go-blockchain/crypto/keygen.go

// SPDX-Licence-Identifier: EUPL-1.2

package crypto

/*
#include "bridge.h"
*/
import "C"

import (
	"fmt"
	"unsafe"

	coreerr "dappco.re/go/core/log"
)

// GenerateKeys creates a new random key pair.
func GenerateKeys() (pub [32]byte, sec [32]byte, err error) {
	rc := C.cn_generate_keys(
		(*C.uint8_t)(unsafe.Pointer(&pub[0])),
		(*C.uint8_t)(unsafe.Pointer(&sec[0])),
	)
	if rc != 0 {
		err = coreerr.E("GenerateKeys", fmt.Sprintf("generate_keys failed (rc=%d)", rc), nil)
	}
	return
}

// SecretToPublic derives the public key from a secret key.
func SecretToPublic(sec [32]byte) ([32]byte, error) {
	var pub [32]byte
	rc := C.cn_secret_to_public(
		(*C.uint8_t)(unsafe.Pointer(&sec[0])),
		(*C.uint8_t)(unsafe.Pointer(&pub[0])),
	)
	if rc != 0 {
		return pub, coreerr.E("SecretToPublic", fmt.Sprintf("secret_to_public failed (rc=%d)", rc), nil)
	}
	return pub, nil
}

// CheckKey validates that a public key is a valid curve point.
func CheckKey(pub [32]byte) bool {
	return C.cn_check_key((*C.uint8_t)(unsafe.Pointer(&pub[0]))) == 0
}

// GenerateKeyDerivation computes the ECDH shared secret (key derivation).
func GenerateKeyDerivation(pub [32]byte, sec [32]byte) ([32]byte, error) {
	var d [32]byte
	rc := C.cn_generate_key_derivation(
		(*C.uint8_t)(unsafe.Pointer(&pub[0])),
		(*C.uint8_t)(unsafe.Pointer(&sec[0])),
		(*C.uint8_t)(unsafe.Pointer(&d[0])),
	)
	if rc != 0 {
		return d, coreerr.E("GenerateKeyDerivation", "generate_key_derivation failed", nil)
	}
	return d, nil
}

// DerivePublicKey derives an ephemeral public key for a transaction output.
func DerivePublicKey(derivation [32]byte, index uint64, base [32]byte) ([32]byte, error) {
	var derived [32]byte
	rc := C.cn_derive_public_key(
		(*C.uint8_t)(unsafe.Pointer(&derivation[0])),
		C.uint64_t(index),
		(*C.uint8_t)(unsafe.Pointer(&base[0])),
		(*C.uint8_t)(unsafe.Pointer(&derived[0])),
	)
	if rc != 0 {
		return derived, coreerr.E("DerivePublicKey", "derive_public_key failed", nil)
	}
	return derived, nil
}

// DeriveSecretKey derives the ephemeral secret key for a received output.
func DeriveSecretKey(derivation [32]byte, index uint64, base [32]byte) ([32]byte, error) {
	var derived [32]byte
	rc := C.cn_derive_secret_key(
		(*C.uint8_t)(unsafe.Pointer(&derivation[0])),
		C.uint64_t(index),
		(*C.uint8_t)(unsafe.Pointer(&base[0])),
		(*C.uint8_t)(unsafe.Pointer(&derived[0])),
	)
	if rc != 0 {
		return derived, coreerr.E("DeriveSecretKey", "derive_secret_key failed", nil)
	}
	return derived, nil
}
feat(crypto): key generation, validation, and secret-to-public derivation Co-Authored-By: Charon <charon@lethean.io> 2026-02-20 18:24:06 +00:00			`// SPDX-Licence-Identifier: EUPL-1.2`

