Documentation ¶
Overview ¶
Package crypto implements the cryptographic methods needed by the service.
The crypto object has to be initialized with crypto.New(MAIN_KEY, RANDOM_SOURCE).
The main porpuse of this package is to handle the main key, create short living poll keys and decrypt single votes that where encrypted with this poll key.
This package uses x25519 for decryption and ed25519 for signing.
Index ¶
- func Encrypt(random io.Reader, curve ecdh.Curve, publicPollKey []byte, plaintext []byte) ([]byte, error)
- func Verify(pubKey, message, signature []byte) bool
- type Crypto
- func (c Crypto) CreatePollKey() ([]byte, error)
- func (c Crypto) Decrypt(privateKey []byte, ciphertext []byte) ([]byte, error)
- func (c Crypto) PublicMainKey() []byte
- func (c Crypto) PublicPollKey(privateKey []byte) (pubKey []byte, pubKeySig []byte, err error)
- func (c Crypto) Sign(value []byte) []byte
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Encrypt ¶
func Encrypt(random io.Reader, curve ecdh.Curve, publicPollKey []byte, plaintext []byte) ([]byte, error)
Encrypt creates a cyphertext from plaintext using the given public key.
This function is not needed or used by the decrypt service. It is only implemented in this package for debugging and testing.
It creates a new shared key by creating a new random private key and the given public key.
It returns the created public key (32 byte) the noonce (12 byte) and the encrypted value of the given plaintext.
Types ¶
type Crypto ¶
type Crypto struct {
// contains filtered or unexported fields
}
Crypto implements all cryptographic functions needed for the decrypt service.
func New ¶
New initializes a Crypto object with a main key and a random source.
mainKey has to be a 32 byte slice that represents a ed25519 key.
curve is the ecdh curve to use. If set the nil, it uses x25519.
func (Crypto) CreatePollKey ¶
CreatePollKey creates a new keypair for a poll.
This implementation returns the first 32 bytes from the random source.
func (Crypto) Decrypt ¶
Decrypt returned the plaintext from value using the key.
ciphertext contains three values. The first 32 bytes is the public empheral key from the client. The next 12 byte is the used nonce for aes-gcm. All later bytes are the encrypted vote.
This function uses x25519 as described in rfc 7748. It uses hkdf with sha256 for the key derivation.
func (Crypto) PublicMainKey ¶
PublicMainKey returns the public key for the private main key.
func (Crypto) PublicPollKey ¶
PublicPollKey returns the public poll key and the signature for the given key.