Documentation ¶
Index ¶
- Constants
- Variables
- func ArgonKey(pass []byte) []byte
- func CheckFileExists(name string) (fi os.FileInfo, exists bool, err error)
- func FormatSig(signingStrings []string, sig *schnorr.Signature) (str string, err error)
- func GetDefaultSigningStrings(sigType ...SigID) (signingStrings []string)
- func Hash(filename string) (sum []byte, wasHash bool, err error)
- func Newline()
- func WipeString(str *string)
- func Zero(bytes []byte)
- type Position
- type Result
- type SigID
- type Signr
- func (s *Signr) AddCustom(ss []string, Custom string) (signingStrings []string)
- func (s *Signr) Delete(name string) (err error)
- func (s *Signr) DeriveAndCheckKey(name string, secret, pass []byte) (sec *secp.SecretKey, err error)
- func (s *Signr) Equal(first, second []byte) (same bool)
- func (s *Signr) Err(format string, a ...interface{})
- func (s *Signr) Fatal(format string, a ...interface{})
- func (s *Signr) GenKeyPair() (sec *secp.SecretKey, pub *secp.PublicKey, err error)
- func (s *Signr) Generate() (err error)
- func (s *Signr) GetAnchor(args []string, pass, custom string) (WIF, NPUB, MERKLE, NSIG string, err error)
- func (s *Signr) GetCfgFilename() string
- func (s *Signr) GetKey(name, passStr string) (secKey *secp.SecretKey, err error)
- func (s *Signr) GetKeyPairNames() (list []string, err error)
- func (s *Signr) GetList(g [][]string) (grid [][]string, encrypted map[string]struct{}, err error)
- func (s *Signr) GetNonceHex() (nonceHex string, err error)
- func (s *Signr) Import(secKey string) (err error)
- func (s *Signr) Info(format string, a ...interface{})
- func (s *Signr) Log(format string, a ...interface{})
- func (s *Signr) PasswordEntry(prompt string, entryType int) (pass []byte, err error)
- func (s *Signr) ReadFile(name string) (data []byte, err error)
- func (s *Signr) RecogniseSig(possibleSig string) (sig *schnorr.Signature, pubKey, nonce string)
- func (s *Signr) Sanitize(in string) (out string, err error)
- func (s *Signr) Save(secret []byte, npub string) (err error)
- func (s *Signr) SecKeyInfo(name string) (...)
- func (s *Signr) SetDefault(name string) (err error)
- func (s *Signr) Sign(args []string, pass, custom string, asHex, sigOnly, noProtocol bool) (sigStr string, key *secp.SecretKey, err error)
- func (s *Signr) Vanity(str string, where Position, threads int) (e error)
- func (s *Signr) Verify(filename, sigOrSigFile, PubKey, Custom string) (valid bool, err error)
- func (s *Signr) VerifyAnchor(input, custom string) (valid bool, err error)
- func (s *Signr) XOR(dest, src []byte) []byte
Constants ¶
const ( // strings used in signature prefix and other places AppName = "signr" ProtocolVersion = "0" DefaultHashFunction = "SHA256" SchnorrSignatures = "SCHNORR" BitcoinCompactSignatures = "ECDSA" )
const ( // filename extensions found in app data directory ConfigExt = "yaml" DeletedExt = "del" ConfigName = "config" PubExt = "pub" )
const ( // expected filesystem permissions/masks DataDirPerm os.FileMode = 0700 ConfigFilePerm os.FileMode = 0600 KeyFilePerm os.FileMode = 0400 DataFileMask os.FileMode = 0077 )
const ( PositionBeginning = iota PositionContains PositionEnding )
const PassPrompt = "type password to use for secret key (press enter for none): "
const (
PasswordEntryViaTTY = iota
)
const UnlockPrompt = "type password to unlock encrypted secret key"
Variables ¶
var FullSigPrefix = strings.Join(GetDefaultSigningStrings(), "_")
var SigTypes = []string{SchnorrSignatures, BitcoinCompactSignatures}
SigTypes are the available signature algorithms
Functions ¶
func ArgonKey ¶
ArgonKey hash grinds the input password string to derive the actual encryption key used on the secret key.
