diff options
Diffstat (limited to 'vendor/golang.org/x/crypto/nacl/sign/sign.go')
-rw-r--r-- | vendor/golang.org/x/crypto/nacl/sign/sign.go | 90 |
1 files changed, 0 insertions, 90 deletions
diff --git a/vendor/golang.org/x/crypto/nacl/sign/sign.go b/vendor/golang.org/x/crypto/nacl/sign/sign.go deleted file mode 100644 index d076270..0000000 --- a/vendor/golang.org/x/crypto/nacl/sign/sign.go +++ /dev/null @@ -1,90 +0,0 @@ -// Copyright 2018 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// Package sign signs small messages using public-key cryptography. -// -// Sign uses Ed25519 to sign messages. The length of messages is not hidden. -// Messages should be small because: -// 1. The whole message needs to be held in memory to be processed. -// 2. Using large messages pressures implementations on small machines to process -// plaintext without verifying the signature. This is very dangerous, and this API -// discourages it, but a protocol that uses excessive message sizes might present -// some implementations with no other choice. -// 3. Performance may be improved by working with messages that fit into data caches. -// Thus large amounts of data should be chunked so that each message is small. -// -// This package is not interoperable with the current release of NaCl -// (https://nacl.cr.yp.to/sign.html), which does not support Ed25519 yet. However, -// it is compatible with the NaCl fork libsodium (https://www.libsodium.org), as well -// as TweetNaCl (https://tweetnacl.cr.yp.to/). -package sign - -import ( - "io" - - "golang.org/x/crypto/ed25519" - "golang.org/x/crypto/internal/subtle" -) - -// Overhead is the number of bytes of overhead when signing a message. -const Overhead = 64 - -// GenerateKey generates a new public/private key pair suitable for use with -// Sign and Open. -func GenerateKey(rand io.Reader) (publicKey *[32]byte, privateKey *[64]byte, err error) { - pub, priv, err := ed25519.GenerateKey(rand) - if err != nil { - return nil, nil, err - } - publicKey, privateKey = new([32]byte), new([64]byte) - copy((*publicKey)[:], pub) - copy((*privateKey)[:], priv) - return publicKey, privateKey, nil -} - -// Sign appends a signed copy of message to out, which will be Overhead bytes -// longer than the original and must not overlap it. -func Sign(out, message []byte, privateKey *[64]byte) []byte { - sig := ed25519.Sign(ed25519.PrivateKey((*privateKey)[:]), message) - ret, out := sliceForAppend(out, Overhead+len(message)) - if subtle.AnyOverlap(out, message) { - panic("nacl: invalid buffer overlap") - } - copy(out, sig) - copy(out[Overhead:], message) - return ret -} - -// Open verifies a signed message produced by Sign and appends the message to -// out, which must not overlap the signed message. The output will be Overhead -// bytes smaller than the signed message. -func Open(out, signedMessage []byte, publicKey *[32]byte) ([]byte, bool) { - if len(signedMessage) < Overhead { - return nil, false - } - if !ed25519.Verify(ed25519.PublicKey((*publicKey)[:]), signedMessage[Overhead:], signedMessage[:Overhead]) { - return nil, false - } - ret, out := sliceForAppend(out, len(signedMessage)-Overhead) - if subtle.AnyOverlap(out, signedMessage) { - panic("nacl: invalid buffer overlap") - } - copy(out, signedMessage[Overhead:]) - return ret, true -} - -// sliceForAppend takes a slice and a requested number of bytes. It returns a -// slice with the contents of the given slice followed by that many bytes and a -// second slice that aliases into it and contains only the extra bytes. If the -// original slice has sufficient capacity then no allocation is performed. -func sliceForAppend(in []byte, n int) (head, tail []byte) { - if total := len(in) + n; cap(in) >= total { - head = in[:total] - } else { - head = make([]byte, total) - copy(head, in) - } - tail = head[len(in):] - return -} |