Rename keys
This commit is contained in:
mcrakhman
parent
37e6722ffb
commit
fe90278b8e
@ -7,7 +7,7 @@ import (
|
|||||||
|
|
||||||
type AccountData struct { // TODO: create a convenient constructor for this
|
type AccountData struct { // TODO: create a convenient constructor for this
|
||||||
Identity string // TODO: this is essentially the same as sign key
|
Identity string // TODO: this is essentially the same as sign key
|
||||||
SignKey signingkey.SigningPrivKey
|
SignKey signingkey.PrivKey
|
||||||
EncKey encryptionkey.EncryptionPrivKey
|
EncKey encryptionkey.PrivKey
|
||||||
Decoder signingkey.SigningPubKeyDecoder
|
Decoder signingkey.PubKeyDecoder
|
||||||
}
|
}
|
||||||
|
|||||||
@ -22,15 +22,15 @@ type ACLState struct {
|
|||||||
userReadKeys map[uint64]*symmetric.Key
|
userReadKeys map[uint64]*symmetric.Key
|
||||||
userStates map[string]*pb.ACLChangeUserState
|
userStates map[string]*pb.ACLChangeUserState
|
||||||
userInvites map[string]*pb.ACLChangeUserInvite
|
userInvites map[string]*pb.ACLChangeUserInvite
|
||||||
signingPubKeyDecoder signingkey.SigningPubKeyDecoder
|
signingPubKeyDecoder signingkey.PubKeyDecoder
|
||||||
encryptionKey encryptionkey.EncryptionPrivKey
|
encryptionKey encryptionkey.PrivKey
|
||||||
identity string
|
identity string
|
||||||
}
|
}
|
||||||
|
|
||||||
func newACLState(
|
func newACLState(
|
||||||
identity string,
|
identity string,
|
||||||
encryptionKey encryptionkey.EncryptionPrivKey,
|
encryptionKey encryptionkey.PrivKey,
|
||||||
signingPubKeyDecoder signingkey.SigningPubKeyDecoder) *ACLState {
|
signingPubKeyDecoder signingkey.PubKeyDecoder) *ACLState {
|
||||||
return &ACLState{
|
return &ACLState{
|
||||||
identity: identity,
|
identity: identity,
|
||||||
encryptionKey: encryptionKey,
|
encryptionKey: encryptionKey,
|
||||||
@ -44,8 +44,8 @@ func newACLState(
|
|||||||
func newACLStateFromSnapshotChange(
|
func newACLStateFromSnapshotChange(
|
||||||
snapshotChange *pb.ACLChange,
|
snapshotChange *pb.ACLChange,
|
||||||
identity string,
|
identity string,
|
||||||
encryptionKey encryptionkey.EncryptionPrivKey,
|
encryptionKey encryptionkey.PrivKey,
|
||||||
signingPubKeyDecoder signingkey.SigningPubKeyDecoder) (*ACLState, error) {
|
signingPubKeyDecoder signingkey.PubKeyDecoder) (*ACLState, error) {
|
||||||
st := &ACLState{
|
st := &ACLState{
|
||||||
identity: identity,
|
identity: identity,
|
||||||
encryptionKey: encryptionKey,
|
encryptionKey: encryptionKey,
|
||||||
|
|||||||
@ -11,8 +11,8 @@ import (
|
|||||||
type aclStateBuilder struct {
|
type aclStateBuilder struct {
|
||||||
tree *Tree
|
tree *Tree
|
||||||
identity string
|
identity string
|
||||||
key encryptionkey.EncryptionPrivKey
|
key encryptionkey.PrivKey
|
||||||
decoder signingkey.SigningPubKeyDecoder
|
decoder signingkey.PubKeyDecoder
|
||||||
}
|
}
|
||||||
|
|
||||||
type decreasedPermissionsParameters struct {
|
type decreasedPermissionsParameters struct {
|
||||||
@ -20,7 +20,7 @@ type decreasedPermissionsParameters struct {
|
|||||||
startChange string
|
startChange string
|
||||||
}
|
}
|
||||||
|
|
||||||
func newACLStateBuilder(decoder signingkey.SigningPubKeyDecoder, accountData *account.AccountData) *aclStateBuilder {
