func (k *PGPKeyBundle) GetKID() keybase1.KID {
prefix := []byte{
byte(KeybaseKIDV1),
byte(k.PrimaryKey.PubKeyAlgo),
}
// XXX Hack; Because PublicKey.serializeWithoutHeaders is off-limits
// to us, we need to do a full serialize and then strip off the header.
// The further annoyance is that the size of the header varies with the
// bitlen of the key. Small keys (<191 bytes total) yield 8 bytes of header
// material --- for instance, 1024-bit test keys. For longer keys, we
// have 9 bytes of header material, to encode a 2-byte frame, rather than
// a 1-byte frame.
buf := bytes.Buffer{}
k.PrimaryKey.Serialize(&buf)
byts := buf.Bytes()
hdrBytes := 8
if len(byts) >= 193 {
hdrBytes++
}
sum := sha256.Sum256(buf.Bytes()[hdrBytes:])
out := append(prefix, sum[:]...)
out = append(out, byte(IDSuffixKID))
return keybase1.KIDFromSlice(out)
}
func (k NaclSigningKeyPair) VerifyStringAndExtract(sig string) (msg []byte, id keybase1.SigID, err error) {
body, err := base64.StdEncoding.DecodeString(sig)
if err != nil {
return
}
packet, err := DecodePacket(body)
if err != nil {
return
}
naclSig, ok := packet.Body.(*NaclSigInfo)
if !ok {
err = UnmarshalError{"NACL signature"}
return
}
err = naclSig.Verify()
if err != nil {
return
}
nkid := keybase1.KIDFromSlice(naclSig.Kid)
if nkid.NotEqual(k.GetKID()) {
err = WrongKidError{nkid, k.GetKID()}
return
}
msg = naclSig.Payload
id = ComputeSigIDFromSigBody(body)
return
}
func genKID() keybase1.KID {
var kid [35]byte
kid[0] = 0x1
kid[1] = 0x20
binary.BigEndian.PutUint32(kid[30:34], seq)
seq++
kid[34] = 0xa0
return keybase1.KIDFromSlice(kid[:])
}
func (k NaclSigningKeyPublic) GetKID() keybase1.KID {
prefix := []byte{
byte(KeybaseKIDV1),
byte(KIDNaclEddsa),
}
suffix := byte(IDSuffixKID)
out := append(prefix, k[:]...)
out = append(out, suffix)
return keybase1.KIDFromSlice(out)
}
// Decrypt a NaclEncryptionInfo packet, and on success return the plaintext
// and the KID of the sender (which might be an ephemeral key).
func (k NaclDHKeyPair) Decrypt(nei *NaclEncryptionInfo) (plaintext []byte, sender keybase1.KID, err error) {
if k.Private == nil {
err = NoSecretKeyError{}
return
}
if nei.EncryptionType != KIDNaclDH {
err = DecryptBadPacketTypeError{}
return
}
var nonce [NaclDHNonceSize]byte
if len(nei.Nonce) != NaclDHNonceSize {
err = DecryptBadNonceError{}
return
}
copy(nonce[:], nei.Nonce)
var gk GenericKey
if gk, err = ImportKeypairFromKID(keybase1.KIDFromSlice(nei.Sender)); err != nil {
return
}
var senderDH NaclDHKeyPair
var ok bool
if senderDH, ok = gk.(NaclDHKeyPair); !ok {
err = DecryptBadSenderError{}
return
}
rkid := keybase1.KIDFromSlice(nei.Receiver)
if k.GetKID().NotEqual(rkid) {
err = DecryptWrongReceiverError{}
return
}
if plaintext, ok = box.Open(plaintext, nei.Ciphertext, &nonce,
((*[32]byte)(&senderDH.Public)), ((*[32]byte)(k.Private))); !ok {
err = DecryptOpenError{}
return
}
sender = senderDH.GetKID()
return
}
