKey(privateKey *[ed25519.PrivateKeySize]byte) *EdX25519Key

NewEdX25519KeyFromPrivateKey constructs EdX25519Key from a private key. The public key is derived from the private key.

func NewEdX25519KeyFromSeed Uses

func NewEdX25519KeyFromSeed(seed *[ed25519.SeedSize]byte) *EdX25519Key

NewEdX25519KeyFromSeed constructs EdX25519Key from an ed25519 seed. The private key is derived from this seed and the public key is derived from the private key.

func (*EdX25519Key) Bytes Uses

func (k *EdX25519Key) Bytes() []byte

Bytes for key.

func (*EdX25519Key) Bytes64 Uses

func (k *EdX25519Key) Bytes64() *[64]byte

Bytes64 for key.

func (*EdX25519Key) EncodeToSSH Uses

func (k *EdX25519Key) EncodeToSSH(password []byte) ([]byte, error)

EncodeToSSH encodes a EdX25519Key for SSH.

func (*EdX25519Key) Equal Uses

func (k *EdX25519Key) Equal(o *EdX25519Key) bool

Equal returns true if equal to key.

func (*EdX25519Key) ID Uses

func (k *EdX25519Key) ID() ID

ID ...

func (*EdX25519Key) MarshalText Uses

func (k *EdX25519Key) MarshalText() ([]byte, error)

MarshalText for encoding.TextMarshaler interface.

func (*EdX25519Key) PrivateKey Uses

func (k *EdX25519Key) PrivateKey() *[ed25519.PrivateKeySize]byte

PrivateKey returns private key part.

func (*EdX25519Key) PublicKey Uses

func (k *EdX25519Key) PublicKey() *EdX25519PublicKey

PublicKey returns public part.

func (*EdX25519Key) SSHSigner Uses

func (k *EdX25519Key) SSHSigner() ssh.Signer

SSHSigner interface.

func (*EdX25519Key) Seed Uses

func (k *EdX25519Key) Seed() *[ed25519.SeedSize]byte

Seed returns information on how to generate this key from ed25519 package seed.

func (*EdX25519Key) Sign Uses

func (k *EdX25519Key) Sign(b []byte) []byte

Sign bytes with the (sign) private key.

Code:

alice := keys.GenerateEdX25519Key()
msg := "I'm alice 🤓"
sig := alice.Sign([]byte(msg))
out, err := alice.PublicKey().Verify(sig)
if err != nil {
    log.Fatal(err)
}
fmt.Printf("%s\n", string(out))

Output:

I'm alice 🤓

func (*EdX25519Key) SignDetached Uses

func (k *EdX25519Key) SignDetached(b []byte) []byte

SignDetached sign bytes detached.

func (*EdX25519Key) Signer Uses

func (k *EdX25519Key) Signer() crypto.Signer

Signer interface.

func (*EdX25519Key) String Uses

func (k *EdX25519Key) String() string

func (*EdX25519Key) Type Uses

func (k *EdX25519Key) Type() KeyType

Type ...

func (*EdX25519Key) UnmarshalText Uses

func (k *EdX25519Key) UnmarshalText(s []byte) error

UnmarshalText for encoding.TextUnmarshaler interface.

func (*EdX25519Key) X25519Key Uses

func (k *EdX25519Key) X25519Key() *X25519Key

X25519Key converts EdX25519Key to X25519Key.

type EdX25519PublicKey Uses

type EdX25519PublicKey struct {
    // contains filtered or unexported fields
}

EdX25519PublicKey is the public part of EdX25519 key pair.

func NewEdX25519PublicKey Uses

func NewEdX25519PublicKey(b *[ed25519.PublicKeySize]byte) *EdX25519PublicKey

NewEdX25519PublicKey creates a EdX25519PublicKey.

func NewEdX25519PublicKeyFromID Uses

func NewEdX25519PublicKeyFromID(id ID) (*EdX25519PublicKey, error)

NewEdX25519PublicKeyFromID creates a EdX25519PublicKey from an ID.