|
func newACLStateBuilder(decoder signingkey.PubKeyDecoder, accountData *account.AccountData) *aclStateBuilder {
|
||||||
return &aclStateBuilder{
|
return &aclStateBuilder{
|
||||||
decoder: decoder,
|
decoder: decoder,
|
||||||
identity: accountData.Identity,
|
identity: accountData.Identity,
|
||||||
|
|||||||
@ -10,15 +10,15 @@ import (
|
|||||||
|
|
||||||
type aclTreeBuilder struct {
|
type aclTreeBuilder struct {
|
||||||
cache map[string]*Change
|
cache map[string]*Change
|
||||||
identityKeys map[string]signingkey.SigningPubKey
|
identityKeys map[string]signingkey.PubKey
|
||||||
signingPubKeyDecoder signingkey.SigningPubKeyDecoder
|
signingPubKeyDecoder signingkey.PubKeyDecoder
|
||||||
tree *Tree
|
tree *Tree
|
||||||
treeStorage treestorage.TreeStorage
|
treeStorage treestorage.TreeStorage
|
||||||
|
|
||||||
*changeLoader
|
*changeLoader
|
||||||
}
|
}
|
||||||
|
|
||||||
func newACLTreeBuilder(t treestorage.TreeStorage, decoder signingkey.SigningPubKeyDecoder) *aclTreeBuilder {
|
func newACLTreeBuilder(t treestorage.TreeStorage, decoder signingkey.PubKeyDecoder) *aclTreeBuilder {
|
||||||
return &aclTreeBuilder{
|
return &aclTreeBuilder{
|
||||||
signingPubKeyDecoder: decoder,
|
signingPubKeyDecoder: decoder,
|
||||||
treeStorage: t,
|
treeStorage: t,
|
||||||
@ -31,7 +31,7 @@ func newACLTreeBuilder(t treestorage.TreeStorage, decoder signingkey.SigningPubK
|
|||||||
|
|
||||||
func (tb *aclTreeBuilder) Init() {
|
func (tb *aclTreeBuilder) Init() {
|
||||||
tb.cache = make(map[string]*Change)
|
tb.cache = make(map[string]*Change)
|
||||||
tb.identityKeys = make(map[string]signingkey.SigningPubKey)
|
tb.identityKeys = make(map[string]signingkey.PubKey)
|
||||||
tb.tree = &Tree{}
|
tb.tree = &Tree{}
|
||||||
tb.changeLoader.Init(tb.cache, tb.identityKeys)
|
tb.changeLoader.Init(tb.cache, tb.identityKeys)
|
||||||
}
|
}
|
||||||
|
|||||||
@ -14,7 +14,7 @@ import (
|
|||||||
type MarshalledChange = []byte
|
type MarshalledChange = []byte
|
||||||
|
|
||||||
type ACLChangeBuilder interface {
|
type ACLChangeBuilder interface {
|
||||||
UserAdd(identity string, encryptionKey encryptionkey.EncryptionPubKey, permissions pb.ACLChangeUserPermissions) error
|
UserAdd(identity string, encryptionKey encryptionkey.PubKey, permissions pb.ACLChangeUserPermissions) error
|
||||||
AddId(id string) // TODO: this is only for testing
|
AddId(id string) // TODO: this is only for testing
|
||||||
SetMakeSnapshot(bool) // TODO: who should decide this? probably ACLTree so we can delete it
|
SetMakeSnapshot(bool) // TODO: who should decide this? probably ACLTree so we can delete it
|
||||||
}
|
}
|
||||||
@ -68,7 +68,7 @@ func (c *changeBuilder) SetMakeSnapshot(b bool) {
|
|||||||
c.makeSnapshot = b
|
c.makeSnapshot = b
|
||||||
}
|
}
|
||||||
|
|
||||||
func (c *changeBuilder) UserAdd(identity string, encryptionKey encryptionkey.EncryptionPubKey, permissions pb.ACLChangeUserPermissions) error {
|
func (c *changeBuilder) UserAdd(identity string, encryptionKey encryptionkey.PubKey, permissions pb.ACLChangeUserPermissions) error {
|
||||||
var allKeys []*symmetric.Key
|
var allKeys []*symmetric.Key
|
||||||
if c.aclState.currentReadKeyHash != 0 {
