tka,types/key: implement direct node-key signatures

Signed-off-by: Tom DNetto <tom@tailscale.com>

types/key/node.go

@@ -10,6 +10,7 @@ import (
 	"crypto/subtle"
 	"encoding/hex"
 	"errors"
+	"fmt"
 
 	"go4.org/mem"
 	"golang.org/x/crypto/curve25519"
@@ -34,6 +35,10 @@ const (
 	// changed.
 	nodePublicHexPrefix = "nodekey:"
 
+	// nodePublicBinaryPrefix is the prefix used to identify a
+	// binary-encoded node public key.
+	nodePublicBinaryPrefix = "np"
+
 	// NodePublicRawLen is the length in bytes of a NodePublic, when
 	// serialized with AppendTo, Raw32 or WriteRawWithoutAllocating.
 	NodePublicRawLen = 32
@@ -297,6 +302,28 @@ func (k *NodePublic) UnmarshalText(b []byte) error {
 	return parseHex(k.k[:], mem.B(b), mem.S(nodePublicHexPrefix))
 }
 
+// MarshalBinary implements encoding.BinaryMarshaler.
+func (k NodePublic) MarshalBinary() (data []byte, err error) {
+	b := make([]byte, len(nodePublicBinaryPrefix)+NodePublicRawLen)
+	copy(b[:len(nodePublicBinaryPrefix)], nodePublicBinaryPrefix)
+	copy(b[len(nodePublicBinaryPrefix):], k.k[:])
+	return b, nil
+}
+
+// UnmarshalBinary implements encoding.BinaryUnmarshaler.
+func (k *NodePublic) UnmarshalBinary(in []byte) error {
+	data := mem.B(in)
+	if !mem.HasPrefix(data, mem.S(nodePublicBinaryPrefix)) {
+		return fmt.Errorf("missing/incorrect type prefix %s", nodePublicBinaryPrefix)
+	}
+	if want, got := len(nodePublicBinaryPrefix)+NodePublicRawLen, data.Len(); want != got {
+		return fmt.Errorf("incorrect len for NodePublic (%d != %d)", got, want)
+	}
+
+	data.SliceFrom(len(nodePublicBinaryPrefix)).Copy(k.k[:])
+	return nil
+}
+
 // WireGuardGoString prints k in the same format used by wireguard-go.
 func (k NodePublic) WireGuardGoString() string {
 	// This implementation deliberately matches the overly complicated