func (*EdX25519PublicKey) Bytes Uses

func (s *EdX25519PublicKey) Bytes() []byte

Bytes for key.

func (*EdX25519PublicKey) Bytes32 Uses

func (s *EdX25519PublicKey) Bytes32() *[32]byte

Bytes32 for key.

func (*EdX25519PublicKey) EncodeToSSHAuthorized Uses

func (k *EdX25519PublicKey) EncodeToSSHAuthorized() []byte

EncodeToSSHAuthorized encodes a EdX25519PublicKey for SSH.

func (*EdX25519PublicKey) ID Uses

func (s *EdX25519PublicKey) ID() ID

ID for EdX25519Key.

func (*EdX25519PublicKey) String Uses

func (s *EdX25519PublicKey) String() string

func (*EdX25519PublicKey) Type Uses

func (s *EdX25519PublicKey) Type() KeyType

Type ...

func (*EdX25519PublicKey) Verify Uses

func (s *EdX25519PublicKey) Verify(b []byte) ([]byte, error)

Verify verifies a message and signature with public key.

func (*EdX25519PublicKey) VerifyDetached Uses

func (s *EdX25519PublicKey) VerifyDetached(sig []byte, b []byte) error

VerifyDetached verifies a detached message.

func (*EdX25519PublicKey) X25519PublicKey Uses

func (s *EdX25519PublicKey) X25519PublicKey() *X25519PublicKey

X25519PublicKey converts the ed25519 public key to a x25519 public key.

type Encoding Uses

type Encoding string

Encoding is the type of data.

const (
    // UnknownEncoding is unknown.
    UnknownEncoding Encoding = ""

    // IDEncoding is a key ID string.
    IDEncoding Encoding = "id"

    // SaltpackEncoding is armored saltpack encoding.
    SaltpackEncoding Encoding = "saltpack"

    // SSHEncoding is ssh private key "-----BEGIN OPENSSH PRIVATE..."
    // or public key as "ssh-ed25519 AAAAC3Nz..."
    SSHEncoding Encoding = "ssh"
)

func DetectEncoding Uses

func DetectEncoding(b []byte) ([]byte, Encoding)

DetectEncoding tries to find out what encoding the bytes are. Returns bytes which may be different from input (for example, if whitespace is stripped).

type ErrNotFound Uses

type ErrNotFound struct {
    ID string
}

ErrNotFound describes a key not found error when a key is required.

func (ErrNotFound) Error Uses

func (e ErrNotFound) Error() string

type ID Uses

type ID string

ID a bech32 encoded string.

func MustID Uses

func MustID(hrp string, b []byte) ID

MustID returns ID from HRP (human readable part) and bytes, or panics if invalid.

func NewID Uses

func NewID(hrp string, b []byte) (ID, error)

NewID creates ID from HRP (human readable part) and bytes.

func ParseID Uses

func ParseID(s string) (ID, error)

ParseID parses a string and validates an ID.

func ParseIDs Uses

func ParseIDs(strs []string) ([]ID, error)

ParseIDs returns IDs from strings.

func RandID Uses

func RandID(hrp string) ID

RandID returns random ID

func (ID) Bytes Uses

func (i ID) Bytes() []byte

Bytes are public key data (for Key interface).

func (ID) Decode Uses

func (i ID) Decode() (string, []byte, error)

Decode ID into HRP (human readable part) and bytes (data).

func (ID) ID Uses

func (i ID) ID() ID

ID for Keys interface.

func (ID) IsEdX25519 Uses

func (i ID) IsEdX25519() bool

IsEdX25519 returns true if ID represents a EdX25519 key.

func (ID) IsX25519 Uses

func (i ID) IsX25519() bool

IsX25519 returns true if ID represents a X25519 key.

func (ID) PublicKeyType Uses

func (i ID) PublicKeyType() KeyType

PublicKeyType returns public key type that ID represents or empty string if unknown.

func (ID) String Uses

func (i ID) String() string

func (ID) Type Uses

func (i ID) Type() KeyType

Type of key.