|
if c.aclState.currentReadKeyHash != 0 {
|
||||||
for _, key := range c.aclState.userReadKeys {
|
for _, key := range c.aclState.userReadKeys {
|
||||||
|
|||||||
@ -13,15 +13,15 @@ import (
|
|||||||
|
|
||||||
type changeLoader struct {
|
type changeLoader struct {
|
||||||
cache map[string]*Change
|
cache map[string]*Change
|
||||||
identityKeys map[string]signingkey.SigningPubKey
|
identityKeys map[string]signingkey.PubKey
|
||||||
signingPubKeyDecoder signingkey.SigningPubKeyDecoder
|
signingPubKeyDecoder signingkey.PubKeyDecoder
|
||||||
treeStorage treestorage.TreeStorage
|
treeStorage treestorage.TreeStorage
|
||||||
changeCreator func(id string, ch *pb.ACLChange) *Change
|
changeCreator func(id string, ch *pb.ACLChange) *Change
|
||||||
}
|
}
|
||||||
|
|
||||||
func newChangeLoader(
|
func newChangeLoader(
|
||||||
treeStorage treestorage.TreeStorage,
|
treeStorage treestorage.TreeStorage,
|
||||||
signingPubKeyDecoder signingkey.SigningPubKeyDecoder,
|
signingPubKeyDecoder signingkey.PubKeyDecoder,
|
||||||
changeCreator func(id string, ch *pb.ACLChange) *Change) *changeLoader {
|
changeCreator func(id string, ch *pb.ACLChange) *Change) *changeLoader {
|
||||||
return &changeLoader{
|
return &changeLoader{
|
||||||
signingPubKeyDecoder: signingPubKeyDecoder,
|
signingPubKeyDecoder: signingPubKeyDecoder,
|
||||||
@ -31,7 +31,7 @@ func newChangeLoader(
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (c *changeLoader) Init(cache map[string]*Change,
|
func (c *changeLoader) Init(cache map[string]*Change,
|
||||||
identityKeys map[string]signingkey.SigningPubKey) {
|
identityKeys map[string]signingkey.PubKey) {
|
||||||
c.cache = cache
|
c.cache = cache
|
||||||
c.identityKeys = identityKeys
|
c.identityKeys = identityKeys
|
||||||
}
|
}
|
||||||
|
|||||||
@ -10,13 +10,13 @@ import (
|
|||||||
type snapshotValidator struct {
|
type snapshotValidator struct {
|
||||||
aclTree *Tree
|
aclTree *Tree
|
||||||
identity string
|
identity string
|
||||||
key encryptionkey.EncryptionPrivKey
|
key encryptionkey.PrivKey
|
||||||
decoder signingkey.SigningPubKeyDecoder
|
decoder signingkey.PubKeyDecoder
|
||||||
stateBuilder *aclStateBuilder
|
stateBuilder *aclStateBuilder
|
||||||
}
|
}
|
||||||
|
|
||||||
func newSnapshotValidator(
|
func newSnapshotValidator(
|
||||||
decoder signingkey.SigningPubKeyDecoder,
|
decoder signingkey.PubKeyDecoder,
|
||||||
accountData *account.AccountData) *snapshotValidator {
|
accountData *account.AccountData) *snapshotValidator {
|
||||||
return &snapshotValidator{
|
return &snapshotValidator{
|
||||||
identity: accountData.Identity,
|
identity: accountData.Identity,
|
||||||
|
|||||||
@ -18,15 +18,15 @@ var (
|
|||||||
|
|
||||||
type treeBuilder struct {
|
type treeBuilder struct {
|
||||||
cache map[string]*Change
|
cache map[string]*Change
|
||||||
identityKeys map[string]signingkey.SigningPubKey
|
identityKeys map[string]signingkey.PubKey
|
||||||
signingPubKeyDecoder signingkey.SigningPubKeyDecoder
|
signingPubKeyDecoder signingkey.PubKeyDecoder
|
||||||
tree *Tree
|
tree *Tree
|
||||||
treeStorage treestorage.TreeStorage
|
treeStorage treestorage.TreeStorage
|
||||||
|
|
||||||
*changeLoader
|
