From 02ace55f4cd39b7b9c97a361393a09fcaa1bd9a3 Mon Sep 17 00:00:00 2001 From: Sam Anthony Date: Mon, 14 Apr 2025 18:05:35 -0400 Subject: create NaCl box key data types --- key/file.go | 16 +++++++++++----- key/generate.go | 27 ++++++++++++++------------- key/key.go | 30 +++++++++++++++++++----------- 3 files changed, 44 insertions(+), 29 deletions(-) diff --git a/key/file.go b/key/file.go index 676b204..59039ba 100644 --- a/key/file.go +++ b/key/file.go @@ -11,13 +11,19 @@ import ( ) var ( - pubKeyFile = filepath.Join(xdg.DataHome, "hose", "pubkey") - pubKeyFileMode os.FileMode = 0644 + dataDir = "hose" - privKeyFile = filepath.Join(xdg.DataHome, "hose", "privkey") - privKeyFileMode os.FileMode = 0600 + // Encryption/decryption keypair for NaCl box operations. + boxPubKeyFile = filepath.Join(xdg.DataHome, dataDir, "box_pub.key") + boxPrivKeyFile = filepath.Join(xdg.DataHome, dataDir, "box_priv.key") - dirMode os.FileMode = 0755 + // Sign/verify keypair for NaCl signing operations. + sigPubKeyFile = filepath.Join(xdg.DataHome, dataDir, "sig_pub.key") + sigPrivKeyFile = filepath.Join(xdg.DataHome, dataDir, "sig_priv.key") + + dirMode os.FileMode = 0755 + pubFileMode os.FileMode = 0644 + privFileMode os.FileMode = 0600 ) // createFile creates a file with the specified permissions and returns it for writing. diff --git a/key/generate.go b/key/generate.go index 32055aa..bb4a61e 100644 --- a/key/generate.go +++ b/key/generate.go @@ -10,24 +10,25 @@ import ( "git.samanthony.xyz/hose/util" ) -// Generate generates a new public/private keypair. It stores the private key in the -// private key file and the public key in the public key file. If either of the key -// files already exist, they will not be overwritten; instead an error will be returned. -func Generate() error { - util.Logf("generating new keypair...") +// generateBoxKeypair generates a new public/private keypair for NaCl box +// (encryption/decryption) operations. It stores the private key in the private box +// key file and the public box key in the public key file. If either of the key files +// already exist, they will not be overwritten; instead an error will be returned. +func generateBoxKeypair() error { + util.Logf("generating new encryption/decryption keypair...") // Create public key file. - pubFile, err := createFile(pubKeyFile, pubKeyFileMode) + pubFile, err := createFile(boxPubKeyFile, pubFileMode) if err != nil { return err } defer pubFile.Close() // Create private key file. - privFile, err := createFile(privKeyFile, privKeyFileMode) + privFile, err := createFile(boxPrivKeyFile, privFileMode) if err != nil { pubFile.Close() - _ = os.Remove(pubKeyFile) + _ = os.Remove(boxPubKeyFile) return err } defer privFile.Close() @@ -53,13 +54,13 @@ func Generate() error { return nil } -// Generate a keypair if it doesn't already exist. -func generateIfNoExist() error { - pubExists, err := fileExists(pubKeyFile) +// generateBoxKeypairIfNotExist generates a NaCal box keypair if it doesn't already exist. +func generateBoxKeypairIfNotExist() error { + pubExists, err := fileExists(boxPubKeyFile) if err != nil { return err } - privExists, err := fileExists(privKeyFile) + privExists, err := fileExists(boxPrivKeyFile) if err != nil { return err } @@ -73,5 +74,5 @@ func generateIfNoExist() error { return fmt.Errorf("found private key file but not public key file") } // Neither public nor private key file exists; generate new keypair. - return Generate() + return generateBoxKeypair() } diff --git a/key/key.go b/key/key.go index f7419e4..38b4bad 100644 --- a/key/key.go +++ b/key/key.go @@ -7,33 +7,41 @@ import ( "os" ) -// LoadKeypair reads the public and private keys from disc, +// BoxPublicKey is a public NaCl box key. +type BoxPublicKey [32]byte + +// BoxPrivateKey is a private NaCl box key. +type BoxPrivateKey [32]byte + +// LoadBoxKeypair reads the public and private NaCl box keys from disc, // or generates a new keypair if it does not already exist. -func LoadKeypair() (public, private [32]byte, err error) { +// These keys can be used for NaCl box (encryption/decryption) operations. +func LoadBoxKeypair() (pub BoxPublicKey, priv BoxPrivateKey, err error) { // Generate a keypair if it doesn't already exist. - err = generateIfNoExist() + err = generateBoxKeypairIfNotExist() if err != nil { return } - public, err = loadKey(pubKeyFile) + pub, err = loadBoxKey(boxPubKeyFile) if err != nil { return } - private, err = loadKey(privKeyFile) + priv, err = loadBoxKey(boxPrivKeyFile) return } -// LoadPublicKey reads the public key from disc, or generates a new keypair -// if it does not already exist. -func LoadPublicKey() ([32]byte, error) { - return loadKey(pubKeyFile) +// LoadBoxPublicKey reads the public NaCl box key from disc, +// or generates a new keypair if it does not already exist. +func LoadBoxPublicKey() (BoxPublicKey, error) { + key, err := loadBoxKey(boxPubKeyFile) + return BoxPublicKey(key), err } -// loadKey reads a key (public or private) from the specified file. -func loadKey(filename string) ([32]byte, error) { +// loadBoxKey reads a NaCl box key (public or private) from the specified file. +func loadBoxKey(filename string) ([32]byte, error) { // Open file. f, err := os.Open(filename) if err != nil { -- cgit v1.2.3