diff --git a/keypair.go b/keypair.go index 9d05518..69ebe21 100644 --- a/keypair.go +++ b/keypair.go @@ -1,4 +1,4 @@ -// Copyright 2018-2022 The NATS Authors +// Copyright 2018-2024 The NATS Authors // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at @@ -15,10 +15,9 @@ package nkeys import ( "bytes" + "crypto/ed25519" "crypto/rand" "io" - - "golang.org/x/crypto/ed25519" ) // kp is the internal struct for a kepypair using seed. @@ -31,7 +30,7 @@ const seedLen = 32 // CreatePair will create a KeyPair based on the rand entropy and a type/prefix byte. func CreatePair(prefix PrefixByte) (KeyPair, error) { - return CreatePairWithRand(prefix, rand.Reader) + return CreatePairWithRand(prefix, nil) } // CreatePair will create a KeyPair based on the rand reader and a type/prefix byte. rand can be nil. @@ -39,17 +38,12 @@ func CreatePairWithRand(prefix PrefixByte, rr io.Reader) (KeyPair, error) { if prefix == PrefixByteCurve { return CreateCurveKeysWithRand(rr) } - if rr == nil { - rr = rand.Reader - } - var rawSeed [seedLen]byte - - _, err := io.ReadFull(rr, rawSeed[:]) + _, priv, err := ed25519.GenerateKey(rr) if err != nil { return nil, err } - seed, err := EncodeSeed(prefix, rawSeed[:]) + seed, err := EncodeSeed(prefix, priv.Seed()) if err != nil { return nil, err } diff --git a/nkeys_test.go b/nkeys_test.go index e0db328..8053fe6 100644 --- a/nkeys_test.go +++ b/nkeys_test.go @@ -1,4 +1,4 @@ -// Copyright 2018 The NATS Authors +// Copyright 2018-2024 The NATS Authors // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at @@ -15,14 +15,13 @@ package nkeys import ( "bytes" + "crypto/ed25519" "crypto/rand" "encoding/base64" "io" "os" "regexp" "testing" - - "golang.org/x/crypto/ed25519" ) func TestVersion(t *testing.T) { diff --git a/public.go b/public.go index c3cd21e..a6e88c9 100644 --- a/public.go +++ b/public.go @@ -1,4 +1,4 @@ -// Copyright 2018 The NATS Authors +// Copyright 2018-2024 The NATS Authors // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at @@ -14,10 +14,9 @@ package nkeys import ( + "crypto/ed25519" "crypto/rand" "io" - - "golang.org/x/crypto/ed25519" ) // A KeyPair from a public key capable of verifying only. diff --git a/xkeys.go b/xkeys.go index 78f8b99..7951fb7 100644 --- a/xkeys.go +++ b/xkeys.go @@ -1,4 +1,4 @@ -// Copyright 2022-2023 The NATS Authors +// Copyright 2022-2024 The NATS Authors // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at @@ -15,6 +15,7 @@ package nkeys import ( "bytes" + "crypto/ed25519" "crypto/rand" "encoding/binary" "io" @@ -40,17 +41,18 @@ type ckp struct { // CreateCurveKeys will create a Curve typed KeyPair. func CreateCurveKeys() (KeyPair, error) { - return CreateCurveKeysWithRand(rand.Reader) + return CreateCurveKeysWithRand(nil) } // CreateCurveKeysWithRand will create a Curve typed KeyPair // with specified rand source. func CreateCurveKeysWithRand(rr io.Reader) (KeyPair, error) { var kp ckp - _, err := io.ReadFull(rr, kp.seed[:]) + _, priv, err := ed25519.GenerateKey(rr) if err != nil { return nil, err } + kp.seed = [curveKeyLen]byte(priv.Seed()) return &kp, nil }