*changeLoader
|
||||||
}
|
}
|
||||||
|
|
||||||
func newTreeBuilder(t treestorage.TreeStorage, decoder signingkey.SigningPubKeyDecoder) *treeBuilder {
|
func newTreeBuilder(t treestorage.TreeStorage, decoder signingkey.PubKeyDecoder) *treeBuilder {
|
||||||
return &treeBuilder{
|
return &treeBuilder{
|
||||||
signingPubKeyDecoder: decoder,
|
signingPubKeyDecoder: decoder,
|
||||||
treeStorage: t,
|
treeStorage: t,
|
||||||
@ -39,7 +39,7 @@ func newTreeBuilder(t treestorage.TreeStorage, decoder signingkey.SigningPubKeyD
|
|||||||
|
|
||||||
func (tb *treeBuilder) Init() {
|
func (tb *treeBuilder) Init() {
|
||||||
tb.cache = make(map[string]*Change)
|
tb.cache = make(map[string]*Change)
|
||||||
tb.identityKeys = make(map[string]signingkey.SigningPubKey)
|
tb.identityKeys = make(map[string]signingkey.PubKey)
|
||||||
tb.tree = &Tree{}
|
tb.tree = &Tree{}
|
||||||
tb.changeLoader.Init(tb.cache, tb.identityKeys)
|
tb.changeLoader.Init(tb.cache, tb.identityKeys)
|
||||||
}
|
}
|
||||||
|
|||||||
@ -15,20 +15,20 @@ type SymKey struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
type Keychain struct {
|
type Keychain struct {
|
||||||
SigningKeys map[string]signingkey.SigningPrivKey
|
SigningKeys map[string]signingkey.PrivKey
|
||||||
SigningKeysByIdentity map[string]signingkey.SigningPrivKey
|
SigningKeysByIdentity map[string]signingkey.PrivKey
|
||||||
EncryptionKeys map[string]encryptionkey.EncryptionPrivKey
|
EncryptionKeys map[string]encryptionkey.PrivKey
|
||||||
ReadKeys map[string]*SymKey
|
ReadKeys map[string]*SymKey
|
||||||
ReadKeysByHash map[uint64]*SymKey
|
ReadKeysByHash map[uint64]*SymKey
|
||||||
GeneratedIdentities map[string]string
|
GeneratedIdentities map[string]string
|
||||||
coder signingkey.SigningPubKeyDecoder
|
coder signingkey.PubKeyDecoder
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewKeychain() *Keychain {
|
func NewKeychain() *Keychain {
|
||||||
return &Keychain{
|
return &Keychain{
|
||||||
SigningKeys: map[string]signingkey.SigningPrivKey{},
|
SigningKeys: map[string]signingkey.PrivKey{},
|
||||||
SigningKeysByIdentity: map[string]signingkey.SigningPrivKey{},
|
SigningKeysByIdentity: map[string]signingkey.PrivKey{},
|
||||||
EncryptionKeys: map[string]encryptionkey.EncryptionPrivKey{},
|
EncryptionKeys: map[string]encryptionkey.PrivKey{},
|
||||||
GeneratedIdentities: map[string]string{},
|
GeneratedIdentities: map[string]string{},
|
||||||
ReadKeys: map[string]*SymKey{},
|
ReadKeys: map[string]*SymKey{},
|
||||||
ReadKeysByHash: map[uint64]*SymKey{},
|
ReadKeysByHash: map[uint64]*SymKey{},
|
||||||
|
|||||||
@ -25,7 +25,7 @@ type treeChange struct {
|
|||||||
*pb.ACLChange
|
*pb.ACLChange
|
||||||
id string
|
id string
|
||||||
readKey *SymKey
|
readKey *SymKey
|
||||||
signKey signingkey.SigningPrivKey
|
signKey signingkey.PrivKey
|
||||||
|
|
||||||
changesDataDecrypted []byte
|
changesDataDecrypted []byte
|
||||||
}
|
}
|
||||||
@ -297,7 +297,7 @@ func (t *TreeStorageBuilder) parseACLSnapshot(s *ACLSnapshot) *pb.ACLChangeACLSn
|
|||||||
aclUserState.Identity = t.keychain.GetIdentity(state.Identity)
|
aclUserState.Identity = t.keychain.GetIdentity(state.Identity)
|
||||||
|
|
||||||
encKey := t.keychain.
