From 13b531b353a486b9f5e3a266380abf795a5f1b4f Mon Sep 17 00:00:00 2001
From: Sam Anthony <sam@samanthony.xyz>
Date: Fri, 18 Apr 2025 15:40:14 -0400
Subject: implement saltpack.SigningPrivateKey

---
 key/sig.go | 37 ++++++++++++++++++++++++++++++-------
 1 file changed, 30 insertions(+), 7 deletions(-)

diff --git a/key/sig.go b/key/sig.go
index 8c4ae56..e7a2b1e 100644
--- a/key/sig.go
+++ b/key/sig.go
@@ -2,8 +2,11 @@ package key
 
 import (
 	"bytes"
+	"crypto/ed25519"
 	"encoding/hex"
 	"fmt"
+	"github.com/keybase/saltpack"
+	"github.com/keybase/saltpack/basic"
 )
 
 // SigPublicKey is a public NaCl signature verification key.
@@ -12,22 +15,30 @@ type SigPublicKey [32]byte
 // SigPrivateKey is a private NaCl signing key.
 type SigPrivateKey [64]byte
 
+type SigKeypair struct {
+	public  SigPublicKey
+	private SigPrivateKey
+}
+
 // LoadSigKeypair reads the public and private NaCl signature keys from disc,
 // or generates a new keypair if it does not already exist.
-func LoadSigKeypair() (pub SigPublicKey, priv SigPrivateKey, err error) {
-	err = generateSigKeypairIfNotExist()
+func LoadSigKeypair() (SigKeypair, error) {
+	err := generateSigKeypairIfNotExist()
 	if err != nil {
-		return
+		return SigKeypair{}, err
 	}
 
-	pub, err = loadKey(sigPubKeyFile, DecodeSigPublicKey)
+	pub, err := loadKey(sigPubKeyFile, DecodeSigPublicKey)
 	if err != nil {
-		return
+		return SigKeypair{}, err
 	}
 
-	priv, err = loadKey(sigPrivKeyFile, DecodeSigPrivateKey)
+	priv, err := loadKey(sigPrivKeyFile, DecodeSigPrivateKey)
+	if err != nil {
+		return SigKeypair{}, err
+	}
 
-	return
+	return SigKeypair{pub, priv}, nil
 }
 
 // LoadSigPublicKey reads the public signature verification key from disc,
@@ -79,3 +90,15 @@ func DecodeSigPrivateKey(buf []byte) (SigPrivateKey, error) {
 	}
 	return key, nil
 }
+
+func (pair SigKeypair) Sign(message []byte) ([]byte, error) {
+	public := [ed25519.PublicKeySize]byte(pair.public)
+	private := [ed25519.PrivateKeySize]byte(pair.private)
+	key := basic.NewSigningSecretKey(&public, &private)
+	return key.Sign(message)
+}
+
+func (pair SigKeypair) GetPublicKey() saltpack.SigningPublicKey {
+	public := [ed25519.PublicKeySize]byte(pair.public)
+	return basic.NewSigningPublicKey(&public)
+}
-- 
cgit v1.2.3