Ejemplo n.º 1
0
func (k *PGPKeyBundle) GetKID() keybase1.KID {

	prefix := []byte{
		byte(KeybaseKIDV1),
		byte(k.PrimaryKey.PubKeyAlgo),
	}

	// XXX Hack;  Because PublicKey.serializeWithoutHeaders is off-limits
	// to us, we need to do a full serialize and then strip off the header.
	// The further annoyance is that the size of the header varies with the
	// bitlen of the key.  Small keys (<191 bytes total) yield 8 bytes of header
	// material --- for instance, 1024-bit test keys.  For longer keys, we
	// have 9 bytes of header material, to encode a 2-byte frame, rather than
	// a 1-byte frame.
	buf := bytes.Buffer{}
	k.PrimaryKey.Serialize(&buf)
	byts := buf.Bytes()
	hdrBytes := 8
	if len(byts) >= 193 {
		hdrBytes++
	}
	sum := sha256.Sum256(buf.Bytes()[hdrBytes:])

	out := append(prefix, sum[:]...)
	out = append(out, byte(IDSuffixKID))

	return keybase1.KIDFromSlice(out)
}
Ejemplo n.º 2
0
func (k NaclSigningKeyPair) VerifyStringAndExtract(sig string) (msg []byte, id keybase1.SigID, err error) {
	body, err := base64.StdEncoding.DecodeString(sig)
	if err != nil {
		return
	}

	packet, err := DecodePacket(body)
	if err != nil {
		return
	}

	naclSig, ok := packet.Body.(*NaclSigInfo)
	if !ok {
		err = UnmarshalError{"NACL signature"}
		return
	}

	err = naclSig.Verify()
	if err != nil {
		return
	}

	nkid := keybase1.KIDFromSlice(naclSig.Kid)
	if nkid.NotEqual(k.GetKID()) {
		err = WrongKidError{nkid, k.GetKID()}
		return
	}

	msg = naclSig.Payload
	id = ComputeSigIDFromSigBody(body)
	return
}
Ejemplo n.º 3
0
func genKID() keybase1.KID {
	var kid [35]byte
	kid[0] = 0x1
	kid[1] = 0x20
	binary.BigEndian.PutUint32(kid[30:34], seq)
	seq++
	kid[34] = 0xa0
	return keybase1.KIDFromSlice(kid[:])
}
Ejemplo n.º 4
0
func (k NaclSigningKeyPublic) GetKID() keybase1.KID {
	prefix := []byte{
		byte(KeybaseKIDV1),
		byte(KIDNaclEddsa),
	}
	suffix := byte(IDSuffixKID)
	out := append(prefix, k[:]...)
	out = append(out, suffix)
	return keybase1.KIDFromSlice(out)
}
Ejemplo n.º 5
0
// Decrypt a NaclEncryptionInfo packet, and on success return the plaintext
// and the KID of the sender (which might be an ephemeral key).
func (k NaclDHKeyPair) Decrypt(nei *NaclEncryptionInfo) (plaintext []byte, sender keybase1.KID, err error) {
	if k.Private == nil {
		err = NoSecretKeyError{}
		return
	}
	if nei.EncryptionType != KIDNaclDH {
		err = DecryptBadPacketTypeError{}
		return
	}
	var nonce [NaclDHNonceSize]byte
	if len(nei.Nonce) != NaclDHNonceSize {
		err = DecryptBadNonceError{}
		return
	}
	copy(nonce[:], nei.Nonce)

	var gk GenericKey
	if gk, err = ImportKeypairFromKID(keybase1.KIDFromSlice(nei.Sender)); err != nil {
		return
	}

	var senderDH NaclDHKeyPair
	var ok bool
	if senderDH, ok = gk.(NaclDHKeyPair); !ok {
		err = DecryptBadSenderError{}
		return
	}

	rkid := keybase1.KIDFromSlice(nei.Receiver)
	if k.GetKID().NotEqual(rkid) {
		err = DecryptWrongReceiverError{}
		return
	}

	if plaintext, ok = box.Open(plaintext, nei.Ciphertext, &nonce,
		((*[32]byte)(&senderDH.Public)), ((*[32]byte)(k.Private))); !ok {
		err = DecryptOpenError{}
		return
	}
	sender = senderDH.GetKID()
	return
}