|
encKey := t.keychain.
|
||||||
GetKey(state.EncryptionKey).(encryptionkey.EncryptionPrivKey)
|
GetKey(state.EncryptionKey).(encryptionkey.PrivKey)
|
||||||
rawKey, _ := encKey.GetPublic().Raw()
|
rawKey, _ := encKey.GetPublic().Raw()
|
||||||
aclUserState.EncryptionKey = rawKey
|
aclUserState.EncryptionKey = rawKey
|
||||||
|
|
||||||
@ -334,7 +334,7 @@ func (t *TreeStorageBuilder) parseACLChange(ch *ACLChange) (convCh *pb.ACLChange
|
|||||||
add := ch.UserAdd
|
add := ch.UserAdd
|
||||||
|
|
||||||
encKey := t.keychain.
|
encKey := t.keychain.
|
||||||
GetKey(add.EncryptionKey).(encryptionkey.EncryptionPrivKey)
|
GetKey(add.EncryptionKey).(encryptionkey.PrivKey)
|
||||||
rawKey, _ := encKey.GetPublic().Raw()
|
rawKey, _ := encKey.GetPublic().Raw()
|
||||||
|
|
||||||
convCh = &pb.ACLChangeACLContentValue{
|
convCh = &pb.ACLChangeACLContentValue{
|
||||||
@ -351,11 +351,11 @@ func (t *TreeStorageBuilder) parseACLChange(ch *ACLChange) (convCh *pb.ACLChange
|
|||||||
join := ch.UserJoin
|
join := ch.UserJoin
|
||||||
|
|
||||||
encKey := t.keychain.
|
encKey := t.keychain.
|
||||||
GetKey(join.EncryptionKey).(encryptionkey.EncryptionPrivKey)
|
GetKey(join.EncryptionKey).(encryptionkey.PrivKey)
|
||||||
rawKey, _ := encKey.GetPublic().Raw()
|
rawKey, _ := encKey.GetPublic().Raw()
|
||||||
|
|
||||||
idKey, _ := t.keychain.SigningKeys[join.Identity].GetPublic().Raw()
|
idKey, _ := t.keychain.SigningKeys[join.Identity].GetPublic().Raw()
|
||||||
signKey := t.keychain.GetKey(join.AcceptSignature).(signingkey.SigningPrivKey)
|
signKey := t.keychain.GetKey(join.AcceptSignature).(signingkey.PrivKey)
|
||||||
signature, err := signKey.Sign(idKey)
|
signature, err := signKey.Sign(idKey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic(err)
|
panic(err)
|
||||||
@ -374,9 +374,9 @@ func (t *TreeStorageBuilder) parseACLChange(ch *ACLChange) (convCh *pb.ACLChange
|
|||||||
}
|
}
|
||||||
case ch.UserInvite != nil:
|
case ch.UserInvite != nil:
|
||||||
invite := ch.UserInvite
|
invite := ch.UserInvite
|
||||||
rawAcceptKey, _ := t.keychain.GetKey(invite.AcceptKey).(signingkey.SigningPrivKey).GetPublic().Raw()
|
rawAcceptKey, _ := t.keychain.GetKey(invite.AcceptKey).(signingkey.PrivKey).GetPublic().Raw()
|
||||||
encKey := t.keychain.
|
encKey := t.keychain.
