epk

package module

v0.0.0-...-55335f3 Latest Latest Go to latest Published: Oct 13, 2022 License: BSD-2-Clause Imports: 13 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/mjolnir42/epk

Links

Open Source Insights

README ¶

epk, Encrypted Private Key

package epk // import "github.com/mjolnir42/epk"

Package epk implements an encrypted private key on top of the Ed25519
signature scheme. Given the passphrase and a message it can also unlock the
key and sign the message.

It uses scrypt as key derivation function and ChaCha20/Poly1305 for
encryption.

type EncryptedPrivateKey struct { ... }
    func New(passphrase string) (*EncryptedPrivateKey, ed25519.PublicKey, error)


func New(passphrase string) (*EncryptedPrivateKey, ed25519.PublicKey, error)
    New returns the plain public and encrypted private key for a generated
    keypair.


func ReadFrom(r io.Reader) (*EncryptedPrivateKey, error)
    ReadFrom reconstructs EncryptedPrivateKey from line data read in from r.
    Comment lines starting with a '#' as well as lines that are empty or only
    contain whitespace are skipped. The first non-skipped line is expected to be
    the output of Armor() on a single line, surrounding whitespace is ignored.
    Additional lines are ignored.

    ReadFrom returns io.ErrUnexpectedEOF if no data line could be found as well
    as any error that occurred.


func (e *EncryptedPrivateKey) Store(w io.Writer) error
    Store writes out the encrypted private key to w in a format suitable for
    import by ReadFrom.


func (e *EncryptedPrivateKey) Armor() (string, error)
    Armor returns the ascii armored binary serialization of e. The ASCII armor
    is encoded using standard base64.


func (e *EncryptedPrivateKey) Sign(passphrase string, message []byte) ([]byte, error)
    Sign signs the message with the private key protected by passphrase and
    returns the signature.


func (e *EncryptedPrivateKey) Public(passphrase string) (ed25519.PublicKey, error)
    Public unlocks the private key and generates the public key from it

Documentation ¶

Overview ¶

Package epk implements an encrypted private key on top of the Ed25519 signature scheme. Given the passphrase and a message it can also unlock the key and sign the message.

It uses scrypt as key derivation function and ChaCha20/Poly1305 for encryption.

Index ¶

type EncryptedPrivateKey
- func New(passphrase string) (*EncryptedPrivateKey, ed25519.PublicKey, error)
- func ReadFrom(r io.Reader) (*EncryptedPrivateKey, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type EncryptedPrivateKey ¶

type EncryptedPrivateKey struct {
	// the private key type: Ed25519
	Keytype string
	// the used KDF: scrypt
	KDF string
	// the used KDF parameters: N=65536;r=8;p=1
	KDFParam string
	// the used encryption algorithm: ChaCha20Poly1305
	EncAlgorithm string
	// 24 byte salt for the KDF, 12 of which are also
	// used as AEAD nonce
	Salt []byte
	// contains filtered or unexported fields
}

EncryptedPrivateKey implements an encrypted private key

func New ¶

func New(passphrase string) (*EncryptedPrivateKey, ed25519.PublicKey, error)

New returns the plain public and encrypted private key for a generated keypair.

func ReadFrom ¶

func ReadFrom(r io.Reader) (*EncryptedPrivateKey, error)

ReadFrom reconstructs EncryptedPrivateKey from line data read in from r. Comment lines starting with a '#' as well as lines that are empty or only contain whitespace are skipped. The first non-skipped line is expected to be the output of Armor() on a single line, surrounding whitespace is ignored. Additional lines are ignored.

ReadFrom returns io.ErrUnexpectedEOF if no data line could be found as well as any error that occurred.

func (*EncryptedPrivateKey) Armor ¶

func (e *EncryptedPrivateKey) Armor() (string, error)

Armor returns the ascii armored binary serialization of e. The ASCII armor is encoded using standard base64.

func (*EncryptedPrivateKey) GobDecode ¶

func (e *EncryptedPrivateKey) GobDecode(buf []byte) error

GobDecode implements the gob.GobDecoder interface

func (*EncryptedPrivateKey) GobEncode ¶

func (e *EncryptedPrivateKey) GobEncode() ([]byte, error)

GobEncode implements the gob.GobEncoder interface

func (*EncryptedPrivateKey) Public ¶

func (e *EncryptedPrivateKey) Public(passphrase string) (ed25519.PublicKey, error)

Public unlocks the private key and generates the public key from it

func (*EncryptedPrivateKey) Sign ¶

func (e *EncryptedPrivateKey) Sign(passphrase string, message []byte) ([]byte, error)

Sign signs the message with the private key protected by passphrase and returns the signature.

func (*EncryptedPrivateKey) Store ¶

func (e *EncryptedPrivateKey) Store(w io.Writer) error

Store writes out the encrypted private key to w in a format suitable for import by ReadFrom.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL