README
¶
Saltpack
See saltpack.org for more details.
This github.com/keys-pub/keys/saltpack package allows you to encrypt/decrypt, sign/verify using Saltpack.
Examples
Documentation
¶
Overview ¶
Package saltpack integrates keys with Saltpack (saltpack.org).
Index ¶
- func Decrypt(b []byte, armored bool, kr Keyring) ([]byte, *keys.X25519PublicKey, error)
- func Encrypt(b []byte, armored bool, sender *keys.X25519Key, recipients ...keys.ID) ([]byte, error)
- func NewDecryptStream(r io.Reader, armored bool, kr Keyring) (io.Reader, *keys.X25519PublicKey, error)
- func NewEncryptStream(w io.Writer, armored bool, sender *keys.X25519Key, recipients ...keys.ID) (io.WriteCloser, error)
- func NewSignStream(w io.Writer, armored bool, detached bool, key *keys.EdX25519Key) (io.WriteCloser, error)
- func NewSigncryptOpenStream(r io.Reader, armored bool, kr Keyring) (io.Reader, *keys.EdX25519PublicKey, error)
- func NewSigncryptStream(w io.Writer, armored bool, sender *keys.EdX25519Key, recipients ...keys.ID) (io.WriteCloser, error)
- func NewVerifyStream(r io.Reader) (io.Reader, keys.ID, error)
- func SetLogger(l Logger)
- func Sign(b []byte, armored bool, key *keys.EdX25519Key) ([]byte, error)
- func SignDetached(b []byte, armored bool, key *keys.EdX25519Key) ([]byte, error)
- func SignFile(in string, out string, key *keys.EdX25519Key, armored bool, detached bool) error
- func Signcrypt(b []byte, armored bool, sender *keys.EdX25519Key, recipients ...keys.ID) ([]byte, error)
- func SigncryptOpen(b []byte, armored bool, kr Keyring) ([]byte, *keys.EdX25519PublicKey, error)
- func StripBefore(message string) string
- func Verify(b []byte) ([]byte, keys.ID, error)
- func VerifyDetached(sig []byte, b []byte) (keys.ID, error)
- func VerifyDetachedReader(sig []byte, r io.Reader) (keys.ID, error)
- func VerifyFile(in string, out string) (keys.ID, error)
- func VerifyFileDetached(sig []byte, path string) (keys.ID, error)
- type ContextLogger
- type Encoding
- type Keyring
- type LogLevel
- type Logger
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Decrypt ¶
Decrypt bytes. If there was a sender, will return the X25519 public key.
Example ¶
package main
import (
"fmt"
"log"
"github.com/keys-pub/keys"
"github.com/keys-pub/keys/saltpack"
)
func main() {
// Message from ExampleEncrypt
aliceID := keys.ID("kbx17jhqvdrgdyruyseuaat0rerj7ep4n63n4klufzxtzmk9p3d944gs4fg39g")
encrypted := []byte(`BEGIN SALTPACK ENCRYPTED MESSAGE.
kcJn5brvybfNjz6 D5ll2Nk0YiiGFCz I2xgcLXuPzYNBe3 OboFDA8Gh0TxosH yo82IRf2OZzteqO
GaPWlm7t0lC0M0U vNnOvsussLf1nMw Oo1Llf9oAbA7qxa GjupUEWnTgyjjUn GKb3WvtjSgRsJS2
Y92GMEx8cHvbGrJ zvLGlbqAhEIDNZ2 SE15aoV6ahVxeVH 1inHyghv3H1oTAC K86mBl4fg9FY1QK
4n0gLOmSHbD8UYH V3HAPS0yaBC4xJB g3y04Xcqiij36Nb WmJgvSFdGugXd7O yfU.
END SALTPACK ENCRYPTED MESSAGE.
`)
// Bob is keys.ID("kbx18x22l7nemmxcj76f9l3aaflc5487lp5u5q778gpe3t3wzhlqvu8qxa9z07")
key := `BEGIN X25519 KEY MESSAGE.
umCRo9iHIudLWoz 4Ugt0hUXQVJ7lhV p7A9mb3kOTg6PeV fhqetAc9ZOUjagi
91gENEkp0xfjF2E Tyakwe90kzo1FNT gRacWRL5B59strN OoZYHQooqvlMKM.
END X25519 KEY MESSAGE.`
bob, err := keys.DecodeSaltpackKey(key, "", true)
if err != nil {
log.Fatal(err)
}
// Bob decrypts
out, sender, err := saltpack.Decrypt(encrypted, true, saltpack.NewKeyring(bob))
if err != nil {
log.Fatal(err)
}
if sender != nil && sender.ID() == aliceID {
fmt.Printf("signer is alice\n")
}
fmt.Printf("%s\n", string(out))
}
Output: signer is alice hi bob
func Encrypt ¶
Encrypt to recipients. Sender can be nil, if you want it to be anonymous. https://saltpack.org/encryption-format-v2
Example ¶
package main
import (
"fmt"
"log"
"github.com/keys-pub/keys"
"github.com/keys-pub/keys/saltpack"
)
func main() {
alice := keys.GenerateX25519Key()
bob := keys.GenerateX25519Key()
message := []byte("hi bob")
// Encrypt from alice to bob
encrypted, err := saltpack.Encrypt(message, true, alice, bob.ID())
if err != nil {
log.Fatal(err)
}
fmt.Printf("%d", len(encrypted))
}
Output: 375
func NewDecryptStream ¶
func NewDecryptStream(r io.Reader, armored bool, kr Keyring) (io.Reader, *keys.X25519PublicKey, error)
NewDecryptStream creates a decrypt stream. If there was a sender, will return a X25519 key ID.
