github.com/bepass-org/wireguard-go@v1.0.4-rc2.0.20240304192354-ebce6572bc24/warp/key.go

github.com/bepass-org/wireguard-go@v1.0.4-rc2.0.20240304192354-ebce6572bc24/warp/key.go (about)

     1  package warp
     2  
     3  import (
     4  	"crypto/rand"
     5  	"encoding/base64"
     6  	"fmt"
     7  	"golang.org/x/crypto/curve25519"
     8  )
     9  
    10  // KeyLen is the expected key length for a WireGuard key.
    11  const KeyLen = 32 // wgh.KeyLen
    12  
    13  // A Key is a public, private, or pre-shared secret key.  The Key constructor
    14  // functions in this package can be used to create Keys suitable for each of
    15  // these applications.
    16  type Key [KeyLen]byte
    17  
    18  // GenerateKey generates a Key suitable for use as a pre-shared secret key from
    19  // a cryptographically safe source.
    20  //
    21  // The output Key should not be used as a private key; use GeneratePrivateKey
    22  // instead.
    23  func GenerateKey() (Key, error) {
    24  	b := make([]byte, KeyLen)
    25  	if _, err := rand.Read(b); err != nil {
    26  		return Key{}, fmt.Errorf("wgtypes: failed to read random bytes: %v", err)
    27  	}
    28  
    29  	return NewKey(b)
    30  }
    31  
    32  // GeneratePrivateKey generates a Key suitable for use as a private key from a
    33  // cryptographically safe source.
    34  func GeneratePrivateKey() (Key, error) {
    35  	key, err := GenerateKey()
    36  	if err != nil {
    37  		return Key{}, err
    38  	}
    39  
    40  	// Modify random bytes using algorithm described at:
    41  	// https://cr.yp.to/ecdh.html.
    42  	key[0] &= 248
    43  	key[31] &= 127
    44  	key[31] |= 64
    45  
    46  	return key, nil
    47  }
    48  
    49  // NewKey creates a Key from an existing byte slice.  The byte slice must be
    50  // exactly 32 bytes in length.
    51  func NewKey(b []byte) (Key, error) {
    52  	if len(b) != KeyLen {
    53  		return Key{}, fmt.Errorf("wgtypes: incorrect key size: %d", len(b))
    54  	}
    55  
    56  	var k Key
    57  	copy(k[:], b)
    58  
    59  	return k, nil
    60  }
    61  
    62  // PublicKey computes a public key from the private key k.
    63  //
    64  // PublicKey should only be called when k is a private key.
    65  func (k Key) PublicKey() Key {
    66  	var (
    67  		pub  [KeyLen]byte
    68  		priv = [KeyLen]byte(k)
    69  	)
    70  
    71  	// ScalarBaseMult uses the correct base value per https://cr.yp.to/ecdh.html,
    72  	// so no need to specify it.
    73  	curve25519.ScalarBaseMult(&pub, &priv)
    74  
    75  	return Key(pub)
    76  }
    77  
    78  // String returns the base64-encoded string representation of a Key.
    79  //
    80  // ParseKey can be used to produce a new Key from this string.
    81  func (k Key) String() string {
    82  	return base64.StdEncoding.EncodeToString(k[:])
    83  }