1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
|
package key
import (
"bytes"
"encoding/hex"
"fmt"
"github.com/keybase/saltpack"
"github.com/keybase/saltpack/basic"
)
// BoxPublicKey is a public NaCl box key.
type BoxPublicKey [32]byte
// BoxPrivateKey is a private NaCl box key.
type BoxPrivateKey [32]byte
type BoxKeypair struct {
Public BoxPublicKey
Private BoxPrivateKey
}
// LoadBoxKeypair reads the public and private NaCl box keys from disc,
// or generates a new keypair if it does not already exist.
// These keys can be used for NaCl box (encryption/decryption) operations.
func LoadBoxKeypair() (BoxKeypair, error) {
err := generateBoxKeypairIfNotExist()
if err != nil {
return BoxKeypair{}, err
}
pub, err := loadBoxKey(boxPubKeyFile)
if err != nil {
return BoxKeypair{}, err
}
priv, err := loadBoxKey(boxPrivKeyFile)
if err != nil {
return BoxKeypair{}, err
}
return BoxKeypair{pub, priv}, nil
}
// LoadBoxPublicKey reads the public NaCl box key from disc,
// or generates a new keypair if it does not already exist.
func LoadBoxPublicKey() (BoxPublicKey, error) {
err := generateBoxKeypairIfNotExist()
if err != nil {
return BoxPublicKey{}, err
}
key, err := loadBoxKey(boxPubKeyFile)
return BoxPublicKey(key), err
}
// loadBoxKey reads a NaCl box key (public or private) from the specified file.
func loadBoxKey(filename string) ([32]byte, error) {
return loadKey(filename, decodeBoxKey)
}
func (bpk1 BoxPublicKey) Compare(bpk2 BoxPublicKey) int {
return bytes.Compare(bpk1[:], bpk2[:])
}
func DecodeBoxPublicKey(buf []byte) (BoxPublicKey, error) {
key, err := decodeBoxKey(buf)
return BoxPublicKey(key), err
}
func decodeBoxKey(buf []byte) ([32]byte, error) {
var key [32]byte
if hex.DecodedLen(len(buf)) != len(key) {
return [32]byte{}, fmt.Errorf("malformed box key: expected %d bytes; got %d",
len(key), hex.DecodedLen(len(buf)))
}
if _, err := hex.Decode(key[:], buf); err != nil {
return [32]byte{}, err
}
return key, nil
}
func (key BoxPublicKey) ToKID() []byte {
return key[:]
}
func (key BoxPublicKey) CreateEphemeralKey() (saltpack.BoxSecretKey, error) {
return basic.EphemeralKeyCreator{}.CreateEphemeralKey()
}
func (key BoxPublicKey) ToRawBoxKeyPointer() *saltpack.RawBoxKey {
raw := saltpack.RawBoxKey(key)
return &raw
}
func (key BoxPublicKey) HideIdentity() bool {
return false
}
func (pair BoxKeypair) Box(receiver saltpack.BoxPublicKey, nonce saltpack.Nonce, msg []byte) []byte {
return pair.secretKey().Box(receiver, nonce, msg)
}
func (pair BoxKeypair) Unbox(sender saltpack.BoxPublicKey, nonce saltpack.Nonce, msg []byte) ([]byte, error) {
return pair.secretKey().Unbox(sender, nonce, msg)
}
func (pair BoxKeypair) GetPublicKey() saltpack.BoxPublicKey {
return pair.Public
}
func (pair BoxKeypair) Precompute(peer saltpack.BoxPublicKey) saltpack.BoxPrecomputedSharedKey {
return pair.secretKey().Precompute(peer)
}
func (pair BoxKeypair) secretKey() saltpack.BoxSecretKey {
pub, sec := [32]byte(pair.Public), [32]byte(pair.Private)
return basic.NewSecretKey(&pub, &sec)
}
|