SigningKeys generate signatures of messages which can then be used by the corresponding SignatureVerificationKey to verify that a message was signed by can confirm that the message was indeed signed by the SigningKey and has not since been tampered with.
More...
#include <signing-key.hpp>
|
|
| SigningKey (const SigningKey &other) |
| | Construct a copy of another SigningKey.
|
| |
| | SigningKey (const SodiumBuffer &signingKeyBytes, const std::string &recipe) |
| | Construct from the objects members. More...
|
| |
| | SigningKey (const std::string &seedString, const std::string &recipe) |
| | Construct a new SigningKey by deriving a signing key pair from a seed string and a set of recipe in JSON Format for Recipes. More...
|
| |
|
const SodiumBuffer | getSeedBytes () const |
| | Extract the 32-byte private seed (the compact representation of the private key) from the 64-byte sodium private key (which contains a copy of the public key, which sodium stores so as to avoid unnecessary computation when the public key is needed).
|
| |
|
const std::vector< unsigned char > | getSignatureVerificationKeyBytes () const |
| | Get the raw binary representation of the signature-verification key, re-deriving them from the signing key if signatureVerificationKeyBytes is a zero-length vector.
|
| |
|
const SignatureVerificationKey | getSignatureVerificationKey () const |
| | Get a SignatureVerificationKey which is used to verify signatures generated with this SigningKey.
|
| |
| const std::vector< unsigned char > | generateSignature (const unsigned char *message, const size_t messageLength) const |
| | Generate a signature for a message which can be used by the corresponding public SignatureVerificationKey to verify that this message was, in fact, signed by this key. More...
|
| |
| const std::vector< unsigned char > | generateSignature (const std::vector< unsigned char > &message) const |
| | Generate a signature for a message, which can be used by the corresponding public SignatureVerificationKey to verify that this message was, in fact, signed by this key. More...
|
| |
| const std::string | toJson (int indent=-1, const char indent_char=' ') const |
| | Serialize this object to a JSON-formatted string. More...
|
| |
| const SodiumBuffer | toSerializedBinaryForm () const |
| | Serialize to byte array as a list of: (keyBytes, signatureVerificationKeyBytes, recipe) More...
|
| |
|
const std::string | toOpenSshPemPrivateKey (const std::string &comment) const |
| | Convert to an OpenSSH-format private key binary writiable to a key file.
|
| |
|
const std::string | toOpenSshPublicKey () const |
| | Convert the signature-verification key to an OpenSSH public key string.
|
| |
| const std::string | toOpenPgpPemFormatSecretKey (const std::string &UserIdPacketContent, uint32_t timestamp) const |
| | Convert to an OpenPGP PEM formatted (string) private key. More...
|
| |
|
| static SigningKey | deriveFromSeed (const std::string &seedString, const std::string &recipe) |
| | Construct a new SigningKey by deriving a signing key pair from a seed string and a set of recipe in JSON Format for Recipes. More...
|
| |
| static SigningKey | fromJson (const std::string &signingKeyAsJson) |
| | Construct (reconsitute) the SigningKey from JSON format. The JSON object may or may not contain the signatureVerificationKeyBytes. If it does not, an empty byte vector will be stored and the verification key bytes will be re-derived from the signing key by getSignatureVerificationKeyBytes if they are needed. More...
|
| |
| static SigningKey | fromSerializedBinaryForm (const SodiumBuffer &serializedBinaryForm) |
| | Deserialize from a byte array stored as a list of: (keyBytes, signatureVerificationKeyBytes, recipe) More...
|
| |
SigningKeys generate signatures of messages which can then be used by the corresponding SignatureVerificationKey to verify that a message was signed by can confirm that the message was indeed signed by the SigningKey and has not since been tampered with.
The corresponding SignatureVerificationKey can be obtained by calling getSignatureVerificationKey.
The key pair of the SigningKey and SignatureVerificationKey is generated from a seed and a set of options in JSON Format for Recipes.
◆ SigningKey() [1/2]
| SigningKey::SigningKey |
( |
const SodiumBuffer & |
signingKeyBytes, |
|
|
const std::string & |
recipe |
|
) |
| |
Construct from the objects members.
- Parameters
-
| signingKeyBytes | may either be a 32-byte ED25519 seed or a 64-byte sodium-style private signing key which embeds the public key so that it doesn't have to be re-computed. If the 32-byte seed is provided, the constructor will compute the 64-byte sodium-style key. |
◆ SigningKey() [2/2]
| SigningKey::SigningKey |
( |
const std::string & |
seedString, |
|
|
const std::string & |
recipe |
|
) |
| |
Construct a new SigningKey by deriving a signing key pair from a seed string and a set of recipe in JSON Format for Recipes.