func (ID) WithSeq Uses

func (i ID) WithSeq(seq int) string

WithSeq returns string with a sequence value appended to the ID.

type IDSet Uses

type IDSet struct {
    // contains filtered or unexported fields
}

IDSet is a set of strings.

func NewIDSet Uses

func NewIDSet(ids ...ID) *IDSet

NewIDSet creates IDSet.

func NewIDSetWithCapacity Uses

func NewIDSetWithCapacity(capacity int) *IDSet

NewIDSetWithCapacity ..

func (*IDSet) Add Uses

func (s *IDSet) Add(id ID)

Add to set.

func (*IDSet) AddAll Uses

func (s *IDSet) AddAll(ids []ID)

AddAll to set.

func (*IDSet) Clear Uses

func (s *IDSet) Clear()

Clear set.

func (*IDSet) Contains Uses

func (s *IDSet) Contains(id ID) bool

Contains returns true if set contains string.

func (*IDSet) IDs Uses

func (s *IDSet) IDs() []ID

IDs returns IDs in set.

func (*IDSet) Size Uses

func (s *IDSet) Size() int

Size for set.

type Key Uses

type Key interface {
    // ID for the key.
    ID() ID

    // Type of key.
    Type() KeyType

    // Bytes are key data.
    Bytes() []byte
}

Key with identifier, bytes and a type.

func DecodeKey Uses

func DecodeKey(s string, enc Encoding, password string) (Key, error)

DecodeKey decodes a key using the specified encoding. If you don't know the encoding you can try ParseKey instead.

func DecodeSaltpackKey Uses

func DecodeSaltpackKey(msg string, password string, isHTML bool) (Key, error)

DecodeSaltpackKey decrypts a saltpack encrypted key.

func ParseKey Uses

func ParseKey(b []byte, password string) (Key, error)

ParseKey tries to determine what key type and parses the key bytes.

func ParseSSHKey Uses

func ParseSSHKey(pemBytes []byte, passphrase []byte, trim bool) (Key, error)

ParseSSHKey parses a SSH private key.

func ParseSSHPublicKey Uses

func ParseSSHPublicKey(s string) (Key, error)

ParseSSHPublicKey parses a SSH public key.

type KeyType Uses

type KeyType string

KeyType ...

const EdX25519 KeyType = "edx25519"

EdX25519 key type.

const EdX25519Public KeyType = "ed25519-public"

EdX25519Public public key type.

const X25519 KeyType = "x25519"

X25519 key type.

const X25519Public KeyType = "x25519-public"

X25519Public public key type.

type LogLevel Uses

type LogLevel int

LogLevel ...

const (
    // DebugLevel ...
    DebugLevel LogLevel = 3
    // InfoLevel ...
    InfoLevel LogLevel = 2
    // WarnLevel ...
    WarnLevel LogLevel = 1
    // ErrLevel ...
    ErrLevel LogLevel = 0
)

func (LogLevel) String Uses

func (l LogLevel) String() string

type Logger Uses

type Logger interface {
    Debugf(format string, args ...interface{})
    Infof(format string, args ...interface{})
    Warningf(format string, args ...interface{})
    Errorf(format string, args ...interface{})
    Fatalf(format string, args ...interface{})
}

Logger interface used in this package.

func NewLogger Uses

func NewLogger(lev LogLevel) Logger

NewLogger ...

type Sigchain Uses

type Sigchain struct {
    // contains filtered or unexported fields
}

Sigchain is a chain of signed statements by a sign key.

func NewSigchain Uses

func NewSigchain(kid ID) *Sigchain

NewSigchain returns a new Sigchain for a EdX25519PublicKey.

