Versions in this module Expand all Collapse all v1 v1.0.1 Jan 28, 2026 v1.0.0 Jan 16, 2026 Changes in this version + const MaxKeyNameLength + const MaxMetadataLength type KeyInfo + func NewKeyInfo(name string, keyType KeyType, createdAt time.Time, publicKey []byte, ...) KeyInfo type KeyPath + func (k KeyPath) HasPrefix(prefix KeyPath) bool type VerifyResponse + func Verify(ctx context.Context, req VerifyRequest) (VerifyResponse, error) v0 v0.1.0 Dec 8, 2025 Changes in this version + const MaxEncryptionPayloadSize + var AllDigitalSignatureKeyTypes = KeyTypeList + var AllEncryptionKeyTypes = KeyTypeList + var AllKeyTypes = KeyTypeList + var ErrDecryptionFailed = errors.New("decryption operation failed") + var ErrEncryptionFailed = errors.New("encryption operation failed") + var ErrInvalidKeyName = fmt.Errorf("invalid key name") + var ErrInvalidSignRequest = errors.New("invalid sign request") + var ErrInvalidVerifyRequest = errors.New("invalid verify request") + var ErrKeyAlreadyExists = fmt.Errorf("key already exists") + var ErrKeyNotFound = fmt.Errorf("key not found") + var ErrSharedSecretFailed = errors.New("shared secret derivation failed") + var ErrUnimplemented = errors.New("unimplemented") + var ErrUnsupportedKeyType = fmt.Errorf("unsupported key type") + func ValidKeyName(name string) error + type Admin interface + CreateKeys func(ctx context.Context, req CreateKeysRequest) (CreateKeysResponse, error) + DeleteKeys func(ctx context.Context, req DeleteKeysRequest) (DeleteKeysResponse, error) + ExportKeys func(ctx context.Context, req ExportKeysRequest) (ExportKeysResponse, error) + ImportKeys func(ctx context.Context, req ImportKeysRequest) (ImportKeysResponse, error) + RenameKey func(ctx context.Context, req RenameKeyRequest) (RenameKeyResponse, error) + SetMetadata func(ctx context.Context, req SetMetadataRequest) (SetMetadataResponse, error) + type CoreKeystore struct + func NewCoreKeystore(ks Keystore) *CoreKeystore + func (c *CoreKeystore) Accounts(ctx context.Context) ([]string, error) + func (c *CoreKeystore) Decrypt(ctx context.Context, account string, data []byte) ([]byte, error) + func (c *CoreKeystore) Sign(ctx context.Context, account string, data []byte) ([]byte, error) + type CreateKeyRequest struct + KeyName string + KeyType KeyType + type CreateKeyResponse struct + KeyInfo KeyInfo + type CreateKeysRequest struct + Keys []CreateKeyRequest + type CreateKeysResponse struct + Keys []CreateKeyResponse + type DecryptRequest struct + EncryptedData []byte + KeyName string + type DecryptResponse struct + Data []byte + type DeleteKeysRequest struct + KeyNames []string + type DeleteKeysResponse struct + type DeriveSharedSecretRequest struct + KeyName string + RemotePubKey []byte + type DeriveSharedSecretResponse struct + SharedSecret []byte + type EncryptRequest struct + Data []byte + RemoteKeyType KeyType + RemotePubKey []byte + type EncryptResponse struct + EncryptedData []byte + type EncryptionParams struct + Password string + ScryptParams ScryptParams + type Encryptor interface + Decrypt func(ctx context.Context, req DecryptRequest) (DecryptResponse, error) + DeriveSharedSecret func(ctx context.Context, req DeriveSharedSecretRequest) (DeriveSharedSecretResponse, error) + Encrypt func(ctx context.Context, req EncryptRequest) (EncryptResponse, error) + type ExportKeyParam struct + Enc EncryptionParams + KeyName string + type ExportKeyResponse struct + Data []byte + KeyName string + type ExportKeysRequest struct + Keys []ExportKeyParam + type ExportKeysResponse struct + Keys []ExportKeyResponse + type FileStorage struct + func NewFileStorage(name string) *FileStorage + func (f *FileStorage) GetEncryptedKeystore(ctx context.Context) ([]byte, error) + func (f *FileStorage) PutEncryptedKeystore(ctx context.Context, encryptedKeystore []byte) error + type GetKeyRequest struct + KeyName string + type GetKeyResponse struct + KeyInfo KeyInfo + type GetKeysRequest struct + KeyNames []string + type GetKeysResponse struct + Keys []GetKeyResponse + type ImportKeyRequest struct + Data []byte + NewKeyName string + Password string + type ImportKeysRequest struct + Keys []ImportKeyRequest + type ImportKeysResponse struct + type KeyInfo struct + CreatedAt time.Time + KeyType KeyType + Metadata []byte + Name string + PublicKey []byte + type KeyPath []string + func NewKeyPath(segments ...string) KeyPath + func NewKeyPathFromString(fullName string) KeyPath + func (k KeyPath) Base() string + func (k KeyPath) String() string + type KeyType string + const ECDH_P256 + const ECDSA_S256 + const Ed25519 + const X25519 + func (k KeyType) IsDigitalSignatureKeyType() bool + func (k KeyType) IsEncryptionKeyType() bool + func (k KeyType) String() string + type KeyTypeList []KeyType + func (k KeyTypeList) String() string + type Keystore interface + func LoadKeystore(ctx context.Context, storage Storage, password string, opts ...Option) (Keystore, error) + type MemoryStorage struct + func NewMemoryStorage() *MemoryStorage + func (m *MemoryStorage) GetEncryptedKeystore(ctx context.Context) ([]byte, error) + func (m *MemoryStorage) PutEncryptedKeystore(ctx context.Context, data []byte) error + type Option func(*keystore) + func WithLogger(l *slog.Logger) Option + func WithScryptParams(sp ScryptParams) Option + type Reader interface + GetKeys func(ctx context.Context, req GetKeysRequest) (GetKeysResponse, error) + type RenameKeyRequest struct + NewName string + OldName string + type RenameKeyResponse struct + type ScryptParams struct + N int + P int + var DefaultScryptParams = ScryptParams{ ... } + var FastScryptParams ScryptParams = ScryptParams{ ... } + type SetMetadataRequest struct + Updates []SetMetadataUpdate + type SetMetadataResponse struct + type SetMetadataUpdate struct + KeyName string + Metadata []byte + type SignRequest struct + Data []byte + KeyName string + type SignResponse struct + Signature []byte + type Signer interface + Sign func(ctx context.Context, req SignRequest) (SignResponse, error) + Verify func(ctx context.Context, req VerifyRequest) (VerifyResponse, error) + type Storage interface + GetEncryptedKeystore func(ctx context.Context) ([]byte, error) + PutEncryptedKeystore func(ctx context.Context, encryptedKeystore []byte) error + type UnimplementedAdmin struct + func (UnimplementedAdmin) CreateKeys(ctx context.Context, req CreateKeysRequest) (CreateKeysResponse, error) + func (UnimplementedAdmin) DeleteKeys(ctx context.Context, req DeleteKeysRequest) (DeleteKeysResponse, error) + func (UnimplementedAdmin) ExportKeys(ctx context.Context, req ExportKeysRequest) (ExportKeysResponse, error) + func (UnimplementedAdmin) ImportKeys(ctx context.Context, req ImportKeysRequest) (ImportKeysResponse, error) + func (UnimplementedAdmin) RenameKey(ctx context.Context, req RenameKeyRequest) (RenameKeyResponse, error) + func (UnimplementedAdmin) SetMetadata(ctx context.Context, req SetMetadataRequest) (SetMetadataResponse, error) + type UnimplementedEncryptor struct + func (UnimplementedEncryptor) Decrypt(ctx context.Context, req DecryptRequest) (DecryptResponse, error) + func (UnimplementedEncryptor) DeriveSharedSecret(ctx context.Context, req DeriveSharedSecretRequest) (DeriveSharedSecretResponse, error) + func (UnimplementedEncryptor) Encrypt(ctx context.Context, req EncryptRequest) (EncryptResponse, error) + type UnimplementedKeystore struct + type UnimplementedReader struct + func (UnimplementedReader) GetKeys(ctx context.Context, req GetKeysRequest) (GetKeysResponse, error) + type UnimplementedSigner struct + func (UnimplementedSigner) Sign(ctx context.Context, req SignRequest) (SignResponse, error) + func (UnimplementedSigner) Verify(ctx context.Context, req VerifyRequest) (VerifyResponse, error) + type VerifyRequest struct + Data []byte + KeyType KeyType + PublicKey []byte + Signature []byte + type VerifyResponse struct + Valid bool
Go to main page