sign

Cryptographically signs an input with the provided key.

signpublic-key, private-key, datadeclaration

signprivate-key, public-key, datadeclaration

signkey-pair, datadeclaration

name	type	description
key-pair	`SignatureKeyPair`	A key pair containing the public and private keys with which to sign `data`.
public-key	`PublicKey`	The public key of the person wishing to sign `data`.
private-key	`PrivateKey`	The private key of the person wishing to sign `data`.
data	`Message` `Declaration`	Data to be signed.
declaration	`Declaration`	Encapsulates the elements of a digital signature. Contains fields `data`, `signatures`, and `signatories`. Use with `verify`.

sign is a generic function accepting signing keys and data to return a cryptographic signature. sign and its counterpart verify form a pair of opposing operations.

sign returns an instance of Declaration, a wrapper that holds the signed data, the public keys of the signatories, and the ed25519 signatures. This class is suitable for verify.

sign expects data to be either an instance of Message or Declaration:

When given a Declaration, sign appends a signature to the existing lists.
When given a Message, sign generates a new Declaration.

You may format the data of a Declaration via the instance method Declaration.to.

Warning: Encryption key pairs are incompatible with sign and causes sign to throw.

Examples

Single Signature

Provide a Message instance to the data argument and sign generates a new Declaration.

import {confidential} from "panda-confidential"
{sign, Message} = confidential()

import {send, keyPairLookup} from "my-library"

do ->
  alice = keyPairLookup "Alice/signature"
  data = Message.from "utf8", "Hello, World!"

  declaration = sign alice, data

  # You may serialize with the instance method `to`
  send "Bob", declaration.to "base64"

Multiple Signatures

sign supports multiple signatories. Provide a Declaration instance to the data argument and sign appends the signature to the existing list.

import assert from "assert"
import {confidential} from "panda-confidential"
{sign, Declaration} = confidential()
import {send, receive, keyPairLookup} from "my-library"

do ->
  # You may hydrate a Declaration instance with the static method `from`
  greeting = Declaration.from "base64", receive "Bob"

  # add Bob's signature
  bob = keyPairLookup "Bob/signature"
  greeting = sign bob, greeting

  # sign appends to the lists signatures and signatories
  assert.equal greeting.signatures.length, 2
  assert.equal greeting.signatories.length, 2

  # You may serialize with the instance method `to`
  send "Charlotte", declaration.to "base64"