			`package crypto`

			`/*`
			`#include "bridge.h"`
			`*/`
			`import "C"`

			`import (`
			`"fmt"`
			`"unsafe"`
refactor: complete coreerr.E() conversion across all packages Convert all remaining fmt.Errorf and errors.New in production code to coreerr.E(). Covers crypto/ (keygen, signature, clsag, keyimage, pow), consensus/block, and chain/ring. Only sentinel error definitions in errors.go and varint.go retain errors.New (correct usage). Co-Authored-By: Charon <charon@lethean.io> 2026-03-16 23:42:51 +00:00
refactor: migrate module path to dappco.re/go/core/blockchain Update go.mod module line, all require/replace directives, and every .go import path from forge.lthn.ai/core/go-blockchain to dappco.re/go/core/blockchain. Add replace directives to bridge dappco.re paths to existing forge.lthn.ai registry during migration. Update CLAUDE.md, README, and docs to reflect the new module path. Co-Authored-By: Virgil <virgil@lethean.io> 2026-03-22 01:49:26 +00:00			`coreerr "dappco.re/go/core/log"`
feat(crypto): key generation, validation, and secret-to-public derivation Co-Authored-By: Charon <charon@lethean.io> 2026-02-20 18:24:06 +00:00			`)`

			`// GenerateKeys creates a new random key pair.`
			`func GenerateKeys() (pub [32]byte, sec [32]byte, err error) {`
			`rc := C.cn_generate_keys(`
			`(*C.uint8_t)(unsafe.Pointer(&pub[0])),`
			`(*C.uint8_t)(unsafe.Pointer(&sec[0])),`
			`)`
			`if rc != 0 {`
refactor: complete coreerr.E() conversion across all packages Convert all remaining fmt.Errorf and errors.New in production code to coreerr.E(). Covers crypto/ (keygen, signature, clsag, keyimage, pow), consensus/block, and chain/ring. Only sentinel error definitions in errors.go and varint.go retain errors.New (correct usage). Co-Authored-By: Charon <charon@lethean.io> 2026-03-16 23:42:51 +00:00			`err = coreerr.E("GenerateKeys", fmt.Sprintf("generate_keys failed (rc=%d)", rc), nil)`
feat(crypto): key generation, validation, and secret-to-public derivation Co-Authored-By: Charon <charon@lethean.io> 2026-02-20 18:24:06 +00:00			`}`
			`return`
			`}`

			`// SecretToPublic derives the public key from a secret key.`
			`func SecretToPublic(sec [32]byte) ([32]byte, error) {`
			`var pub [32]byte`
			`rc := C.cn_secret_to_public(`
			`(*C.uint8_t)(unsafe.Pointer(&sec[0])),`
			`(*C.uint8_t)(unsafe.Pointer(&pub[0])),`
			`)`
			`if rc != 0 {`
refactor: complete coreerr.E() conversion across all packages Convert all remaining fmt.Errorf and errors.New in production code to coreerr.E(). Covers crypto/ (keygen, signature, clsag, keyimage, pow), consensus/block, and chain/ring. Only sentinel error definitions in errors.go and varint.go retain errors.New (correct usage). Co-Authored-By: Charon <charon@lethean.io> 2026-03-16 23:42:51 +00:00			`return pub, coreerr.E("SecretToPublic", fmt.Sprintf("secret_to_public failed (rc=%d)", rc), nil)`
feat(crypto): key generation, validation, and secret-to-public derivation Co-Authored-By: Charon <charon@lethean.io> 2026-02-20 18:24:06 +00:00			`}`
			`return pub, nil`
			`}`

