aboutsummaryrefslogtreecommitdiffstats
path: root/key/sig.go
diff options
context:
space:
mode:
Diffstat (limited to 'key/sig.go')
-rw-r--r--key/sig.go54
1 files changed, 54 insertions, 0 deletions
diff --git a/key/sig.go b/key/sig.go
new file mode 100644
index 0000000..c0bc515
--- /dev/null
+++ b/key/sig.go
@@ -0,0 +1,54 @@
+package key
+
+import (
+ "bytes"
+ "encoding/hex"
+ "fmt"
+ "io"
+ "os"
+)
+
+// SigPublicKey is a public NaCl signature verification key.
+type SigPublicKey [32]byte
+
+// SigPrivateKey is a private NaCl signing key.
+type SigPrivateKey [64]byte
+
+// LoadSigPublicKey reads the public signature verification key from disc,
+// or generates a new keypair if it does not already exist.
+func LoadSigPublicKey() (SigPublicKey, error) {
+ // Generate keypair if it doesn't already exist.
+ err := generateSigKeypairIfNotExist()
+ if err != nil {
+ return SigPublicKey{}, err
+ }
+
+ // Open public key file.
+ f, err := os.Open(sigPubKeyFile)
+ if err != nil {
+ return SigPublicKey{}, err
+ }
+ defer f.Close()
+
+ // Read key from file.
+ buf, err := io.ReadAll(f)
+ if err != nil {
+ return SigPublicKey{}, err
+ }
+
+ // Decode key.
+ var key SigPublicKey
+ if hex.DecodedLen(len(buf)) != len(key) {
+ return SigPublicKey{}, fmt.Errorf("malformed key: expected %d bytes; got %d",
+ len(key), hex.DecodedLen(len(buf)))
+ }
+ if _, err := hex.Decode(key[:], buf); err != nil {
+ return SigPublicKey{}, err
+ }
+
+ return key, nil
+}
+
+func (spk1 SigPublicKey) Compare(spk2 SigPublicKey) int {
+ return bytes.Compare(spk1[:], spk2[:])
+}
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-15 23:15:28 +0000