identity

package
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 9, 2026 License: MIT Imports: 9 Imported by: 5

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Ed25519PublicKeyToX25519 

func Ed25519PublicKeyToX25519(pub ed25519.PublicKey) (*ecdh.PublicKey, error)

Ed25519PublicKeyToX25519 converts a raw Ed25519 public key to X25519. This uses the birational map from the Edwards to Montgomery form: given an Edwards point with y-coordinate encoded in the public key, the Montgomery u-coordinate is (1 + y) / (1 - y) mod p, where p = 2^255 - 19. Note: this is a one-way conversion. When possible, prefer deriving from the seed via Keypair.

func ParsePublicKey 

func ParsePublicKey(s string) (ed25519.PublicKey, error)

ParsePublicKey decodes a base64-encoded public key string.

func ParseX25519PublicKey 

func ParseX25519PublicKey(s string) (*ecdh.PublicKey, error)

ParseX25519PublicKey decodes a base64-encoded X25519 public key string.

func SaveKeypair 

func SaveKeypair(kp *Keypair, path string) error

SaveKeypair writes the private key seed to a file (32 bytes, base64-encoded).

func Sign 

func Sign(privKey ed25519.PrivateKey, data []byte) string

Sign creates an Ed25519 signature over the data.

func SignEnvelope 

func SignEnvelope(env SignableEnvelope, privKey ed25519.PrivateKey)

SignEnvelope signs the envelope's payload and sets the signature field.

func Verify 

func Verify(pubKey ed25519.PublicKey, data []byte, sig string) error

Verify checks an Ed25519 signature.

func VerifyEnvelope 

func VerifyEnvelope(env SignableEnvelope, pubKey ed25519.PublicKey) error

VerifyEnvelope verifies the envelope's signature.

Types

type Keypair 

type Keypair struct {
	PublicKey  ed25519.PublicKey
	PrivateKey ed25519.PrivateKey
}

Keypair holds an Ed25519 key pair for agent identity.

func GenerateKeypair 

func GenerateKeypair() (*Keypair, error)

GenerateKeypair creates a new random Ed25519 key pair.

func KeypairFromSeed 

func KeypairFromSeed(seed []byte) (*Keypair, error)

KeypairFromSeed creates a deterministic key pair from a 32-byte seed.

func LoadKeypair 

func LoadKeypair(path string) (*Keypair, error)

LoadKeypair reads a keypair from a seed file.

func (*Keypair) PublicKeyString 

func (kp *Keypair) PublicKeyString() string

PublicKeyString returns the base64-encoded public key.

func (*Keypair) X25519PrivateKey 

func (kp *Keypair) X25519PrivateKey() (*ecdh.PrivateKey, error)

X25519PrivateKey derives an X25519 private key from the Ed25519 keypair's seed. The derivation matches the standard Ed25519-to-X25519 conversion used by libsodium: SHA-512 of the seed, clamp the lower 32 bytes.

func (*Keypair) X25519PublicKey 

func (kp *Keypair) X25519PublicKey() (*ecdh.PublicKey, error)

X25519PublicKey derives an X25519 public key from the Ed25519 keypair's seed. This uses the standard conversion: hash the Ed25519 seed with SHA-512, clamp the first 32 bytes, and use that as the X25519 private key to derive the public key.

func (*Keypair) X25519PublicKeyString 

func (kp *Keypair) X25519PublicKeyString() (string, error)

X25519PublicKeyString returns the base64-encoded X25519 public key.

type SignableEnvelope 

type SignableEnvelope interface {
	SigningPayload() []byte
	SetSignature(sig string)
	GetSignature() string
}

SignableEnvelope defines the fields needed for envelope signing. This avoids a circular import with the envelope package.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.