- Parameters
-
| seedString | The private seed which is used to generate the key pair. Anyone who knows (or can guess) this seed can re-generate the key pair by passing it along with the recipe. |
| recipe | The recipe in JSON Format for Recipes. |
◆ deriveFromSeed()
| SigningKey SigningKey::deriveFromSeed |
( |
const std::string & |
seedString, |
|
|
const std::string & |
recipe |
|
) |
| |
|
static |
Construct a new SigningKey by deriving a signing key pair from a seed string and a set of recipe in JSON Format for Recipes.
- Parameters
-
| seedString | The private seed which is used to generate the key pair. Anyone who knows (or can guess) this seed can re-generate the key pair by passing it along with the recipe. |
| recipe | The recipe in JSON Format for Recipes. |
◆ fromJson()
| SigningKey SigningKey::fromJson |
( |
const std::string & |
signingKeyAsJson | ) |
|
|
static |
Construct (reconsitute) the SigningKey from JSON format. The JSON object may or may not contain the signatureVerificationKeyBytes. If it does not, an empty byte vector will be stored and the verification key bytes will be re-derived from the signing key by getSignatureVerificationKeyBytes if they are needed.
- Parameters
-
◆ fromSerializedBinaryForm()
Deserialize from a byte array stored as a list of: (keyBytes, signatureVerificationKeyBytes, recipe)
Stored in SodiumBuffer's fixed-length list format. Strings are stored as UTF8 byte arrays.
◆ generateSignature() [1/2]
| const std::vector< unsigned char > SigningKey::generateSignature |
( |
const std::vector< unsigned char > & |
message | ) |
const |
Generate a signature for a message, which can be used by the corresponding public SignatureVerificationKey to verify that this message was, in fact, signed by this key.
- Parameters
-
| message | The message to sign by generating the signature |
- Returns
- const std::vector<unsigned char> A signature, which can be used with the SignatureVerificationKey to prove that this act of signing (this call to generateSignature) took place.
◆ generateSignature() [2/2]
| const std::vector< unsigned char > SigningKey::generateSignature |
( |
const unsigned char * |
message, |
|
|
const size_t |
messageLength |
|
) |
| const |
Generate a signature for a message which can be used by the corresponding public SignatureVerificationKey to verify that this message was, in fact, signed by this key.
- Parameters
-
| message | The message to sign by generating the signature |
| messageLength | The length of the message. |
- Returns
- const std::vector<unsigned char> A signature, which can be used with the SignatureVerificationKey to prove that this act of signing (this call to generateSignature) took place.
◆ toJson()
| const std::string SigningKey::toJson |
( |
int |
indent = -1, |
|
|
const char |
indent_char = ' ' |
|
) |
| const |
Serialize this object to a JSON-formatted string.
It can be reconstituted by calling the constructor with this string.
- Parameters
-
| minimizeSizeByRemovingTheSignatureVerificationKeyBytesWhichCanBeRegeneratedLater | The JSON-encoding will always include the binary signing key bytes (in hex format) and the keyDerviationOptionsJson used to derive the key, but the signature-verification key bytes will not be included unless you set this value to false. Rather, if it is elided, the signature-verification key can be reconstituted from the signing-key after the object is reconstituted, which takes a little computation in return for the space saved in the JSON format. |
| indent | The number of characters to indent the JSON (optional) |
| indent_char | The character with which to indent the JSON (optional) |
- Returns
- const std::string
◆ toOpenPgpPemFormatSecretKey()
| const std::string SigningKey::toOpenPgpPemFormatSecretKey |
( |
const std::string & |
UserIdPacketContent, |
|
|
uint32_t |
timestamp |
|
) |
| const |
◆ toSerializedBinaryForm()
| const SodiumBuffer SigningKey::toSerializedBinaryForm |
( |
| ) |
const |
Serialize to byte array as a list of: (keyBytes, signatureVerificationKeyBytes, recipe)
Stored in SodiumBuffer's fixed-length list format. Strings are stored as UTF8 byte arrays.
- Parameters
-
| minimizeSizeByRemovingTheSignatureVerificationKeyBytesWhichCanBeRegeneratedLater | If set to true (the default), an empty buffer will be passed for the signatureVerificationKeyBytes. After the object is deserialized, the replica can re-generate a signature-verification key from the signing key, which takes a little computation in return for the 28 bytes saved in this format. |
The documentation for this class was generated from the following files:
- C:/Users/stuar/git/dicekeys-seeded-crypto/lib-seeded/signing-key.hpp
- C:/Users/stuar/git/dicekeys-seeded-crypto/lib-seeded/signing-key.cpp
1.8.17