func NewEncryptStream ¶
func NewEncryptStream(w io.Writer, armored bool, sender *keys.X25519Key, recipients ...keys.ID) (io.WriteCloser, error)
NewEncryptStream creates an encrypted armored io.WriteCloser. Sender can be nil, if you want it to be anonymous.
func NewSignStream ¶
func NewSignStream(w io.Writer, armored bool, detached bool, key *keys.EdX25519Key) (io.WriteCloser, error)
NewSignStream ...
func NewSigncryptOpenStream ¶
func NewSigncryptOpenStream(r io.Reader, armored bool, kr Keyring) (io.Reader, *keys.EdX25519PublicKey, error)
NewSigncryptOpenStream creates a signcrypt open stream.
func NewSigncryptStream ¶
func NewSigncryptStream(w io.Writer, armored bool, sender *keys.EdX25519Key, recipients ...keys.ID) (io.WriteCloser, error)
NewSigncryptStream creates a signcrypt stream.
func NewVerifyStream ¶
NewVerifyStream ...
func Sign ¶
Sign ...
Example ¶
package main
import (
"fmt"
"log"
"github.com/keys-pub/keys"
"github.com/keys-pub/keys/saltpack"
)
func main() {
alice := keys.GenerateEdX25519Key()
message := []byte("hi from alice")
sig, err := saltpack.Sign(message, true, alice)
if err != nil {
log.Fatal(err)
}
fmt.Printf("%s\n", alice.ID())
fmt.Printf("%s\n", sig)
}
Output:
func SignDetached ¶
SignDetached ...
Example ¶
package main
import (
"fmt"
"log"
"github.com/keys-pub/keys"
"github.com/keys-pub/keys/saltpack"
)
func main() {
alice := keys.GenerateEdX25519Key()
message := []byte("hi from alice")
sig, err := saltpack.SignDetached(message, true, alice)
if err != nil {
log.Fatal(err)
}
fmt.Printf("%s", sig)
}
Output:
func Signcrypt ¶
func Signcrypt(b []byte, armored bool, sender *keys.EdX25519Key, recipients ...keys.ID) ([]byte, error)
Signcrypt to recipients. https://saltpack.org/signcryption-format
func SigncryptOpen ¶
SigncryptOpen ...
func Verify ¶
Verify ...
Example ¶
package main
import (
"fmt"
"log"
"github.com/keys-pub/keys"
"github.com/keys-pub/keys/saltpack"
)
func main() {
aliceID := keys.ID("kex1w2jep8dkr2s0g9kx5g6xe3387jslnlj08yactvn8xdtrx4cnypjq9rpnux")
signed := []byte(`BEGIN SALTPACK SIGNED MESSAGE.
kXR7VktZdyH7rvq v5wcIkHbs7mPCSd NhKLR9E0K47y29T QkuYinHym6EfZwL
1TwgxI3RQ52fHg5 1FzmLOMghcYLcV7 i0l0ovabGhxGrEl z7WuI4O3xMU5saq
U28RqUnKNroATPO 5rn2YyQcut2SeMn lXJBlDqRv9WyxjG M0PcKvsAsvmid1m
cqA4TCjz5V9VpuO zuIQ55lRQLeP5kU aWFxq5Nl8WsPqlR RdX86OuTbaKUvKI
wdNd6ISacrT0I82 qZ71sc7sTxiMxoI P43uCGaAZZ3Ab62 vR8N6WQPE8.
END SALTPACK SIGNED MESSAGE.`)
out, signer, err := saltpack.Verify(signed)
if err != nil {
log.Fatal(err)
}
if signer == aliceID {
fmt.Printf("signer is alice\n")
}
fmt.Printf("%s\n", string(out))
}
Output: signer is alice hi from alice
func VerifyDetachedReader ¶
VerifyDetachedReader ...
func VerifyFile ¶
VerifyFile outputs verified file from in path.
Types ¶
type ContextLogger ¶
type ContextLogger interface {
Debugf(ctx context.Context, format string, args ...interface{})
Infof(ctx context.Context, format string, args ...interface{})
Warningf(ctx context.Context, format string, args ...interface{})
Errorf(ctx context.Context, format string, args ...interface{})
}
ContextLogger interface used in this package with request context.
type Encoding ¶
type Encoding string
Encoding for saltpack (armored vs binary, encrypt vs signcrypt).
const ( // UnknownEncoding is unknown. UnknownEncoding Encoding = "" // EncryptEncoding used saltpack.Encrypt EncryptEncoding Encoding = "encrypt" // SigncryptEncoding used saltpack.Signcrypt SigncryptEncoding Encoding = "signcrypt" // SignEncoding used saltpack.Sign SignEncoding Encoding = "sign" )
Source Files
Click to show internal directories.
Click to hide internal directories.