func FormatSig ¶
FormatSig takes a slice of signing strings and stitches them together with underscores, and snips off the hash and replaces it with the provided signature.
func GetDefaultSigningStrings ¶
GetDefaultSigningStrings returns a slice of strings that forms the prefix of a signature/signing material block.
sigType is used to optionally switch to ECDSA bitcoin transaction signatures to enable the use case of signing PBSTs for on-chain transactions such as anchoring hashes for a chain-bound protocol.
func Hash ¶
Hash accepts a filename, interpreting "-" to mean to read from stdin, and computes the sha256 hash of the file, or if the text is a 64 character long string that parses to hex, just decodes it and returns the decoded bytes.
func WipeString ¶
func WipeString(str *string)
Types ¶
type Signr ¶
type Signr struct { DataDir string CfgFile string DefaultKey string Verbose atomic.Bool Color atomic.Bool PassEntryType int }
Signr stores the configuration for signr.
func Init ¶
Init sets up the data directory if it doesn't exist, checks the permissions of the directory and configuration file.
Applications consuming this library can use alternative password input methods or use their own and pass the value via environment variables when calling the CLI.
func (*Signr) DeriveAndCheckKey ¶
func (*Signr) GenKeyPair ¶
GenKeyPair creates a fresh new key pair using the entropy source used by crypto/rand (ie, /dev/random on posix systems).
func (*Signr) GetCfgFilename ¶
func (*Signr) GetKey ¶
GetKey scans the keychain for a named key, with optional password string to decrypt the key in the file in the keychain.
func (*Signr) GetKeyPairNames ¶
func (*Signr) GetNonceHex ¶
GetNonceHex returns a random 16 charater hexadecimal string derived from a 64 bit random value acquired through the system's strong entropy source.
func (*Signr) Info ¶
Info prints a message to stderr that won't be picked up by a standard simple pipe/redirection.
func (*Signr) PasswordEntry ¶
func (*Signr) RecogniseSig ¶
func (*Signr) Sanitize ¶
Sanitize replaces all nonprintable characters with spaces, eliminates spaces more than 1 character in a row, removes leading and following spaces and finally replaces all remaining interstitial spaces with hyphens.
func (*Signr) SecKeyInfo ¶
func (*Signr) SetDefault ¶
func (*Signr) Sign ¶
func (s *Signr) Sign(args []string, pass, custom string, asHex, sigOnly, noProtocol bool) (sigStr string, key *secp.SecretKey, err error)
Sign some data using a key.
By default the signature includes all of the prefix text that was also used to generate the hash to sign on, for namespacing, which follows the format:
signr_0_SHA256_SCHNORR_
which is always present. After this can be a custom string, that is sanitised and all whitespaces between its characters are changed to hyphens, to provide namespacing for a custom protocol.
After this by default there is a random 64 bit nonce to ensure the signature is not applied to a repeating hash for the given protocol.
in all cases following this first 4 sections and optional nonce and custom namespace, is the public key of the secret key used to make the signature. This prevents any collisions being found between signatures generated by different secret keys.
Function arguments:
args are one or two, being a filename, a hex string of the hash of a file or blob of data, the second, optional args element is the name of the key in the keychain to use.
pass is the password to decrypt the default or specified private key being used.
custom is an extra custom namespace string that is cleaned of whitespaces and spaces replaced with hyphens, and inserted between the usual first 4 namespace fields and the nonce and/or public key.
asHex specifies to return the signature as 128 raw hex characters, rather than bech32 encoding with the HRP 'sig'.
sigOnly specifies to return only the signature and not the standard prefixed form. This is implicitly used if the first 'args' parameter is a 64 character long hash in hex format.
func (*Signr) VerifyAnchor ¶
VerifyAnchor takes in the 3 elements found in an anchor transaction inscription, the NPUB, MERKLE and NSIG, encoded in hex as a single 256 character long hex string and splits it into its parts, and validates according to the supplied custom protocol string and signr signing material protocol.