Code:

clock := tsutil.NewClock()
alice := keys.GenerateEdX25519Key()
sc := keys.NewSigchain(alice.ID())

// Create root statement
st, err := keys.NewSigchainStatement(sc, []byte("hi! 🤓"), alice, "", clock.Now())
if err != nil {
    log.Fatal(err)
}
if err := sc.Add(st); err != nil {
    log.Fatal(err)
}

// Add 2nd statement
st2, err := keys.NewSigchainStatement(sc, []byte("2nd message"), alice, "", clock.Now())
if err != nil {
    log.Fatal(err)
}
if err := sc.Add(st2); err != nil {
    log.Fatal(err)
}

// Revoke 2nd statement
_, err = sc.Revoke(2, alice)
if err != nil {
    log.Fatal(err)
}

// Spew
spew := sc.Spew()
fmt.Println(spew.String())

func (*Sigchain) Add Uses

func (s *Sigchain) Add(st *Statement) error

Add signed statement to the Sigchain.

func (*Sigchain) AddAll Uses

func (s *Sigchain) AddAll(statements []*Statement) error

AddAll pushes signed statements to the Sigchain.

func (*Sigchain) FindAll Uses

func (s *Sigchain) FindAll(typ string) []*Statement

FindAll returns statements of type.

func (*Sigchain) FindLast Uses

func (s *Sigchain) FindLast(typ string) *Statement

FindLast search from the last statement to the first, returning after If type is specified, we will search for that statement type. If we found a statement and it was revoked, we return nil.

func (*Sigchain) IsRevoked Uses

func (s *Sigchain) IsRevoked(seq int) bool

IsRevoked returns true if statement was revoked.

func (*Sigchain) KID Uses

func (s *Sigchain) KID() ID

KID ...

func (*Sigchain) Last Uses

func (s *Sigchain) Last() *Statement

Last returns last statement or nil if none.

func (*Sigchain) LastSeq Uses

func (s *Sigchain) LastSeq() int

LastSeq returns last signed statment seq (or 0 if no signed statements exist).

func (*Sigchain) Length Uses

func (s *Sigchain) Length() int

Length of Sigchain.

func (*Sigchain) Revoke Uses

func (s *Sigchain) Revoke(revoke int, sk *EdX25519Key) (*Statement, error)

Revoke a signed statement in the Sigchain.

func (*Sigchain) Spew Uses

func (s *Sigchain) Spew() *bytes.Buffer

Spew shows formatted sigchain output.

func (*Sigchain) Statements Uses

func (s *Sigchain) Statements() []*Statement

Statements are all the signed statements.

func (*Sigchain) VerifyStatement Uses

func (s *Sigchain) VerifyStatement(st *Statement, prev *Statement) error

VerifyStatement verifies a signed statement against a previous statement (in a Sigchain).

type SigchainStore Uses

type SigchainStore interface {
    // KIDs returns all the sigchain KIDs.
    KIDs() ([]ID, error)

    // Sigchain for kid.
    Sigchain(kid ID) (*Sigchain, error)

    // SaveSigchain saves sigchain to the store.
    SaveSigchain(sc *Sigchain) error
    // DeleteSigchain deletes sigchain from the store.
    DeleteSigchain(kid ID) (bool, error)

    // SigchainExists if true, has sigchain.
    SigchainExists(kid ID) (bool, error)

    // Now is current time.
    Now() time.Time
    // SetTimeNow sets clock.
    SetTimeNow(nowFn func() time.Time)
}

SigchainStore provides access to sigchains, usually backed by a DocumentStore, such as a local db.

func NewSigchainStore Uses

func NewSigchainStore(dst ds.DocumentStore) SigchainStore

NewSigchainStore creates a SigchainStore from a DocumentStore.

type Statement Uses

type Statement struct {
    // Sig is the signature bytes.
    Sig []byte

    // Data.
    Data []byte
    // KID is the key that signed.
    KID ID

    // Seq in a sigchain (1 is root, optional if not in sigchain).
    Seq int
    // Prev is a hash of the previous item in the sigchain (optional if root).
    Prev []byte
    // Revoke refers to a previous signed seq to revoke (optional).
    Revoke int

    // Type (optional).
    Type string

    // Timestamp (optional).
    Timestamp time.Time
    // contains filtered or unexported fields
}

Statement in a sigchain.

func NewRevokeStatement Uses

func NewRevokeStatement(sc *Sigchain, revoke int, sk *EdX25519Key) (*Statement, error)

NewRevokeStatement creates a revoke Statement.

func NewSigchainStatement Uses

func NewSigchainStatement(sc *Sigchain, b []byte, sk *EdX25519Key, typ string, ts time.Time) (*Statement, error)

NewSigchainStatement creates a signed Statement to be added to the Sigchain.

func NewSignedStatement Uses

func NewSignedStatement(b []byte, sk *EdX25519Key, typ string, ts time.Time) *Statement

NewSignedStatement creates a signed Statement. Use NewSigchainStatement if part of a Sigchain.

