diff options
| author | Sam Anthony <sam@samanthony.xyz> | 2025-04-17 20:26:55 -0400 |
|---|---|---|
| committer | Sam Anthony <sam@samanthony.xyz> | 2025-04-17 20:26:55 -0400 |
| commit | f33d9227f7e49e7818b4d3771b6d1126a71bdce5 (patch) | |
| tree | c1cb1476b2b60f0f492b9a68d5653eb1fc60b5cb /key | |
| parent | 7b3042859c3f594c7638074987ebb6c32de5cc56 (diff) | |
| download | hose-f33d9227f7e49e7818b4d3771b6d1126a71bdce5.zip | |
load private signing key
Diffstat (limited to 'key')
| -rw-r--r-- | key/box.go | 18 | ||||
| -rw-r--r-- | key/load.go | 24 | ||||
| -rw-r--r-- | key/sig.go | 36 |
3 files changed, 46 insertions, 32 deletions
@@ -4,8 +4,6 @@ import ( "bytes" "encoding/hex" "fmt" - "io" - "os" ) // BoxPublicKey is a public NaCl box key. @@ -46,21 +44,7 @@ func LoadBoxPublicKey() (BoxPublicKey, error) { // loadBoxKey reads a NaCl box key (public or private) from the specified file. func loadBoxKey(filename string) ([32]byte, error) { - // Open file. - f, err := os.Open(filename) - if err != nil { - return [32]byte{}, err - } - defer f.Close() - - // Read key from file. - buf, err := io.ReadAll(f) - if err != nil { - return [32]byte{}, err - } - - // Decode key. - return decodeBoxKey(buf) + return loadKey(filename, decodeBoxKey) } func (bpk1 BoxPublicKey) Compare(bpk2 BoxPublicKey) int { diff --git a/key/load.go b/key/load.go new file mode 100644 index 0000000..e4ff3cf --- /dev/null +++ b/key/load.go @@ -0,0 +1,24 @@ +package key + +import ( + "io" + "os" +) + +// loadKey reads and decodes a key from a file. +func loadKey[K any](filename string, decode func([]byte) (K, error)) (K, error) { + var key K + + f, err := os.Open(filename) + if err != nil { + return key, err + } + defer f.Close() + + buf, err := io.ReadAll(f) + if err != nil { + return key, err + } + + return decode(buf) +} @@ -4,8 +4,6 @@ import ( "bytes" "encoding/hex" "fmt" - "io" - "os" ) // SigPublicKey is a public NaCl signature verification key. @@ -22,22 +20,18 @@ func LoadSigPublicKey() (SigPublicKey, error) { if err != nil { return SigPublicKey{}, err } + return loadKey(sigPubKeyFile, DecodeSigPublicKey) +} - // Open public key file. - f, err := os.Open(sigPubKeyFile) - if err != nil { - return SigPublicKey{}, err - } - defer f.Close() - - // Read key from file. - buf, err := io.ReadAll(f) +// LoadSigPrivateKey reads the private signing key from disc, +// or generates a new keypair if it does not already exist. +func LoadSigPrivateKey() (SigPrivateKey, error) { + // Generate keypair if it doesn't already exist. + err := generateSigKeypairIfNotExist() if err != nil { - return SigPublicKey{}, err + return SigPrivateKey{}, err } - - // Decode key. - return DecodeSigPublicKey(buf) + return loadKey(sigPrivKeyFile, DecodeSigPrivateKey) } func (spk1 SigPublicKey) Compare(spk2 SigPublicKey) int { @@ -55,3 +49,15 @@ func DecodeSigPublicKey(buf []byte) (SigPublicKey, error) { } return key, nil } + +func DecodeSigPrivateKey(buf []byte) (SigPrivateKey, error) { + var key SigPrivateKey + if hex.DecodedLen(len(buf)) != len(key) { + return SigPrivateKey{}, fmt.Errorf("malformed signing key: expected %d bytes; got %d", + len(key), hex.DecodedLen(len(buf))) + } + if _, err := hex.Decode(key[:], buf); err != nil { + return SigPrivateKey{}, err + } + return key, nil +} |