crypto

package
v6.0.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 2, 2020 License: BSD-3-Clause Imports: 10 Imported by: 3

README

Virgil crypto

This README describes how to manage a new version of Virgil crypto.

Package structure

  • The current folder contains adopted cryptography functions for common cases.
  • The wrapper folder contains the C wrapper, pre-build libraries and build scripts.
    • foundation, phe, ratchet are auto generated libraries from Virgil crypto C.
    • build folder contains docker files and scripts for build pre-build C libs.
    • pkg folder contains pre-build C libs for different platforms.

Update auto generated libraries

Copy everything from the ./wrapper/go/* folder in https://github.com/VirgilSecurity/virgil-crypto-c and paste it into the ./crypto/wrapper.

Update pre-build libraries

The following command only updates a local version of the Virgil GO SDK. After, you have to run tests and commit changes.

Requirements
Mac OS

Execute the script from the root of the project

> BRANCH={VIRGIL_CRYPTO_C_BRANCH} ./crypto/wrapper/build/build_c_crypto.sh
Linux

Supports two versions:

  • for old linux kernel (old version of compiler)
  • and modern linux version.
Legacy linux
Native

To support older version amd64 gcc < 5 and clang < 7 with 2.14 Linux kernel, execute the following script from the root of project

> BRANCH={VIRGIL_CRYPTO_C_BRANCH} PREBUILD_SUFIX=__legacy_os ./crypto/wrapper/build/build_c_crypto.sh
Via docker
  • Build docker image
    • navigate to ./crypto/wrapper/build
    • build docker build -t ccrypto -f Dockerfile_legacy. image
  • Build pre-build libraries
    • run docker from the root project docker run -it --rm -v $PWD:/app ccrypto bash
    • run pip install protobuf command inside a docker container
    • run BRANCH={VIRGIL_CRYPTO_C_BRANCH} /app/crypto/wrapper/build/build_c_crypto.sh script inside a docker container
Modern linux
Native

Execute the following script from the root of the project

> BRANCH={VIRGIL_CRYPTO_C_BRANCH} ./crypto/wrapper/build/build_c_crypto.sh
Via docker
  • Build docker image
    • Go to ./crypto/wrapper/build
    • build image docker build -t ccrypto .
  • Build pre-build libraries
    • run docker from root project docker run -it --rm -v $PWD:/app ccrypto bash
    • inside docker container BRANCH={VIRGIL_CRYPTO_C_BRANCH} /app/crypto/wrapper/build/build_c_crypto.sh
Windows

Execute the following script from the root of the project

> ./crypto/wrapper/build/build_c_crypto.ps1 -branch={VIRGIL_CRYPTO_C_BRANCH}

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrUnsupportedKeyType  = errors.New("unsupported key types")
	ErrUnsupportedHashType = errors.New("unsupported hash types")
	ErrStreamSizeIncorrect = errors.New("stream size should be greater 0")
	ErrInvalidSeedSize     = fmt.Errorf("invalid seed size (expected %d < x < %d)",
		foundation.KeyMaterialRngKeyMaterialLenMin,
		foundation.KeyMaterialRngKeyMaterialLenMax,
	)
	ErrUnsupportedParameter = errors.New("unsupported function parameter")
	ErrSignVerification     = errors.New("sign verification failed")
	ErrSignNotFound         = errors.New("signature not found")
)

crypto errors

Functions

func NopWriteCloser

func NopWriteCloser(w io.Writer) io.WriteCloser

Types

type Crypto

type Crypto struct {
	KeyType               KeyType
	UseSha256Fingerprints bool
}

func (*Crypto) Decrypt

func (c *Crypto) Decrypt(data []byte, key PrivateKey) ([]byte, error)

func (*Crypto) DecryptAndVerify

func (c *Crypto) DecryptAndVerify(data []byte, decryptionKey PrivateKey, verifierKeys ...PublicKey) (_ []byte, err error)

func (*Crypto) DecryptStream

func (c *Crypto) DecryptStream(in io.Reader, out io.Writer, key PrivateKey) (err error)

func (*Crypto) DecryptThenVerify

func (c *Crypto) DecryptThenVerify(
	data []byte,
	decryptionKey PrivateKey,
	verifierKeys ...PublicKey,
) (_ []byte, err error)

func (*Crypto) DecryptThenVerifyStream

func (c *Crypto) DecryptThenVerifyStream(
	in io.Reader,
	out io.Writer,
	decryptionKey PrivateKey,
	verifierKeys ...PublicKey,
) error

func (*Crypto) Encrypt

func (c *Crypto) Encrypt(data []byte, recipients ...PublicKey) ([]byte, error)

func (*Crypto) EncryptStream

func (c *Crypto) EncryptStream(in io.Reader, out io.Writer, recipients ...PublicKey) (err error)

func (*Crypto) EncryptStreamWithPadding

func (c *Crypto) EncryptStreamWithPadding(in io.Reader, out io.Writer, padding bool, recipients ...PublicKey) (err error)

func (*Crypto) EncryptWithPadding

func (c *Crypto) EncryptWithPadding(data []byte, padding bool, recipients ...PublicKey) ([]byte, error)

