keystore

package

v0.2.0 Latest Latest Go to latest Published: Mar 20, 2026 License: Apache-2.0 Imports: 14 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/agentic-research/signet

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func DeleteMasterKeySecure() error
func GetKeyIDInsecure(signetPath string) (string, error)
func GetKeyIDSecure() (string, error)
func InitializeInsecure(signetPath string, force bool) error
func InitializeSecure(force bool, alg ...algorithm.Algorithm) error
func LoadMasterKeyInsecure(signetPath string) (*keys.Ed25519Signer, error)
func LoadMasterKeySecure() (*keys.Ed25519Signer, error)
func LoadMasterKeySecureGeneric() (algorithm.Algorithm, crypto.Signer, error)

Constants ¶

View Source

const (
	// ServiceName is the identifier used in the OS keyring
	ServiceName = "signet"
	// MasterKeyItem is the key identifier for the master key
	MasterKeyItem = "master-key"
)

Variables ¶

This section is empty.

Functions ¶

func DeleteMasterKeySecure ¶

func DeleteMasterKeySecure() error

DeleteMasterKeySecure removes the master key from the OS keyring

func GetKeyIDInsecure ¶

func GetKeyIDInsecure(signetPath string) (string, error)

GetKeyIDInsecure returns the key ID from a file (for testing)

func GetKeyIDSecure ¶

func GetKeyIDSecure() (string, error)

GetKeyIDSecure returns the key ID (hex-encoded public key) from the OS keyring

SECURITY: This function accesses a secret that is loaded into memory as a string. Due to Go's string immutability, the secret may persist in memory until garbage collected. See package-level documentation for more details.

func InitializeInsecure ¶

func InitializeInsecure(signetPath string, force bool) error

InitializeInsecure generates a master key and stores it in a file (for testing). Only supports Ed25519 (file-based storage is for testing/fallback).

func InitializeSecure ¶

func InitializeSecure(force bool, alg ...algorithm.Algorithm) error

InitializeSecure generates a master key and stores it in the OS keyring. The alg parameter specifies which algorithm to use (empty string defaults to Ed25519).

func LoadMasterKeyInsecure ¶

func LoadMasterKeyInsecure(signetPath string) (*keys.Ed25519Signer, error)

LoadMasterKeyInsecure loads the master key from a file (for testing)

func LoadMasterKeySecure ¶

func LoadMasterKeySecure() (*keys.Ed25519Signer, error)

LoadMasterKeySecure loads the master key from the OS keyring. Returns a crypto.Signer that the caller must Destroy() when done (if the signer implements a Destroy() method).

SECURITY: This function returns a key derived from a secret that is loaded into memory as a string. Due to Go's string immutability, the secret may persist in memory until garbage collected. See package-level documentation for more details.

func LoadMasterKeySecureGeneric ¶

func LoadMasterKeySecureGeneric() (algorithm.Algorithm, crypto.Signer, error)

LoadMasterKeySecureGeneric loads any algorithm's master key from the OS keyring. Returns the algorithm used and a crypto.Signer.

Types ¶

This section is empty.

Source Files ¶

View all Source files

secure.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL