load public signature verification key from disc

3 files changed, 58 insertions, 11 deletions

diff --git a/key/key.go b/key/box.go
index b3dd393..05d8991 100644
--- a/key/key.go
+++ b/key/box.go
@@ -14,17 +14,10 @@ type BoxPublicKey [32]byte
 // BoxPrivateKey is a private NaCl box key.
 type BoxPrivateKey [32]byte
 
-// SigPublicKey is a public NaCl signature verification key.
-type SigPublicKey [32]byte
-
-// SigPrivateKey is a private NaCl signing key.
-type SigPrivateKey [64]byte
-
 // LoadBoxKeypair reads the public and private NaCl box keys from disc,
 // or generates a new keypair if it does not already exist.
 // These keys can be used for NaCl box (encryption/decryption) operations.
 func LoadBoxKeypair() (pub BoxPublicKey, priv BoxPrivateKey, err error) {
-	// Generate a keypair if it doesn't already exist.
 	err = generateBoxKeypairIfNotExist()
 	if err != nil {
 		return
@@ -43,6 +36,10 @@ func LoadBoxKeypair() (pub BoxPublicKey, priv BoxPrivateKey, err error) {
 // LoadBoxPublicKey reads the public NaCl box key from disc,
 // or generates a new keypair if it does not already exist.
 func LoadBoxPublicKey() (BoxPublicKey, error) {
+	err := generateBoxKeypairIfNotExist()
+	if err != nil {
+		return BoxPublicKey{}, err
+	}
 	key, err := loadBoxKey(boxPubKeyFile)
 	return BoxPublicKey(key), err
 }
@@ -78,7 +75,3 @@ func loadBoxKey(filename string) ([32]byte, error) {
 func (bpk1 BoxPublicKey) Compare(bpk2 BoxPublicKey) int {
 	return bytes.Compare(bpk1[:], bpk2[:])
 }
-
-func (spk1 SigPublicKey) Compare(spk2 SigPublicKey) int {
-	return bytes.Compare(spk1[:], spk2[:])
-}
diff --git a/key/generate.go b/key/boxgen.go
index bb4a61e..bb4a61e 100644
--- a/key/generate.go
+++ b/key/boxgen.go
diff --git a/key/sig.go b/key/sig.go
new file mode 100644
index 0000000..c0bc515
--- /dev/null
+++ b/key/sig.go
@@ -0,0 +1,54 @@
+package key
+
+import (
+	"bytes"
+	"encoding/hex"
+	"fmt"
+	"io"
+	"os"
+)
+
+// SigPublicKey is a public NaCl signature verification key.
+type SigPublicKey [32]byte
+
+// SigPrivateKey is a private NaCl signing key.
+type SigPrivateKey [64]byte
+
+// LoadSigPublicKey reads the public signature verification key from disc,
+// or generates a new keypair if it does not already exist.
+func LoadSigPublicKey() (SigPublicKey, error) {
+	// Generate keypair if it doesn't already exist.
+	err := generateSigKeypairIfNotExist()
+	if err != nil {
+		return SigPublicKey{}, err
+	}
+
+	// Open public key file.
+	f, err := os.Open(sigPubKeyFile)
+	if err != nil {
+		return SigPublicKey{}, err
+	}
+	defer f.Close()
+
+	// Read key from file.
+	buf, err := io.ReadAll(f)
+	if err != nil {
+		return SigPublicKey{}, err
+	}
+
+	// Decode key.
+	var key SigPublicKey
+	if hex.DecodedLen(len(buf)) != len(key) {
+		return SigPublicKey{}, fmt.Errorf("malformed key: expected %d bytes; got %d",
+			len(key), hex.DecodedLen(len(buf)))
+	}
+	if _, err := hex.Decode(key[:], buf); err != nil {
+		return SigPublicKey{}, err
+	}
+
+	return key, nil
+}
+
+func (spk1 SigPublicKey) Compare(spk2 SigPublicKey) int {
+	return bytes.Compare(spk1[:], spk2[:])
+}