Imports #
"bytes"
"crypto/ed25519"
"crypto/sha256"
"encoding/base64"
"encoding/binary"
"errors"
"fmt"
"io"
"strconv"
"strings"
"unicode"
"unicode/utf8"
note
Imports
Constants & Variables
algEd25519 const #
const algEd25519 = 1errInvalidSigner var #
var errInvalidSigner = *ast.CallExprerrMalformedNote var #
var errMalformedNote = *ast.CallExprerrMismatchedVerifier var #
var errMismatchedVerifier = *ast.CallExprerrSignerAlg var #
var errSignerAlg = *ast.CallExprerrSignerHash var #
var errSignerHash = *ast.CallExprerrSignerID var #
var errSignerID = *ast.CallExprerrVerifierAlg var #
var errVerifierAlg = *ast.CallExprerrVerifierHash var #
var errVerifierHash = *ast.CallExprerrVerifierID var #
var errVerifierID = *ast.CallExprsigPrefix var #
var sigPrefix = *ast.CallExprsigSplit var #
var sigSplit = *ast.CallExprType Aliases
verifierMap type #
type verifierMap map[nameHash][]VerifierInterfaces
Signer interface #
A Signer signs messages using a specific key.
type Signer interface {
Name() string
KeyHash() uint32
Sign(msg []byte) ([]byte, error)
}Verifier interface #
A Verifier verifies messages signed with a specific key.
type Verifier interface {
Name() string
KeyHash() uint32
Verify(msg []byte, sig []byte) bool
}Verifiers interface #
A Verifiers is a collection of known verifier keys.
type Verifiers interface {
Verifier(name string, hash uint32) (Verifier, error)
}Structs
InvalidSignatureError struct #
An InvalidSignatureError indicates that the given key was known and the associated Verifier rejected the signature.
type InvalidSignatureError struct {
Name string
Hash uint32
}Note struct #
A Note is a text and signatures.
type Note struct {
Text string
Sigs []Signature
UnverifiedSigs []Signature
}Signature struct #
A Signature is a single signature found in a note.
type Signature struct {
Name string
Hash uint32
Base64 string
}UnknownVerifierError struct #
An UnknownVerifierError indicates that the given key is not known. The Open function records signatures without associated verifiers as unverified signatures.
type UnknownVerifierError struct {
Name string
KeyHash uint32
}UnverifiedNoteError struct #
An UnverifiedNoteError indicates that the note successfully parsed but had no verifiable signatures.
type UnverifiedNoteError struct {
Note *Note
}ambiguousVerifierError struct #
An ambiguousVerifierError indicates that the given name and hash match multiple keys passed to [VerifierList]. (If this happens, some malicious actor has taken control of the verifier list, at which point we may as well give up entirely, but we diagnose the problem instead.)
type ambiguousVerifierError struct {
name string
hash uint32
}nameHash struct #
type nameHash struct {
name string
hash uint32
}signer struct #
signer is a trivial Signer implementation.
type signer struct {
name string
hash uint32
sign func([]byte) ([]byte, error)
}verifier struct #
verifier is a trivial Verifier implementation.
type verifier struct {
name string
hash uint32
verify func([]byte, []byte) bool
}Functions
Error method #
func (e *UnverifiedNoteError) Error() stringError method #
func (e *InvalidSignatureError) Error() stringError method #
func (e *UnknownVerifierError) Error() stringError method #
func (e *ambiguousVerifierError) Error() stringGenerateKey function #
GenerateKey generates a signer and verifier key pair for a named server. The signer key skey is private and must be kept secret.
func GenerateKey(rand io.Reader, name string) (skey string, vkey string, err error)KeyHash method #
func (v *verifier) KeyHash() uint32KeyHash method #
func (s *signer) KeyHash() uint32Name method #
func (v *verifier) Name() stringName method #
func (s *signer) Name() stringNewEd25519VerifierKey function #
NewEd25519VerifierKey returns an encoded verifier key using the given name and Ed25519 public key.
func NewEd25519VerifierKey(name string, key ed25519.PublicKey) (string, error)NewSigner function #
NewSigner constructs a new [Signer] from an encoded signer key.
func NewSigner(skey string) (Signer, error)NewVerifier function #
NewVerifier construct a new [Verifier] from an encoded verifier key.
func NewVerifier(vkey string) (Verifier, error)Open function #
Open opens and parses the message msg, checking signatures from the known verifiers. For each signature in the message, Open calls known.Verifier to find a verifier. If known.Verifier returns a verifier and the verifier accepts the signature, Open records the signature in the returned note's Sigs field. If known.Verifier returns a verifier but the verifier rejects the signature, Open returns an InvalidSignatureError. If known.Verifier returns an UnknownVerifierError, Open records the signature in the returned note's UnverifiedSigs field. If known.Verifier returns any other error, Open returns that error. If no known verifier has signed an otherwise valid note, Open returns an [UnverifiedNoteError]. In this case, the unverified note can be fetched from inside the error.
func Open(msg []byte, known Verifiers) (*Note, error)Sign method #
func (s *signer) Sign(msg []byte) ([]byte, error)Sign function #
Sign signs the note with the given signers and returns the encoded message. The new signatures from signers are listed in the encoded message after the existing signatures already present in n.Sigs. If any signer uses the same key as an existing signature, the existing signature is elided from the output.
func Sign(n *Note, signers ...Signer) ([]byte, error)Verifier method #
func (m verifierMap) Verifier(name string, hash uint32) (Verifier, error)VerifierList function #
VerifierList returns a [Verifiers] implementation that uses the given list of verifiers.
func VerifierList(list ...Verifier) VerifiersVerify method #
func (v *verifier) Verify(msg []byte, sig []byte) boolchop function #
chop chops s at the first instance of sep, if any, and returns the text before and after sep. If sep is not present, chop returns before is s and after is empty.
func chop(s string, sep string) (before string, after string)isValidName function #
isValidName reports whether name is valid. It must be non-empty and not have any Unicode spaces or pluses.
func isValidName(name string) boolkeyHash function #
keyHash computes the key hash for the given server name and encoded public key.
func keyHash(name string, key []byte) uint32Generated with Arrow