README
¶
sigtool/sign - Ed25519 signature calculation and verification
This is a small library that makes it easier to create and serialize Ed25519 keys, and sign, verify files using those keys. The library uses mmap(2) to read and process very large files.
The companion program sigtool uses this library.
License
GPL v2.0
Documentation
¶
Overview ¶
Package sign implements Ed25519 signing, verification on files. It builds upon golang.org/x/crypto/ed25519 by adding methods for serializing and deserializing Ed25519 private & public keys.
It can sign and verify very large files - it prehashes the files with SHA-512 and then signs the SHA-512 checksum. The keys and signatures are YAML files and so, human readable.
It can encrypt files for multiple recipients - each of whom is identified by their Ed25519 public key. The encryption by default generates ephmeral Curve25519 keys and creates pair-wise shared secret for each recipient of the encrypted file. The caller can optionally use a specific secret key during the encryption process - this has the benefit of also authenticating the sender (and the receiver can verify the sender if they possess the corresponding public key).
The sign, verify, encrypt, decrypt operations can use OpenSSH Ed25519 keys *or* the keys generated by sigtool. This means, you can send encrypted files to any recipient identified by their comment in `~/.ssh/authorized_keys`.
Index ¶
- Constants
- Variables
- func Debug(level int)
- type Decryptor
- type Encryptor
- type PrivateKey
- func (sk *PrivateKey) MarshalBinary(comment string, pw []byte) ([]byte, error)
- func (sk *PrivateKey) PublicKey() *PublicKey
- func (sk *PrivateKey) Serialize(fn, comment string, ovwrite bool, pw []byte) error
- func (sk *PrivateKey) SignFile(fn string) (*Signature, error)
- func (sk *PrivateKey) SignMessage(ck []byte, comment string) (*Signature, error)
- func (sk *PrivateKey) ToCurve25519SK() []byte
- func (sk *PrivateKey) UnmarshalBinary(b []byte, getpw func() ([]byte, error)) error
- type PublicKey
- func (pk *PublicKey) Hash() []byte
- func (pk *PublicKey) MarshalBinary(comment string) ([]byte, error)
- func (pk *PublicKey) Serialize(fn, comment string, ovwrite bool) error
- func (pk *PublicKey) ToCurve25519PK() []byte
- func (pk *PublicKey) UnmarshalBinary(yml []byte) error
- func (pk *PublicKey) VerifyFile(fn string, sig *Signature) (bool, error)
- func (pk *PublicKey) VerifyMessage(ck []byte, sig *Signature) bool
- type Signature
Constants ¶
const PKHashLength = 16
Length of Ed25519 Public Key Hash
Variables ¶
var ( ErrClosed = errors.New("encrypt: stream already closed") ErrNoKey = errors.New("decrypt: no private key set for decryption") ErrEncStarted = errors.New("encrypt: can't add new recipient after encryption has started") ErrDecStarted = errors.New("decrypt: can't add new recipient after decryption has started") ErrEncIsStream = errors.New("encrypt: can't use Encrypt() after using streaming I/O") ErrNotSigTool = errors.New("decrypt: not a sigtool encrypted file?") ErrHeaderTooBig = errors.New("decrypt: header too large (max 1048576)") ErrHeaderTooSmall = errors.New("decrypt: header too small (min 32)") ErrBadHeader = errors.New("decrypt: header corrupted") ErrNoWrappedKeys = errors.New("decrypt: no wrapped keys in encrypted file") ErrBadKey = errors.New("decrypt: wrong key") ErrBadTrailer = errors.New("decrypt: message integrity failed (bad trailer)") ErrBadSender = errors.New("unwrap: sender verification failed") ErrNoSenderPK = errors.New("unwrap: missing sender public key") ErrIncorrectPassword = errors.New("ssh: invalid passphrase") ErrNoPEMFound = errors.New("ssh: no PEM block found") ErrBadPublicKey = errors.New("ssh: malformed public key") ErrKeyTooShort = errors.New("ssh: public key too short") ErrBadTrailers = errors.New("ssh: trailing junk in public key") ErrBadFormat = errors.New("ssh: invalid openssh private key format") ErrBadLength = errors.New("ssh: private key unexpected length") ErrBadPadding = errors.New("ssh: padding not as expected") )
Functions ¶
Types ¶
type Decryptor ¶
Decryptor holds the decryption context
func NewDecryptor ¶
Create a new decryption context and if 'pk' is given, check that it matches the sender
func (*Decryptor) AuthenticatedSender ¶
AuthenticatedSender returns true if the sender authenticated themselves (the data-encryption key is signed).
func (*Decryptor) NewStreamReader ¶
NewStreamReader returns an io.Reader to read from the decrypted stream
func (*Decryptor) SetPrivateKey ¶
func (d *Decryptor) SetPrivateKey(sk *PrivateKey, senderPk *PublicKey) error
Use Private Key 'sk' to decrypt the encrypted keys in the header and optionally validate the sender
type Encryptor ¶
Encryptor holds the encryption context
func NewEncryptor ¶
func NewEncryptor(sk *PrivateKey, blksize uint64) (*Encryptor, error)
Create a new Encryption context for encrypting blocks of size 'blksize'. If 'sk' is not nil, authenticate the sender to each receiver.