|
||||||
GetKey(invite.EncryptionKey).(encryptionkey.EncryptionPrivKey)
|
GetKey(invite.EncryptionKey).(encryptionkey.PrivKey)
|
||||||
rawEncKey, _ := encKey.GetPublic().Raw()
|
rawEncKey, _ := encKey.GetPublic().Raw()
|
||||||
|
|
||||||
convCh = &pb.ACLChangeACLContentValue{
|
convCh = &pb.ACLChangeACLContentValue{
|
||||||
@ -449,7 +449,7 @@ func (t *TreeStorageBuilder) parseACLChange(ch *ACLChange) (convCh *pb.ACLChange
|
|||||||
return convCh
|
return convCh
|
||||||
}
|
}
|
||||||
|
|
||||||
func (t *TreeStorageBuilder) encryptReadKeys(keys []string, encKey encryptionkey.EncryptionPrivKey) (enc [][]byte) {
|
func (t *TreeStorageBuilder) encryptReadKeys(keys []string, encKey encryptionkey.PrivKey) (enc [][]byte) {
|
||||||
for _, k := range keys {
|
for _, k := range keys {
|
||||||
realKey := t.keychain.GetKey(k).(*SymKey).Key.Bytes()
|
realKey := t.keychain.GetKey(k).(*SymKey).Key.Bytes()
|
||||||
res, err := encKey.GetPublic().Encrypt(realKey)
|
res, err := encKey.GetPublic().Encrypt(realKey)
|
||||||
|
|||||||
@ -2,14 +2,14 @@ package encryptionkey
|
|||||||
|
|
||||||
import "github.com/anytypeio/go-anytype-infrastructure-experiments/util/keys"
|
import "github.com/anytypeio/go-anytype-infrastructure-experiments/util/keys"
|
||||||
|
|
||||||
type EncryptionPrivKey interface {
|
type PrivKey interface {
|
||||||
keys.Key
|
keys.Key
|
||||||
|
|
||||||
Decrypt([]byte) ([]byte, error)
|
Decrypt([]byte) ([]byte, error)
|
||||||
GetPublic() EncryptionPubKey
|
GetPublic() PubKey
|
||||||
}
|
}
|
||||||
|
|
||||||
type EncryptionPubKey interface {
|
type PubKey interface {
|
||||||
keys.Key
|
keys.Key
|
||||||
|
|
||||||
Encrypt(data []byte) ([]byte, error)
|
Encrypt(data []byte) ([]byte, error)
|
||||||
|
|||||||
@ -60,15 +60,15 @@ func (e *EncryptionRsaPrivKey) Decrypt(bytes []byte) ([]byte, error) {
|
|||||||
return rsa.DecryptOAEP(hash, rand.Reader, &e.privKey, bytes, nil)
|
return rsa.DecryptOAEP(hash, rand.Reader, &e.privKey, bytes, nil)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (e *EncryptionRsaPrivKey) GetPublic() EncryptionPubKey {
|
func (e *EncryptionRsaPrivKey) GetPublic() PubKey {
|
||||||
return &EncryptionRsaPubKey{pubKey: e.privKey.PublicKey}
|
return &EncryptionRsaPubKey{pubKey: e.privKey.PublicKey}
|
||||||
}
|
}
|
||||||
|
|
||||||
func GenerateRandomRSAKeyPair(bits int) (EncryptionPrivKey, EncryptionPubKey, error) {
|
func GenerateRandomRSAKeyPair(bits int) (PrivKey, PubKey, error) {
|
||||||
return GenerateRSAKeyPair(bits, rand.Reader)
|
return GenerateRSAKeyPair(bits, rand.Reader)
|
||||||
}
|
}
|
||||||
|
|
||||||
func GenerateRSAKeyPair(bits int, src io.Reader) (EncryptionPrivKey, EncryptionPubKey, error) {
|
func GenerateRSAKeyPair(bits int, src io.Reader) (PrivKey, PubKey, error) {
|
||||||
if bits < MinRsaKeyBits {
|
if bits < MinRsaKeyBits {
|
||||||
return nil, nil, ErrKeyLengthTooSmall
|
return nil, nil, ErrKeyLengthTooSmall
|
||||||
}
|
}
|
||||||
@ -80,7 +80,7 @@ func GenerateRSAKeyPair(bits int, src io.Reader) (EncryptionPrivKey, EncryptionP
|
|||||||
return &EncryptionRsaPrivKey{privKey: *priv}, &EncryptionRsaPubKey{pubKey: pk}, nil
|
return &EncryptionRsaPrivKey{privKey: *priv}, &EncryptionRsaPubKey{pubKey: pk}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewEncryptionRsaPrivKeyFromBytes(bytes []byte) (EncryptionPrivKey, error) {
|
func NewEncryptionRsaPrivKeyFromBytes(bytes []byte) (PrivKey, error) {
