func ImportKeypairFromKID(k keybase1.KID) (key GenericKey, err error) {
kid := k.ToBytes()
l := len(kid)
if l < 3 {
err = BadKeyError{"KID was way too short"}
return
}
if kid[0] != byte(KeybaseKIDV1) || kid[l-1] != byte(IDSuffixKID) {
err = BadKeyError{"bad header or trailer found"}
return
}
raw := kid[2:(l - 1)]
switch kid[1] {
case byte(KIDNaclEddsa):
if len(raw) != ed25519.PublicKeySize {
err = BadKeyError{"Bad EdDSA key size"}
} else {
tmp := NaclSigningKeyPair{}
copy(tmp.Public[:], raw)
key = tmp
}
case byte(KIDNaclDH):
if len(raw) != NaclDHKeysize {
err = BadKeyError{"Bad DH key size"}
} else {
tmp := NaclDHKeyPair{}
copy(tmp.Public[:], raw)
key = tmp
}
default:
err = BadKeyError{fmt.Sprintf("Bad key prefix: %d", kid[1])}
}
return
}
// GetTLFCryptKeyServerHalfID implements the Crypto interface for CryptoCommon.
func (c *CryptoCommon) GetTLFCryptKeyServerHalfID(
user keybase1.UID, deviceKID keybase1.KID,
serverHalf TLFCryptKeyServerHalf) (TLFCryptKeyServerHalfID, error) {
key := serverHalf.data[:]
data := append(user.ToBytes(), deviceKID.ToBytes()...)
hmac, err := DefaultHMAC(key, data)
if err != nil {
return TLFCryptKeyServerHalfID{}, err
}
return TLFCryptKeyServerHalfID{
ID: hmac,
}, nil
}
// VerifyTLFCryptKeyServerHalfID implements the Crypto interface for CryptoCommon.
func (c *CryptoCommon) VerifyTLFCryptKeyServerHalfID(serverHalfID TLFCryptKeyServerHalfID,
user keybase1.UID, deviceKID keybase1.KID, serverHalf TLFCryptKeyServerHalf) error {
key := serverHalf.data[:]
data := append(user.ToBytes(), deviceKID.ToBytes()...)
return serverHalfID.ID.Verify(key, data)
}