func (*Encryptor) AddRecipient ¶
Add a new recipient to this encryption context.
func (*Encryptor) NewStreamWriter ¶
func (e *Encryptor) NewStreamWriter(wr io.WriteCloser) (io.WriteCloser, error)
NewStreamWriter begins stream encryption to an underlying destination writer 'wr'. It returns an io.WriteCloser.
type PrivateKey ¶
type PrivateKey struct {
Sk []byte
// contains filtered or unexported fields
}
Private Ed25519 key
func MakePrivateKey ¶
func MakePrivateKey(yml []byte, getpw func() ([]byte, error)) (*PrivateKey, error)
Make a private key from bytes 'yml' using optional caller provided getpw() function to read the password if needed. are assumed to be serialized version of the private key.
func NewPrivateKey ¶
func NewPrivateKey() (*PrivateKey, error)
NewPrivateKey generates a new Ed25519 private key
func PrivateKeyFromBytes ¶
func PrivateKeyFromBytes(buf []byte) (*PrivateKey, error)
Make a private key from 64-bytes of extended Ed25519 key
func ReadPrivateKey ¶
func ReadPrivateKey(fn string, getpw func() ([]byte, error)) (*PrivateKey, error)
Read the private key in 'fn', optionally decrypting it using password 'pw' and create new instance of PrivateKey
func (*PrivateKey) MarshalBinary ¶
func (sk *PrivateKey) MarshalBinary(comment string, pw []byte) ([]byte, error)
MarshalBinary marshals the private key with a caller provided passphrase 'pw' and human readable 'comment'
func (*PrivateKey) PublicKey ¶
func (sk *PrivateKey) PublicKey() *PublicKey
Given a secret key, return the corresponding Public Key
func (*PrivateKey) Serialize ¶
func (sk *PrivateKey) Serialize(fn, comment string, ovwrite bool, pw []byte) error
Serialize the private key to file 'fn' using human readable 'comment' and encrypt the key with supplied passphrase 'pw'.
func (*PrivateKey) SignFile ¶
func (sk *PrivateKey) SignFile(fn string) (*Signature, error)
Read and sign a file
We calculate the signature differently here: We first calculate the SHA-512 checksum of the file and its size. We sign the checksum.
func (*PrivateKey) SignMessage ¶
func (sk *PrivateKey) SignMessage(ck []byte, comment string) (*Signature, error)
Sign a prehashed Message; return the signature as opaque bytes Signature is an YAML file:
Comment: source file path Signature: Ed25519 signature
func (*PrivateKey) ToCurve25519SK ¶
func (sk *PrivateKey) ToCurve25519SK() []byte
Convert an Ed25519 Private Key to Curve25519 Private key
func (*PrivateKey) UnmarshalBinary ¶
func (sk *PrivateKey) UnmarshalBinary(b []byte, getpw func() ([]byte, error)) error
UnmarshalBinary unmarshals the private key and optionally invokes the caller provided getpw() function to read the password if needed. If the input byte stream 'b' is an OpenSSH ed25519 key, this function transparently decodes it.
type PublicKey ¶
type PublicKey struct {
Pk []byte
// Comment string
Comment string
// contains filtered or unexported fields
}
Public Ed25519 key
func MakePublicKey ¶
Parse a serialized public in 'yml' and return the resulting public key instance
func MakePublicKeyFromString ¶
Make a public key from a string
func ParseAuthorizedKeys ¶
ParseAuthorizedKeys parses a public key from an authorized_keys file used in OpenSSH according to the sshd(8) manual page.
func PublicKeyFromBytes ¶
Make a public key from a byte string
func ReadPublicKey ¶
Read the public key from 'fn' and create new instance of PublicKey
func (*PublicKey) MarshalBinary ¶
MarshalBinary marshals a PublicKey into a byte array
func (*PublicKey) Serialize ¶
Serialize a PublicKey into file 'fn' with a human readable 'comment'. If 'ovwrite' is true, overwrite the file if it exists.
func (*PublicKey) ToCurve25519PK ¶
Convert an Ed25519 Public Key to Curve25519 public key from github.com/FiloSottile/age
func (*PublicKey) UnmarshalBinary ¶
UnmarshalBinary constructs a PublicKey from a previously marshaled byte stream instance. In addition, it is also capable of parsing an OpenSSH ed25519 public key.
func (*PublicKey) VerifyFile ¶
Verify a signature 'sig' for file 'fn' against public key 'pk' Return True if signature matches, False otherwise
type Signature ¶
type Signature struct {
Sig []byte // Ed25519 sig bytes
// contains filtered or unexported fields
}
An Ed25519 Signature
func ReadSignature ¶
Read serialized signature from file 'fn' and construct a Signature object
func (*Signature) IsPKMatch ¶
IsPKMatch returns true if public key 'pk' can potentially validate the signature. It does this by comparing the hash of 'pk' against 'Pkhash' of 'sig'.
func (*Signature) MarshalBinary ¶
MarshalBinary marshals a signature into a byte stream with an optional caller supplied comment.
func (*Signature) UnmarshalBinary ¶
UnmarshalBinary constructs a Signature from a previously serialized bytestream
Source Files