package main import ( "bytes" "crypto/sha512" "encoding/binary" "dim13.org/signify/bhash" "golang.org/x/crypto/ed25519" ) const DefaultRounds = 42 var ( PKAlg = [2]byte{'E', 'd'} KDFAlg = [2]byte{'B', 'K'} ) type Sig struct { PKAlg [2]byte KeyNum uint64 Sig [ed25519.SignatureSize]byte } type PubKey struct { PKAlg [2]byte KeyNum uint64 PubKey [ed25519.PublicKeySize]byte } type EncKey struct { PKAlg [2]byte KDFAlg [2]byte KDFRounds uint32 Salt [16]byte Checksum [8]byte KeyNum uint64 SecKey [ed25519.PrivateKeySize]byte } func (v *Sig) IsValid() bool { return v.PKAlg == PKAlg } func (v *PubKey) IsValid() bool { return v.PKAlg == PKAlg } func (v *PubKey) Verify(message []byte, sig *Sig) bool { if v.PKAlg != sig.PKAlg || v.KeyNum != sig.KeyNum { return false } return ed25519.Verify(ed25519.PublicKey(v.PubKey[:]), message, sig.Sig[:]) } func (v *EncKey) Sign(message []byte) *Sig { sig := &Sig{ PKAlg: v.PKAlg, KeyNum: v.KeyNum, } copy(sig.Sig[:], ed25519.Sign(ed25519.PrivateKey(v.SecKey[:]), message)) return sig } func (v *EncKey) IsValid() bool { if v.PKAlg != PKAlg || v.KDFAlg != KDFAlg { return false } sum := sha512.Sum512(v.SecKey[:]) return bytes.Equal(sum[:len(v.Checksum)], v.Checksum[:]) } func (e *EncKey) Kdf(pass string, rounds int) { if rounds == 0 { return } xorkey := bhash.Pbkdf([]byte(pass), e.Salt[:], rounds, len(e.SecKey)) for i := range xorkey { e.SecKey[i] ^= xorkey[i] } e.KDFRounds = uint32(rounds) } func Unmarshal(b []byte, v interface{}) error { buf := bytes.NewReader(b) if err := binary.Read(buf, binary.BigEndian, v); err != nil { return err } return nil } func Marshal(v interface{}) ([]byte, error) { buf := new(bytes.Buffer) if err := binary.Write(buf, binary.BigEndian, v); err != nil { return nil, err } return buf.Bytes(), nil }