apikey

package
v0.8.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 19, 2025 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Overview

Package apikey manages Turnkey API keys for organizations

Index

Constants

View Source 
const (
	// CurveP256 is the wrapped form of the shorthand for the p256 curve.
	CurveP256 = Curve("p256")
	// CurveSecp256k1 is the wrapped form of the shorthand for the secp256k1 curve.
	CurveSecp256k1 = Curve("secp256k1")
	// CurveEd25519 is the wrapped form of the shorthand for the ed25519 curve.
	CurveEd25519 = Curve("ed25519")

	// SchemeUnsupported is a placeholder for scheme not supported by the API, returned
	// if invalid Curve value is supplied to CurveToScheme.
	SchemeUnsupported = signatureScheme("")
	// SchemeP256 is the API enum value for p256 curve.
	SchemeP256 = signatureScheme("SIGNATURE_SCHEME_TK_API_P256")
	// SchemeSECP256K1 is the API enum value for secp256k1 curve.
	SchemeSECP256K1 = signatureScheme("SIGNATURE_SCHEME_TK_API_SECP256K1")
	// SchemeED25519 is the API enum value for ed25519 curve.
	SchemeED25519 = signatureScheme("SIGNATURE_SCHEME_TK_API_ED25519")
)
View Source 
const TurnkeyECDSAPublicKeyBytes = 33

TurnkeyECDSAPublicKeyBytes is the expected number of bytes for a public ECDSA key.

Variables

This section is empty.

Functions

func DecodeTurnkeyPublicECDSAKey 

func DecodeTurnkeyPublicECDSAKey(encodedPublicKey string, scheme signatureScheme) (*ecdsa.PublicKey, error)

DecodeTurnkeyPublicECDSAKey takes a Turnkey-encoded public key and creates an ECDSA public key.

func EncodePrivateECDSAKey 

func EncodePrivateECDSAKey(privateKey *ecdsa.PrivateKey) string

EncodePrivateECDSAKey encodes an ECDSA private key into the Turnkey format. For now, "Turnkey format" = raw DER form.

func EncodePublicECDSAKey 

func EncodePublicECDSAKey(publicKey *ecdsa.PublicKey) string

EncodePublicECDSAKey encodes an ECDSA public key into the Turnkey format. For now, "Turnkey format" = standard compressed form for ECDSA keys.

func ExtractSignatureSchemeFromSuffixedPrivateKey 

func ExtractSignatureSchemeFromSuffixedPrivateKey(data string) (string, signatureScheme, error)

ExtractSignatureSchemeFromSuffixedPrivateKey infers the signature type from a suffix appended to the end of the private key data (e.g. "deadbeef0123:secp256k1").

func Stamp 

func Stamp(message []byte, apiKey *Key) (out string, err error)

Stamp generates a signing stamp for the given message with the given API key. The resulting stamp should be added as the "X-Stamp" header of an API request.

func WithScheme 

func WithScheme(scheme signatureScheme) optionFunc

Types

type APIStamp 

type APIStamp struct {
	// API public key, hex-encoded
	PublicKey string `json:"publicKey"`

	// Signature is the P-256 signature bytes, hex-encoded
	Signature string `json:"signature"`

	// Signature scheme. Can be set to "SIGNATURE_SCHEME_TK_API_P256", "SIGNATURE_SCHEME_TK_API_SECP256K1",
	// or "SIGNATURE_SCHEME_TK_API_ED25519"
	Scheme signatureScheme `json:"scheme"`
}

APIStamp defines the stamp format used to authenticate payloads to the API.

type Curve 

type Curve string

Curve is a wrapped abbreviated version of curve; use with CurveToScheme to produce signatureScheme, which is non-exported to limit options.

func (Curve) ToScheme 

func (c Curve) ToScheme() signatureScheme

ToScheme returns a Curve's associated signatureScheme.

type Key 

type Key struct {
	Metadata

	TkPrivateKey string `json:"-"` // do not store the private key in the metadata file
	TkPublicKey  string `json:"public_key"`
	// contains filtered or unexported fields
}

Key defines a structure in which to hold both serialized and ecdsa-lib-friendly versions of a Turnkey API keypair.

func FromECDSAPrivateKey 

func FromECDSAPrivateKey(privateKey *ecdsa.PrivateKey, scheme signatureScheme) (*Key, error)

FromECDSAPrivateKey takes an ECDSA keypair and forms a Turnkey API key from it. Assumes that privateKey.PublicKey has already been derived.

func FromED25519PrivateKey 

func FromED25519PrivateKey(privateKey ed25519.PrivateKey) (*Key, error)

FromED25519PrivateKey takes an ED25519 keypair and forms a Turnkey API key from it.

func FromTurnkeyPrivateKey 

func FromTurnkeyPrivateKey(encodedPrivateKey string, scheme signatureScheme) (*Key, error)

FromTurnkeyPrivateKey takes a Turnkey-encoded private key, derives a public key from it, and then returns the corresponding Turnkey API key.

func New 

func New(organizationID string, opts ...optionFunc) (*Key, error)

New generates a new Turnkey API key.

func (Key) GetCurve 

func (k Key) GetCurve() string

GetCurve returns the curve used; defaults to p256 for backwards compatibility with keys created before there were multiple supported types.

func (Key) GetMetadata 

func (k Key) GetMetadata() Metadata

GetMetadata gets the key's metadata.

func (Key) GetPrivateKey 

func (k Key) GetPrivateKey() string

GetPrivateKey gets the key's private key.

func (Key) GetPublicKey 

func (k Key) GetPublicKey() string

GetPublicKey gets the key's public key.

func (Key) LoadMetadata 

func (k Key) LoadMetadata(fn string) (*Metadata, error)

LoadMetadata loads a JSON metadata file.

func (*Key) MergeMetadata 

func (k *Key) MergeMetadata(md Metadata) error

MergeMetadata merges the given metadata with the api key.

type Metadata 

type Metadata struct {
	Name          string   `json:"name"`
	Organizations []string `json:"organizations"`
	PublicKey     string   `json:"public_key"`
	Scheme        string   `json:"scheme"`
}

Metadata stores non-secret metadata about the API key.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.