Code:

clock := tsutil.NewClock()

sk := keys.NewEdX25519KeyFromSeed(testSeed(0x01))

st := keys.NewSignedStatement(bytes.Repeat([]byte{0x01}, 16), sk, "", clock.Now())

data := st.SpecificSerialization()
fmt.Printf("%s\n", string(data))

b, err := st.Bytes()
if err != nil {
    log.Fatal(err)
}
fmt.Printf("%s\n", string(b))

Output:

{".sig":"","data":"AQEBAQEBAQEBAQEBAQEBAQ==","kid":"kex132yw8ht5p8cetl2jmvknewjawt9xwzdlrk2pyxlnwjyqrdq0dawqqph077","ts":1234567890001}
{".sig":"XcDbICx+rKfYUPgwqU08lLChmjJL5Eco/LxLHNA2C0oZILITnVng04XzFK4wCj2qObkAEyzYywKUb/zn3VACDA==","data":"AQEBAQEBAQEBAQEBAQEBAQ==","kid":"kex132yw8ht5p8cetl2jmvknewjawt9xwzdlrk2pyxlnwjyqrdq0dawqqph077","ts":1234567890001}

func NewStatement Uses

func NewStatement(sig []byte, data []byte, spk StatementPublicKey, seq int, prev []byte, revoke int, typ string, ts time.Time) (*Statement, error)

NewStatement creates a new statement from specified parameters. Use NewSigchainStatement for a signed Sigchain Statement. Use NewSignedStatement for a signed Statement outside a Sigchain.

func NewUnverifiedStatement Uses

func NewUnverifiedStatement(sig []byte, data []byte, kid ID, seq int, prev []byte, revoke int, typ string, ts time.Time) (*Statement, error)

NewUnverifiedStatement creates an unverified statement.

func (*Statement) Bytes Uses

func (s *Statement) Bytes() ([]byte, error)

Bytes is the serialized Statement.

func (*Statement) Key Uses

func (s *Statement) Key() string

Key for a Statement. If Seq is not set, then there is no key. Key looks like "kpe1a4yj333g68pvd6hfqvufqkv4vy54jfe6t33ljd3kc9rpfty8xlgsfte2sn-000000000000001".

func (*Statement) MarshalJSON Uses

func (s *Statement) MarshalJSON() ([]byte, error)

MarshalJSON marshals statement to JSON.

func (*Statement) SpecificSerialization Uses

func (s *Statement) SpecificSerialization() []byte

SpecificSerialization is the specific serialization or the bytes to sign. It is the statement serialized without the sig value.

func (*Statement) URL Uses

func (s *Statement) URL() string

URL returns path string for a Statement in the HTTP API. If Seq is not set, then there is no path. Path looks like "/ed1a4yj333g68pvd6hfqvufqkv4vy54jfe6t33ljd3kc9rpfty8xlgsfte2sn/1".

func (*Statement) UnmarshalJSON Uses

func (s *Statement) UnmarshalJSON(b []byte) error

UnmarshalJSON unmarshals a statement from JSON.

func (*Statement) Verify Uses

func (s *Statement) Verify() error

Verify statement.

type StatementPublicKey Uses

type StatementPublicKey interface {
    ID() ID
    Verify(b []byte) ([]byte, error)
    VerifyDetached(sig []byte, b []byte) error
}

StatementPublicKey is public key for a Statement.

func StatementPublicKeyFromID Uses

func StatementPublicKeyFromID(id ID) (StatementPublicKey, error)

StatementPublicKeyFromID converts ID to StatementPublicKey. TODO: Support other key types.

type X25519Key Uses

type X25519Key struct {
    // contains filtered or unexported fields
}

X25519Key is a X25519 assymmetric encryption key.

func GenerateX25519Key Uses

func GenerateX25519Key() *X25519Key

GenerateX25519Key creates a new X25519Key.

