keyer

package
v0.0.0-...-4dab261 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 1, 2026 License: Unlicense Imports: 12 Imported by: 5

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func New 

func New(ctx context.Context, pool *nostr.Pool, input string, opts *SignerOptions) (nostr.Keyer, error)

New creates a new Keyer implementation based on the input string format. It supports various input formats: - ncryptsec: Creates an EncryptedKeySigner or KeySigner depending on options - NIP-46 bunker URL or NIP-05 identifier: Creates a BunkerSigner - nsec: Creates a KeySigner - hex private key: Creates a KeySigner

The context is used for operations that may require network access. The pool is used for relay connections when needed. Options are used for additional pieces required for EncryptedKeySigner and BunkerSigner.

Types

type BunkerSigner 

type BunkerSigner struct {
	// contains filtered or unexported fields
}

BunkerSigner is a signer that delegates operations to a remote bunker using NIP-46. It communicates with the bunker for all cryptographic operations rather than handling the private key locally.

func NewBunkerSignerFromBunkerClient 

func NewBunkerSignerFromBunkerClient(bc *nip46.BunkerClient) BunkerSigner

NewBunkerSignerFromBunkerClient creates a new BunkerSigner from an existing BunkerClient.

func (BunkerSigner) Decrypt 

func (bs BunkerSigner) Decrypt(ctx context.Context, base64ciphertext string, sender nostr.PubKey) (plaintext string, err error)

Decrypt decrypts a base64-encoded ciphertext from a sender using the remote bunker.

func (BunkerSigner) Encrypt 

func (bs BunkerSigner) Encrypt(ctx context.Context, plaintext string, recipient nostr.PubKey) (string, error)

Encrypt encrypts a plaintext message for a recipient using the remote bunker.

func (BunkerSigner) GetPublicKey 

func (bs BunkerSigner) GetPublicKey(ctx context.Context) (nostr.PubKey, error)

GetPublicKey retrieves the public key from the remote bunker. It uses a timeout to prevent hanging indefinitely.

func (BunkerSigner) SignEvent 

func (bs BunkerSigner) SignEvent(ctx context.Context, evt *nostr.Event) error

SignEvent sends the event to the remote bunker for signing. It uses a timeout to prevent hanging indefinitely.

type EncryptedKeySigner 

type EncryptedKeySigner struct {
	// contains filtered or unexported fields
}

EncryptedKeySigner is a signer that must ask the user for a password before every operation. It stores the private key in encrypted form (NIP-49) and uses a callback to request the password when needed for operations.

func (EncryptedKeySigner) Decrypt 

func (es EncryptedKeySigner) Decrypt(ctx context.Context, base64ciphertext string, sender nostr.PubKey) (plaintext string, err error)

Decrypt decrypts a base64-encoded ciphertext from a sender using NIP-44. It first decrypts the private key using the password callback.

func (EncryptedKeySigner) Encrypt 

func (es EncryptedKeySigner) Encrypt(ctx context.Context, plaintext string, recipient nostr.PubKey) (c64 string, err error)

Encrypt encrypts a plaintext message for a recipient using NIP-44. It first decrypts the private key using the password callback.

func (*EncryptedKeySigner) GetPublicKey 

func (es *EncryptedKeySigner) GetPublicKey(ctx context.Context) (nostr.PubKey, error)

GetPublicKey returns the public key associated with this signer. If the public key is not cached, it will decrypt the private key using the password callback to derive the public key.

func (*EncryptedKeySigner) SignEvent 

func (es *EncryptedKeySigner) SignEvent(ctx context.Context, evt *nostr.Event) error

SignEvent signs the provided event by first decrypting the private key using the password callback, then signing the event with the decrypted key.

type KeySigner 

type KeySigner struct {
	// contains filtered or unexported fields
}

KeySigner is a signer that holds the private key in memory

func NewPlainKeySigner 

func NewPlainKeySigner(sec [32]byte) KeySigner

NewPlainKeySigner creates a new KeySigner from a private key. Returns an error if the private key is invalid.

func (KeySigner) Decrypt 

func (ks KeySigner) Decrypt(ctx context.Context, base64ciphertext string, sender nostr.PubKey) (string, error)

Decrypt decrypts a base64-encoded ciphertext from a sender using NIP-44. It caches conversation keys for efficiency in repeated operations.

func (KeySigner) Encrypt 

func (ks KeySigner) Encrypt(ctx context.Context, plaintext string, recipient nostr.PubKey) (string, error)