|
||||||
sk, err := x509.ParsePKCS1PrivateKey(bytes)
|
sk, err := x509.ParsePKCS1PrivateKey(bytes)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
@ -91,7 +91,7 @@ func NewEncryptionRsaPrivKeyFromBytes(bytes []byte) (EncryptionPrivKey, error) {
|
|||||||
return &EncryptionRsaPrivKey{privKey: *sk}, nil
|
return &EncryptionRsaPrivKey{privKey: *sk}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewEncryptionRsaPubKeyFromBytes(bytes []byte) (EncryptionPubKey, error) {
|
func NewEncryptionRsaPubKeyFromBytes(bytes []byte) (PubKey, error) {
|
||||||
pub, err := x509.ParsePKIXPublicKey(bytes)
|
pub, err := x509.ParsePKIXPublicKey(bytes)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
|
|||||||
@ -23,16 +23,16 @@ type Ed25519PublicKey struct {
|
|||||||
k ed25519.PublicKey
|
k ed25519.PublicKey
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewSigningEd25519PubKeyFromBytes(bytes []byte) (SigningPubKey, error) {
|
func NewSigningEd25519PubKeyFromBytes(bytes []byte) (PubKey, error) {
|
||||||
return UnmarshalEd25519PublicKey(bytes)
|
return UnmarshalEd25519PublicKey(bytes)
|
||||||
}
|
}
|
||||||
|
|
||||||
func GenerateRandomEd25519KeyPair() (SigningPrivKey, SigningPubKey, error) {
|
func GenerateRandomEd25519KeyPair() (PrivKey, PubKey, error) {
|
||||||
return GenerateEd25519Key(rand.Reader)
|
return GenerateEd25519Key(rand.Reader)
|
||||||
}
|
}
|
||||||
|
|
||||||
// GenerateEd25519Key generates a new ed25519 private and public key pair.
|
// GenerateEd25519Key generates a new ed25519 private and public key pair.
|
||||||
func GenerateEd25519Key(src io.Reader) (SigningPrivKey, SigningPubKey, error) {
|
func GenerateEd25519Key(src io.Reader) (PrivKey, PubKey, error) {
|
||||||
pub, priv, err := ed25519.GenerateKey(src)
|
pub, priv, err := ed25519.GenerateKey(src)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, nil, err
|
return nil, nil, err
|
||||||
@ -74,7 +74,7 @@ func (k *Ed25519PrivateKey) Equals(o keys.Key) bool {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// GetPublic returns an ed25519 public key from a private key.
|
// GetPublic returns an ed25519 public key from a private key.
|
||||||
func (k *Ed25519PrivateKey) GetPublic() SigningPubKey {
|
func (k *Ed25519PrivateKey) GetPublic() PubKey {
|
||||||
return &Ed25519PublicKey{k: k.pubKeyBytes()}
|
return &Ed25519PublicKey{k: k.pubKeyBytes()}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -104,7 +104,7 @@ func (k *Ed25519PublicKey) Verify(data []byte, sig []byte) (bool, error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// UnmarshalEd25519PublicKey returns a public key from input bytes.
|
// UnmarshalEd25519PublicKey returns a public key from input bytes.
|
||||||
func UnmarshalEd25519PublicKey(data []byte) (SigningPubKey, error) {
|
func UnmarshalEd25519PublicKey(data []byte) (PubKey, error) {
|
||||||
if len(data) != 32 {
|
if len(data) != 32 {
|
||||||
return nil, errors.New("expect ed25519 public key data size to be 32")
|
return nil, errors.New("expect ed25519 public key data size to be 32")
|
||||||
}
|
}
|
||||||
@ -115,7 +115,7 @@ func UnmarshalEd25519PublicKey(data []byte) (SigningPubKey, error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// UnmarshalEd25519PrivateKey returns a private key from input bytes.
|
// UnmarshalEd25519PrivateKey returns a private key from input bytes.
