aboutsummaryrefslogtreecommitdiffstats
path: root/key/sig.go
diff options
context:
space:
mode:
Diffstat (limited to 'key/sig.go')
-rw-r--r--key/sig.go36
1 files changed, 21 insertions, 15 deletions
diff --git a/key/sig.go b/key/sig.go
index 1a33468..bf3405d 100644
--- a/key/sig.go
+++ b/key/sig.go
@@ -4,8 +4,6 @@ import (
"bytes"
"encoding/hex"
"fmt"
- "io"
- "os"
)
// SigPublicKey is a public NaCl signature verification key.
@@ -22,22 +20,18 @@ func LoadSigPublicKey() (SigPublicKey, error) {
if err != nil {
return SigPublicKey{}, err
}
+ return loadKey(sigPubKeyFile, DecodeSigPublicKey)
+}
- // Open public key file.
- f, err := os.Open(sigPubKeyFile)
- if err != nil {
- return SigPublicKey{}, err
- }
- defer f.Close()
-
- // Read key from file.
- buf, err := io.ReadAll(f)
+// LoadSigPrivateKey reads the private signing key from disc,
+// or generates a new keypair if it does not already exist.
+func LoadSigPrivateKey() (SigPrivateKey, error) {
+ // Generate keypair if it doesn't already exist.
+ err := generateSigKeypairIfNotExist()
if err != nil {
- return SigPublicKey{}, err
+ return SigPrivateKey{}, err
}
-
- // Decode key.
- return DecodeSigPublicKey(buf)
+ return loadKey(sigPrivKeyFile, DecodeSigPrivateKey)
}
func (spk1 SigPublicKey) Compare(spk2 SigPublicKey) int {
@@ -55,3 +49,15 @@ func DecodeSigPublicKey(buf []byte) (SigPublicKey, error) {
}
return key, nil
}
+
+func DecodeSigPrivateKey(buf []byte) (SigPrivateKey, error) {
+ var key SigPrivateKey
+ if hex.DecodedLen(len(buf)) != len(key) {
+ return SigPrivateKey{}, fmt.Errorf("malformed signing key: expected %d bytes; got %d",
+ len(key), hex.DecodedLen(len(buf)))
+ }
+ if _, err := hex.Decode(key[:], buf); err != nil {
+ return SigPrivateKey{}, err
+ }
+ return key, nil
+}
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-15 23:32:40 +0000