Beispiel #1
0
// ED25519ToPrivateKey converts a serialized ED25519 key to a TUF
// data.PrivateKey type
func ED25519ToPrivateKey(privKeyBytes []byte) (data.PrivateKey, error) {
	if len(privKeyBytes) != ed25519.PublicKeySize+ed25519.PrivateKeySize {
		return nil, errors.New("malformed ed25519 private key")
	}

	pubKey := data.NewED25519PublicKey(privKeyBytes[:ed25519.PublicKeySize])
	return data.NewED25519PrivateKey(*pubKey, privKeyBytes)
}
Beispiel #2
0
// ImportRootKey adds an Ed25519 key to the store as a root key
func (e *Ed25519) ImportRootKey(r io.Reader) error {
	raw, err := ioutil.ReadAll(r)
	if err != nil {
		return err
	}
	dataSize := ed25519.PublicKeySize + ed25519.PrivateKeySize
	if len(raw) < dataSize || len(raw) > dataSize {
		return errors.New("Wrong length of data for Ed25519 Key Import")
	}
	public := data.NewED25519PublicKey(raw[:ed25519.PublicKeySize])
	private, err := data.NewED25519PrivateKey(*public, raw[ed25519.PublicKeySize:])
	e.keys[private.ID()] = edCryptoKey{
		role:    "root",
		privKey: private,
	}
	return nil
}
Beispiel #3
0
// Create generates a new key and returns the public part
func (e *Ed25519) Create(role, algorithm string) (data.PublicKey, error) {
	if algorithm != data.ED25519Key {
		return nil, errors.New("only ED25519 supported by this cryptoservice")
	}

	pub, priv, err := ed25519.GenerateKey(rand.Reader)
	if err != nil {
		return nil, err
	}
	public := data.NewED25519PublicKey(pub[:])
	private, err := data.NewED25519PrivateKey(*public, priv[:])
	if err != nil {
		return nil, err
	}

	e.addKey(private)
	return public, nil
}