crypto

package
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 7, 2026 License: MPL-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	// ErrIdentityExists is returned when Generate is called but a key is already loaded.
	ErrIdentityExists = errors.New("a2al/crypto: identity already exists")
	// ErrNoIdentity is returned when signing is requested before Load or Generate.
	ErrNoIdentity = errors.New("a2al/crypto: no identity loaded")
	// ErrWrongPassphrase is returned when the ciphertext cannot be authenticated.
	ErrWrongPassphrase = errors.New("a2al/crypto: wrong passphrase or corrupted blob")
)

Functions

func AddressFromPublicKey 

func AddressFromPublicKey(pub ed25519.PublicKey) (a2al.Address, error)

AddressFromPublicKey derives the A2AL Address for an Ed25519 public key (spec §6.1).

func CompactSignedMessageHash 

func CompactSignedMessageHash(message string) []byte

CompactSignedMessageHash returns double-SHA256 of the varint-prefixed magic + message, matching the Bitcoin Core / Paralism signmessage format.

func EIP191Hash 

func EIP191Hash(message string) []byte

EIP191Hash is Keccak256("\x19Ethereum Signed Message:\n" + len + message) per EIP-191.

func EthPubKeyToAddress20 

func EthPubKeyToAddress20(pub *secp256k1.PublicKey) ([20]byte, error)

EthPubKeyToAddress20 derives the 20-byte Ethereum address from an uncompressed secp256k1 public key.

func GenerateEd25519 

func GenerateEd25519() (ed25519.PrivateKey, ed25519.PublicKey, error)

GenerateEd25519 returns a new Ed25519 key pair (private, public).

func GenerateSecp256k1PrivateKey 

func GenerateSecp256k1PrivateKey() (*secp256k1.PrivateKey, error)

GenerateSecp256k1PrivateKey creates a random secp256k1 private key.

func Hash160 

func Hash160(b []byte) [20]byte

Hash160 returns RIPEMD160(SHA256(b)).

func Keccak256 

func Keccak256(b []byte) []byte

Keccak256 returns the Keccak-256 hash (Ethereum precompile, not SHA3-256).

func RecoverEthereumPubKey 

func RecoverEthereumPubKey(message string, sig65 []byte) (*secp256k1.PublicKey, error)

RecoverEthereumPubKey recovers the signer public key from an EIP-191 signature (r||s||v, v=27|28).

func Secp256k1PubKeyToHash160 

func Secp256k1PubKeyToHash160(pub *secp256k1.PublicKey, compressed bool) ([20]byte, error)

Secp256k1PubKeyToHash160 returns HASH160 of the compressed or uncompressed secp256k1 pubkey serialization.

func SignCompactMessage 

func SignCompactMessage(priv *secp256k1.PrivateKey, message string, compressedPubKey bool) ([]byte, error)

SignCompactMessage signs message using the Bitcoin/Paralism compact signmessage format. Returns a 65-byte compact signature (recovery||r||s).

func SignDetached 

func SignDetached(priv ed25519.PrivateKey, message []byte) []byte

SignDetached signs message with the private key (Ed25519).

func SignEIP191 

func SignEIP191(priv *secp256k1.PrivateKey, message string) ([]byte, error)

SignEIP191 signs message with Ethereum personal_sign semantics. Returns 65-byte r||s||v (v ∈ {27,28}).

func VerifyCompactMessageSignature 

func VerifyCompactMessageSignature(addr20 [20]byte, message string, sig65 []byte) error

VerifyCompactMessageSignature verifies a compact signature against CompactSignedMessageHash(message) and checks that the recovered address matches addr20 (HASH160 of pubkey).

func VerifyDetached 

func VerifyDetached(pub ed25519.PublicKey, message, sig []byte) bool

VerifyDetached verifies an Ed25519 signature.

func VerifyEIP191Signature 

func VerifyEIP191Signature(addr20 [20]byte, message string, sig65 []byte) error

VerifyEIP191Signature checks that sig is a valid personal_sign for message from addr20.

func Wipe 

func Wipe(b []byte)

Wipe overwrites b with zeros. Use in defer to clear sensitive key material. In practice the Go compiler does not eliminate these stores because callers pass slices that remain reachable via defer. If a future Go version proves more aggressive, replace with a runtime.KeepAlive(b) tail call or use golang.org/x/sys/unix.Mlock / crypto/subtle equivalents. TODO: revisit when Go provides an official "secure zero" intrinsic.

Types

type EncryptedKeyStore 

type EncryptedKeyStore struct {
	// contains filtered or unexported fields
}

EncryptedKeyStore stores a single Ed25519 identity in a2al.Storage as an Argon2id + XChaCha20-Poly1305 encrypted blob. Passphrase is required to encrypt/decrypt.

func NewEncryptedKeyStore 

func NewEncryptedKeyStore(stg a2al.Storage, blobKey string, passphrase []byte) *EncryptedKeyStore

NewEncryptedKeyStore creates a keystore. blobKey is the Storage key (e.g. "identity.ed25519"); if empty, defaultIdentityStore is used.

func (*EncryptedKeyStore) Ed25519PrivateKey 

func (e *EncryptedKeyStore) Ed25519PrivateKey(address a2al.Address) (ed25519.PrivateKey, error)

Ed25519PrivateKey returns a copy of the decrypted identity for QUIC/TLS (Phase 2). Requires Load or Generate first.

func (*EncryptedKeyStore) Generate 

func (e *EncryptedKeyStore) Generate(keyType KeyType) (PrivateKey, error)

Generate creates a new Ed25519 identity and encrypts it to Storage. Fails with ErrIdentityExists if a key is already in memory.

func (*EncryptedKeyStore) List 

func (e *EncryptedKeyStore) List() ([]a2al.Address, error)

List implements KeyStore.

func (*EncryptedKeyStore) Load 

func (e *EncryptedKeyStore) Load() error

Load reads and decrypts the identity from Storage. Missing blob leaves the store empty (no error).

func (*EncryptedKeyStore) PublicKey 

func (e *EncryptedKeyStore) PublicKey(address a2al.Address) ([]byte, error)

PublicKey implements KeyStore.

func (*EncryptedKeyStore) Sign 

func (e *EncryptedKeyStore) Sign(address a2al.Address, data []byte) ([]byte, error)

Sign implements KeyStore.

type KeyStore 

type KeyStore interface {
	Generate(keyType KeyType) (PrivateKey, error)
	Sign(address a2al.Address, data []byte) ([]byte, error)
	PublicKey(address a2al.Address) ([]byte, error)
	List() ([]a2al.Address, error)
}

KeyStore persists signing keys and performs signatures (spec §1.6).

type KeyType 

type KeyType byte

KeyType identifies the asymmetric algorithm used for an Agent identity. 

const (
	// KeyTypeEd25519 is the Phase 1 default (spec §6.1).
	KeyTypeEd25519 KeyType = 0x01
)

type PrivateKey 

type PrivateKey []byte

PrivateKey is Ed25519 private key material (64 bytes, per crypto/ed25519).

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.