Code:

alice := keys.GenerateX25519Key()
fmt.Printf("Alice: %s\n", alice.ID())

func NewX25519KeyFromPrivateKey Uses

func NewX25519KeyFromPrivateKey(privateKey *[32]byte) *X25519Key

NewX25519KeyFromPrivateKey creates a X25519Key from private key bytes.

func NewX25519KeyFromSeed Uses

func NewX25519KeyFromSeed(seed *[32]byte) *X25519Key

NewX25519KeyFromSeed from seed.

func (*X25519Key) Bytes Uses

func (k *X25519Key) Bytes() []byte

Bytes for key.

func (*X25519Key) Bytes32 Uses

func (k *X25519Key) Bytes32() *[32]byte

Bytes32 for key.

func (*X25519Key) ID Uses

func (k *X25519Key) ID() ID

ID is key identifer.

func (*X25519Key) Open Uses

func (k *X25519Key) Open(b []byte, nonce *[24]byte, sender *X25519PublicKey) ([]byte, bool)

Open decrypts message with nacl.box Open.

func (*X25519Key) PrivateKey Uses

func (k *X25519Key) PrivateKey() *[32]byte

PrivateKey returns private part of this X25519Key.

func (*X25519Key) PublicKey Uses

func (k *X25519Key) PublicKey() *X25519PublicKey

PublicKey returns public part of this X25519Key.

func (*X25519Key) Seal Uses

func (k *X25519Key) Seal(b []byte, nonce *[24]byte, recipient *X25519PublicKey) []byte

Seal encrypts message with nacl.box Seal.

func (*X25519Key) Type Uses

func (k *X25519Key) Type() KeyType

Type of key.

type X25519PublicKey Uses

type X25519PublicKey struct {
    // contains filtered or unexported fields
}

X25519PublicKey is the public key part of a x25519 key.

func NewX25519PublicKey Uses

func NewX25519PublicKey(b *[32]byte) *X25519PublicKey

NewX25519PublicKey creates X25519PublicKey. Metadata is optional.

func NewX25519PublicKeyFromEdX25519ID Uses

func NewX25519PublicKeyFromEdX25519ID(id ID) (*X25519PublicKey, error)

NewX25519PublicKeyFromEdX25519ID creates a X25519PublicKey from a EdX25519 ID.

func NewX25519PublicKeyFromID Uses

func NewX25519PublicKeyFromID(id ID) (*X25519PublicKey, error)

NewX25519PublicKeyFromID converts ID to X25519PublicKey.

func (*X25519PublicKey) Bytes Uses

func (k *X25519PublicKey) Bytes() []byte

Bytes for key.

func (*X25519PublicKey) Bytes32 Uses

func (k *X25519PublicKey) Bytes32() *[32]byte

Bytes32 for key.

func (*X25519PublicKey) ID Uses

func (k *X25519PublicKey) ID() ID

ID for box public key.

func (*X25519PublicKey) Type Uses

func (k *X25519PublicKey) Type() KeyType

Type of key.

Directories

PathSynopsis
bech32Package bech32 is a modified version of the reference implementation of BIP173.
dsPackage ds provides a Document store.
encodingPackage encoding provides encoding and decoding of different formats like Base62, Saltpack, BIP39.
envPackage env provides paths on different platforms.
jsonPackage json provides a simpler JSON marshaller.
keyringPackage keyring provides a cross-platform secure keyring.
link
noise
saltpackPackage saltpack integrates keys with Saltpack (saltpack.org).
secret
services
tsutilPackage tsutil provides timestamp and time utilities.
userPackage user defines user statements, store and search.
util

Package keys imports 47 packages (graph) and is imported by 12 packages. Updated 2020-07-02. Refresh now. Tools for package owners.