Skip to content
/ key Public

Golang helper library for signing and verifying data using public/private keys

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

svicknesh/key

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
asym
asym
 
 
kx
kx
 
 
shared
shared
 
 
LICENSE.md
LICENSE.md
 
 
README.md
README.md
 
 
all_test.go
all_test.go
 
 
generate.go
generate.go
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
key.go
key.go
 
 

Repository files navigation

Golang Key library

Golang library to

  • sign and verify signature using ED25519, ECDSA or RSA public/private keys.
  • creating shared keys using Curve25519 or ECDH.
  • Encode keys to JWK (public/private keys ONLY).
  • Decode JWK to keys (public/private keys ONLY).

Key Usage

Generating keys

Possible key types that can be generated are

  • ED25519 - ED25519 256 bit
  • ECDSA256 - ECDSA 256 bit
  • ECDSA384 - ECDSA 384 bit
  • ECDSA521 - ECDSA 521 bit
  • RSA2048 - RSA 2048 bit
  • RSA4096 - RSA 4096 bit
  • RSA8192 - RSA 8192 bit
// create a new instance of Key
k, err := GenerateKey(ED25519)
if nil != err {
    fmt.Println(err)
    os.Exit(1)
}
fmt.Println("JWK:", k)

Decode JWK string to key

// create an instance of Key from an existing JWK string
k, err := NewKeyFromStr("{\"crv\":\"Ed25519\",\"d\":\"vUjQ3PaX8iqHA0Q58Wf7mN8h-oMgAE_cFQDfi0Sr2Js\",\"kty\":\"OKP\",\"x\":\"etHd2wg1POjqvQZ3yhiwwU2JRwCtcqzYQIOmp7BnnSo\"}")
if nil != err {
    fmt.Println(err)
    os.Exit(1)
}
fmt.Println("JWK:", k)

Signing hashed data

// assume a key instance already exists from generation or decoding a JWK string

// signing data is done over a hash of existing data
s := sha3.New256()
s.Write([]byte("hello, "))
s.Write([]byte("world"))

h := s.Sum(nil)

// k is an instance of Key
signed, err := k.Sign(h)
if nil != err {
    fmt.Println(err)
    os.Exit(1)
}
fmt.Println(base64.StdEncoding.EncodeToString(signed))

Verifying hashed data

// assume a key instance already exists from generation or decoding a JWK string

if k.Verify(signed, h) {
    fmt.Println("verified data for ED25519")
} else {
    fmt.Println("unable to verify data for ED25519")
}

Complete example

k, err := GenerateKey(ED25519)
if nil != err {
    fmt.Println(err)
    os.Exit(1)
}
fmt.Println("JWK:", k)

kPub, err := k.PublicKey()
if nil != err {
    fmt.Println(err)
    os.Exit(1)
}
//fmt.Println("JWK:", kPub)

k2, err := NewKeyFromStr(kPub.String())
if nil != err {
    fmt.Println(err)
    os.Exit(1)
}
fmt.Println("JWK:", k2)

s := sha3.New256()
s.Write([]byte("hello, "))
s.Write([]byte("world"))

h := s.Sum(nil)

signed, err := k.Sign(h)
if nil != err {
    fmt.Println(err)
    os.Exit(1)
}
fmt.Println(base64.StdEncoding.EncodeToString(signed))

//h = append(h, []byte("abcd")...)
if k2.Verify(signed, h) {
    fmt.Println("verified data for ED25519")
} else {
    fmt.Println("unable to verify data for ED25519")
}

Key Exchange

Generating keys

Possible key types that can be generated are

  • CURVE255519 - ED25519Curve25519 256 bit
  • ECDH256 - ECDH 256 bit
  • ECDH384 - ECDH 384 bit
  • ECDH521 - ECDH 521 bit
// create a new instance of Key
a, err := GenerateKeyExchange(CURVE25519)
if nil != err {
    fmt.Println(err)
    os.Exit(1)
}

fmt.Println("A private key:\t", a)
fmt.Println("A public key:\t", a.PublicKey())

Decode key exchange from string

aStr := "ybAlYu1qLcRoiMZKDfuFy8yUTU2TxXRpoYY4xvCjmUfq"

a, err := NewKXFromStr(aStr)
if nil != err {
    fmt.Println(err)
    os.Exit(1)
}
fmt.Println("A private key type: ", a.KeyType())
fmt.Println("A private key length: ", a.Length())
fmt.Println("A private key:\t", a)
aPub := a.PublicKey()
fmt.Println("A public key:\t", aPub)
fmt.Println("A public key length:\t", aPub.Length())

Creating shared key

// for a shared key, we would require A's private key and B's public key
// both A and B **MUST** be using the same type of key exchange i.e. CURVE25519 or ECDH*
// assume both have been generated or converted from string

sharedSecretA, err := a.SharedSecret(b.PublicKey())
if nil != err {
    fmt.Println(err)
    os.Exit(1)
}
fmt.Println("A shared secret with B:\t", base64.StdEncoding.EncodeToString(sharedSecretA))

sharedSecretB, err := b.SharedSecret(a.PublicKey())
if nil != err {
    fmt.Println(err)
    os.Exit(1)
}
fmt.Println("B shared secret with A:\t", base64.StdEncoding.EncodeToString(sharedSecretB))

Complete Code

// A
a, err := GenerateKeyExchange(CURVE25519)
if nil != err {
    fmt.Println(err)
    os.Exit(1)
}
//fmt.Println(a)

fmt.Println("A private key:\t", a)
fmt.Println("A public key:\t", a.PublicKey())

// end A

// B
b, err := GenerateKeyExchange(CURVE25519)
if nil != err {
    fmt.Println(err)
    os.Exit(1)
}

fmt.Println("B private key:\t", b)
fmt.Println("B public key:\t", b.PublicKey())

// end B

// generate shared key
sharedSecretA, err := a.SharedSecret(b.PublicKey())
if nil != err {
    fmt.Println(err)
    os.Exit(1)
}
fmt.Println("A shared secret with B:\t", base64.StdEncoding.EncodeToString(sharedSecretA))

sharedSecretB, err := b.SharedSecret(a.PublicKey())
if nil != err {
    fmt.Println(err)
    os.Exit(1)
}
fmt.Println("B shared secret with A:\t", base64.StdEncoding.EncodeToString(sharedSecretB))

// end generate shared key

About

Golang helper library for signing and verifying data using public/private keys

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

14 tags

Packages

No packages published

Languages