|
||||||
func UnmarshalEd25519PrivateKey(data []byte) (SigningPrivKey, error) {
|
func UnmarshalEd25519PrivateKey(data []byte) (PrivKey, error) {
|
||||||
switch len(data) {
|
switch len(data) {
|
||||||
case ed25519.PrivateKeySize + ed25519.PublicKeySize:
|
case ed25519.PrivateKeySize + ed25519.PublicKeySize:
|
||||||
// Remove the redundant public key. See issue #36.
|
// Remove the redundant public key. See issue #36.
|
||||||
@ -146,15 +146,15 @@ func UnmarshalEd25519PrivateKey(data []byte) (SigningPrivKey, error) {
|
|||||||
|
|
||||||
type Ed25519SigningPubKeyDecoder struct{}
|
type Ed25519SigningPubKeyDecoder struct{}
|
||||||
|
|
||||||
func NewEd25519Decoder() SigningPubKeyDecoder {
|
func NewEd25519Decoder() PubKeyDecoder {
|
||||||
return &Ed25519SigningPubKeyDecoder{}
|
return &Ed25519SigningPubKeyDecoder{}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (e *Ed25519SigningPubKeyDecoder) DecodeFromBytes(bytes []byte) (SigningPubKey, error) {
|
func (e *Ed25519SigningPubKeyDecoder) DecodeFromBytes(bytes []byte) (PubKey, error) {
|
||||||
return NewSigningEd25519PubKeyFromBytes(bytes)
|
return NewSigningEd25519PubKeyFromBytes(bytes)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (e *Ed25519SigningPubKeyDecoder) DecodeFromString(identity string) (SigningPubKey, error) {
|
func (e *Ed25519SigningPubKeyDecoder) DecodeFromString(identity string) (PubKey, error) {
|
||||||
pubKeyRaw, err := strkey.Decode(0x5b, identity)
|
pubKeyRaw, err := strkey.Decode(0x5b, identity)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
@ -167,7 +167,7 @@ func (e *Ed25519SigningPubKeyDecoder) DecodeFromStringIntoBytes(identity string)
|
|||||||
return strkey.Decode(0x5b, identity)
|
return strkey.Decode(0x5b, identity)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (e *Ed25519SigningPubKeyDecoder) EncodeToString(pubkey SigningPubKey) (string, error) {
|
func (e *Ed25519SigningPubKeyDecoder) EncodeToString(pubkey PubKey) (string, error) {
|
||||||
raw, err := pubkey.Raw()
|
raw, err := pubkey.Raw()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", err
|
return "", err
|
||||||
|
|||||||
@ -2,23 +2,23 @@ package signingkey
|
|||||||
|
|
||||||
import "github.com/anytypeio/go-anytype-infrastructure-experiments/util/keys"
|
import "github.com/anytypeio/go-anytype-infrastructure-experiments/util/keys"
|
||||||
|
|
||||||
type SigningPrivKey interface {
|
type PrivKey interface {
|
||||||
keys.Key
|
keys.Key
|
||||||
|
|
||||||
Sign([]byte) ([]byte, error)
|
Sign([]byte) ([]byte, error)
|
||||||
|
|
||||||
GetPublic() SigningPubKey
|
GetPublic() PubKey
|
||||||
}
|
}
|
||||||
|
|
||||||
type SigningPubKey interface {
|
type PubKey interface {
|
||||||
keys.Key
|
keys.Key
|
||||||
|
|
||||||
Verify(data []byte, sig []byte) (bool, error)
|
Verify(data []byte, sig []byte) (bool, error)
|
||||||
}
|
}
|
||||||
|
|
||||||
type SigningPubKeyDecoder interface {
|
type PubKeyDecoder interface {
|
||||||
DecodeFromBytes(bytes []byte) (SigningPubKey, error)
|
DecodeFromBytes(bytes []byte) (PubKey, error)
|
||||||
DecodeFromString(identity string) (SigningPubKey, error)
|
DecodeFromString(identity string) (PubKey, error)
|
||||||
DecodeFromStringIntoBytes(identity string) ([]byte, error)
|
DecodeFromStringIntoBytes(identity string) ([]byte, error)
|
||||||
EncodeToString(pubkey SigningPubKey) (string, error)
|
EncodeToString(pubkey PubKey) (string, error)
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user