			`// CheckKey validates that a public key is a valid curve point.`
			`func CheckKey(pub [32]byte) bool {`
			`return C.cn_check_key((*C.uint8_t)(unsafe.Pointer(&pub[0]))) == 0`
			`}`
feat(crypto): key derivation, one-time addresses, and key images Add ECDH shared secret, ephemeral key derivation (DerivePublicKey, DeriveSecretKey), and key image generation/validation to the CGo bridge. Tests verify ECDH commutativity, output scanning round-trip, and key image determinism. Co-Authored-By: Charon <charon@lethean.io> 2026-02-20 18:28:43 +00:00
			`// GenerateKeyDerivation computes the ECDH shared secret (key derivation).`
			`func GenerateKeyDerivation(pub [32]byte, sec [32]byte) ([32]byte, error) {`
			`var d [32]byte`
			`rc := C.cn_generate_key_derivation(`
			`(*C.uint8_t)(unsafe.Pointer(&pub[0])),`
			`(*C.uint8_t)(unsafe.Pointer(&sec[0])),`
			`(*C.uint8_t)(unsafe.Pointer(&d[0])),`
			`)`
			`if rc != 0 {`
refactor: complete coreerr.E() conversion across all packages Convert all remaining fmt.Errorf and errors.New in production code to coreerr.E(). Covers crypto/ (keygen, signature, clsag, keyimage, pow), consensus/block, and chain/ring. Only sentinel error definitions in errors.go and varint.go retain errors.New (correct usage). Co-Authored-By: Charon <charon@lethean.io> 2026-03-16 23:42:51 +00:00			`return d, coreerr.E("GenerateKeyDerivation", "generate_key_derivation failed", nil)`
feat(crypto): key derivation, one-time addresses, and key images Add ECDH shared secret, ephemeral key derivation (DerivePublicKey, DeriveSecretKey), and key image generation/validation to the CGo bridge. Tests verify ECDH commutativity, output scanning round-trip, and key image determinism. Co-Authored-By: Charon <charon@lethean.io> 2026-02-20 18:28:43 +00:00			`}`
			`return d, nil`
			`}`

			`// DerivePublicKey derives an ephemeral public key for a transaction output.`
			`func DerivePublicKey(derivation [32]byte, index uint64, base [32]byte) ([32]byte, error) {`
			`var derived [32]byte`
			`rc := C.cn_derive_public_key(`
			`(*C.uint8_t)(unsafe.Pointer(&derivation[0])),`
			`C.uint64_t(index),`
			`(*C.uint8_t)(unsafe.Pointer(&base[0])),`
			`(*C.uint8_t)(unsafe.Pointer(&derived[0])),`
			`)`
			`if rc != 0 {`
refactor: complete coreerr.E() conversion across all packages Convert all remaining fmt.Errorf and errors.New in production code to coreerr.E(). Covers crypto/ (keygen, signature, clsag, keyimage, pow), consensus/block, and chain/ring. Only sentinel error definitions in errors.go and varint.go retain errors.New (correct usage). Co-Authored-By: Charon <charon@lethean.io> 2026-03-16 23:42:51 +00:00			`return derived, coreerr.E("DerivePublicKey", "derive_public_key failed", nil)`
feat(crypto): key derivation, one-time addresses, and key images Add ECDH shared secret, ephemeral key derivation (DerivePublicKey, DeriveSecretKey), and key image generation/validation to the CGo bridge. Tests verify ECDH commutativity, output scanning round-trip, and key image determinism. Co-Authored-By: Charon <charon@lethean.io> 2026-02-20 18:28:43 +00:00			`}`
			`return derived, nil`
			`}`

			`// DeriveSecretKey derives the ephemeral secret key for a received output.`
			`func DeriveSecretKey(derivation [32]byte, index uint64, base [32]byte) ([32]byte, error) {`
			`var derived [32]byte`
			`rc := C.cn_derive_secret_key(`
			`(*C.uint8_t)(unsafe.Pointer(&derivation[0])),`
			`C.uint64_t(index),`
			`(*C.uint8_t)(unsafe.Pointer(&base[0])),`
			`(*C.uint8_t)(unsafe.Pointer(&derived[0])),`
			`)`
			`if rc != 0 {`
refactor: complete coreerr.E() conversion across all packages Convert all remaining fmt.Errorf and errors.New in production code to coreerr.E(). Covers crypto/ (keygen, signature, clsag, keyimage, pow), consensus/block, and chain/ring. Only sentinel error definitions in errors.go and varint.go retain errors.New (correct usage). Co-Authored-By: Charon <charon@lethean.io> 2026-03-16 23:42:51 +00:00			`return derived, coreerr.E("DeriveSecretKey", "derive_secret_key failed", nil)`
feat(crypto): key derivation, one-time addresses, and key images Add ECDH shared secret, ephemeral key derivation (DerivePublicKey, DeriveSecretKey), and key image generation/validation to the CGo bridge. Tests verify ECDH commutativity, output scanning round-trip, and key image determinism. Co-Authored-By: Charon <charon@lethean.io> 2026-02-20 18:28:43 +00:00			`}`
			`return derived, nil`
			`}`