Encrypt encrypts a plaintext message for a recipient using NIP-44. It caches conversation keys for efficiency in repeated operations.

func (KeySigner) GetPublicKey 

func (ks KeySigner) GetPublicKey(ctx context.Context) (nostr.PubKey, error)

GetPublicKey returns the public key associated with this signer.

func (KeySigner) SignEvent 

func (ks KeySigner) SignEvent(ctx context.Context, evt *nostr.Event) error

SignEvent signs the provided event with the signer's private key. It sets the event's ID, PubKey, and Sig fields.

type ManualSigner 

type ManualSigner struct {
	// ManualGetPublicKey is called when the public key is needed
	ManualGetPublicKey func(context.Context) (nostr.PubKey, error)

	// ManualSignEvent is called when an event needs to be signed
	ManualSignEvent func(context.Context, *nostr.Event) error

	// ManualEncrypt is called when a message needs to be encrypted
	ManualEncrypt func(ctx context.Context, plaintext string, recipientPublicKey nostr.PubKey) (base64ciphertext string, err error)

	// ManualDecrypt is called when a message needs to be decrypted
	ManualDecrypt func(ctx context.Context, base64ciphertext string, senderPublicKey nostr.PubKey) (plaintext string, err error)
}

ManualSigner is a signer that delegates all operations to user-provided functions. It can be used when an app wants to ask the user or some custom server to manually provide a signed event or an encrypted or decrypted payload by copy-and-paste, for example, or when the app wants to implement custom signing logic.

func (ManualSigner) Decrypt 

func (ms ManualSigner) Decrypt(ctx context.Context, base64ciphertext string, sender nostr.PubKey) (plaintext string, err error)

Decrypt delegates decryption to the ManualDecrypt function.

func (ManualSigner) Encrypt 

func (ms ManualSigner) Encrypt(ctx context.Context, plaintext string, recipient nostr.PubKey) (c64 string, err error)

Encrypt delegates encryption to the ManualEncrypt function.

func (ManualSigner) GetPublicKey 

func (ms ManualSigner) GetPublicKey(ctx context.Context) (nostr.PubKey, error)

GetPublicKey delegates public key retrieval to the ManualGetPublicKey function.

func (ManualSigner) SignEvent 

func (ms ManualSigner) SignEvent(ctx context.Context, evt *nostr.Event) error

SignEvent delegates event signing to the ManualSignEvent function.

type ReadOnlySigner 

type ReadOnlySigner struct {
	// contains filtered or unexported fields
}

ReadOnlySigner is like a ReadOnlyUser, but has a fake GetPublicKey method that doesn't work.

func NewReadOnlySigner 

func NewReadOnlySigner(pk nostr.PubKey) ReadOnlySigner

func (ReadOnlySigner) GetPublicKey 

func (ros ReadOnlySigner) GetPublicKey(context.Context) (nostr.PubKey, error)

GetPublicKey returns the public key associated with this signer.

func (ReadOnlySigner) SignEvent 

func (ros ReadOnlySigner) SignEvent(context.Context, *nostr.Event) error

SignEvent returns an error.

type ReadOnlyUser 

type ReadOnlyUser struct {
	// contains filtered or unexported fields
}

ReadOnlyUser is a nostr.User that has this public key

func NewReadOnlyUser 

func NewReadOnlyUser(pk nostr.PubKey) ReadOnlyUser

func (ReadOnlyUser) GetPublicKey 

func (ros ReadOnlyUser) GetPublicKey(context.Context) (nostr.PubKey, error)

GetPublicKey returns the public key associated with this signer.

type SignerOptions 

type SignerOptions struct {
	// BunkerClientSecretKey is the secret key used for the bunker client
	BunkerClientSecretKey nostr.SecretKey

	// BunkerSignTimeout is the timeout duration for bunker signing operations
	BunkerSignTimeout time.Duration

	// BunkerAuthHandler is called when authentication is needed for bunker operations
	BunkerAuthHandler func(string)

	// PasswordHandler is called when an operation needs access to the encrypted key.
	// If provided, the key will be stored encrypted and this function will be called
	// every time an operation needs access to the key so the user can be prompted.
	PasswordHandler func(context.Context) string

	// Password is used along with ncryptsec to decrypt the key.
	// If provided, the key will be decrypted and stored in plaintext.
	Password string
}

SignerOptions contains configuration options for creating a new signer.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.