Documentation ¶
Overview ¶
Package sign can be used to verify messages were signed with a given secret key. The implementation uses the Ed25519 signature algorithm. See https://nacl.cr.yp.to/sign.html.
Example ¶
package main import ( "crypto/rand" "fmt" "log" "github.com/kevinburke/nacl/sign" ) func main() { // Create a public and private key pair. pubkey, privkey, err := sign.Keypair(rand.Reader) if err != nil { log.Fatal(err) } message := []byte("Are you taking notes on a criminal conspiracy?") signedMessage := sign.Sign(message, privkey) // The first SignatureSize bytes will be the signature. The remaining bytes // will be the message. fmt.Printf("%s\n", signedMessage[sign.SignatureSize:]) result := sign.Verify(signedMessage, pubkey) fmt.Println(result) }
Output: Are you taking notes on a criminal conspiracy? true
Index ¶
Examples ¶
Constants ¶
const ( // PublicKeySize is the size, in bytes, of public keys as used in this package. PublicKeySize = 32 // PrivateKeySize is the size, in bytes, of private keys as used in this package. PrivateKeySize = 64 // SignatureSize is the size, in bytes, of signatures generated and verified by this package. SignatureSize = 64 )
Variables ¶
This section is empty.
Functions ¶
func Keypair ¶
func Keypair(rand io.Reader) (publicKey PublicKey, privateKey PrivateKey, err error)
Keypair generates a public/private key pair using entropy from rand. If rand is nil, crypto/rand.Reader will be used.
func Sign ¶
func Sign(message []byte, privateKey PrivateKey) []byte
Sign signs the message with privateKey. The first SignatureSize bytes of the response will be the signature; the rest will be the message. It will panic if len(privateKey) is not PrivateKeySize.
Types ¶
type PrivateKey ¶
type PrivateKey ed25519.PrivateKey
PrivateKey is the type of Ed25519 private keys. It implements crypto.Signer.
func (PrivateKey) Public ¶
func (priv PrivateKey) Public() crypto.PublicKey
Public returns the PublicKey corresponding to priv.
func (PrivateKey) Sign ¶
func (priv PrivateKey) Sign(rand io.Reader, message []byte, opts crypto.SignerOpts) (signature []byte, err error)
Sign signs the given message with priv. Ed25519 performs two passes over messages to be signed and therefore cannot handle pre-hashed messages. Thus opts.HashFunc() must return zero to indicate the message hasn't been hashed. This can be achieved by passing crypto.Hash(0) as the value for opts.