func (*Crypto) ExportPrivateKey

func (c *Crypto) ExportPrivateKey(key PrivateKey) ([]byte, error)

func (*Crypto) ExportPublicKey

func (c *Crypto) ExportPublicKey(key PublicKey) ([]byte, error)

func (*Crypto) ExtractPublicKey

func (c *Crypto) ExtractPublicKey(key PrivateKey) (PublicKey, error)

func (*Crypto) GenerateKeypair

func (c *Crypto) GenerateKeypair() (PrivateKey, error)

func (*Crypto) GenerateKeypairForType

func (c *Crypto) GenerateKeypairForType(t KeyType) (PrivateKey, error)

func (*Crypto) GenerateKeypairFromKeyMaterial

func (c *Crypto) GenerateKeypairFromKeyMaterial(keyMaterial []byte) (PrivateKey, error)

func (*Crypto) GenerateKeypairFromKeyMaterialForType

func (c *Crypto) GenerateKeypairFromKeyMaterialForType(t KeyType, keyMaterial []byte) (PrivateKey, error)

func (*Crypto) Hash

func (c *Crypto) Hash(data []byte, t HashType) ([]byte, error)

func (*Crypto) ImportPrivateKey

func (c *Crypto) ImportPrivateKey(data []byte) (PrivateKey, error)

func (*Crypto) ImportPublicKey

func (c *Crypto) ImportPublicKey(data []byte) (PublicKey, error)

func (*Crypto) Random

func (c *Crypto) Random(len int) ([]byte, error)

func (*Crypto) Sign

func (c *Crypto) Sign(data []byte, signer PrivateKey) ([]byte, error)

func (*Crypto) SignAndEncrypt

func (c *Crypto) SignAndEncrypt(data []byte, signer PrivateKey, recipients ...PublicKey) (_ []byte, err error)

func (*Crypto) SignAndEncryptWithPadding

func (c *Crypto) SignAndEncryptWithPadding(data []byte, signer PrivateKey, padding bool, recipients ...PublicKey) (_ []byte, err error)

func (*Crypto) SignStream

func (c *Crypto) SignStream(in io.Reader, signer PrivateKey) ([]byte, error)

func (*Crypto) SignThenEncrypt

func (c *Crypto) SignThenEncrypt(data []byte, signer PrivateKey, recipients ...PublicKey) ([]byte, error)

func (*Crypto) SignThenEncryptStream

func (c *Crypto) SignThenEncryptStream(
	in io.Reader,
	out io.Writer,
	streamSize int,
	signer PrivateKey,
	recipients ...PublicKey,
) (err error)

func (*Crypto) SignThenEncryptStreamWithPadding

func (c *Crypto) SignThenEncryptStreamWithPadding(
	in io.Reader,
	out io.Writer,
	streamSize int,
	signer PrivateKey,
	padding bool,
	recipients ...PublicKey,
) (err error)

func (*Crypto) SignThenEncryptWithPadding

func (c *Crypto) SignThenEncryptWithPadding(data []byte, signer PrivateKey, padding bool, recipients ...PublicKey) ([]byte, error)

func (*Crypto) VerifySignature

func (c *Crypto) VerifySignature(data []byte, signature []byte, key PublicKey) error

func (*Crypto) VerifyStream

func (c *Crypto) VerifyStream(in io.Reader, signature []byte, key PublicKey) error

type DecryptReader

type DecryptReader struct {
	// contains filtered or unexported fields
}

func NewDecryptReader

func NewDecryptReader(r io.Reader, cipher *foundation.RecipientCipher) *DecryptReader

func (*DecryptReader) Read

func (dr *DecryptReader) Read(d []byte) (int, error)

type EncryptWriter

type EncryptWriter struct {
	// contains filtered or unexported fields
}

func NewEncryptWriter

func NewEncryptWriter(w io.WriteCloser, cipher *foundation.RecipientCipher) *EncryptWriter

func (*EncryptWriter) Close

func (sw *EncryptWriter) Close() error

func (*EncryptWriter) Write

func (sw *EncryptWriter) Write(d []byte) (int, error)

type HashType

type HashType int
const (
	DefaultHashType HashType = iota
	Sha224
	Sha256
	Sha384
	Sha512
)

type KeyType

type KeyType int
const (
	DefaultKeyType KeyType = iota
	RSA_2048
	RSA_3072
	RSA_4096
	RSA_8192
	EC_SECP256R1
	EC_SECP384R1
	EC_SECP521R1
	EC_BP256R1
	EC_BP384R1
	EC_BP512R1
	EC_SECP256K1
	EC_CURVE25519
	FAST_EC_X25519
	FAST_EC_ED25519
	CURVE25519_ED25519
	CURVE25519Round5_ED25519Falcon
)

nolint: golint

type PrivateKey

type PrivateKey interface {
	Identifier() []byte
	PublicKey() PublicKey
}

type PublicKey

type PublicKey interface {
	Export() ([]byte, error)
	Identifier() []byte
}

Directories

Path Synopsis
wrapper
phe

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL