Documentation
¶
Overview ¶
Package curve25519 implements the unauthenticated public-key encryption scheme.
Only the recipient can decrypt the message using the corresponding private key. While the recipient can verify the integrity of the message, it cannot verify the identity of the sender.
Sender anonymously encrypts the message using the recipient's public key (PK) and the ephemeral key-pair (EPK, ESK) whose secret part is used only for computing the shared key and only once per encryption. Ephemeral secret key is neither stored nor transmitted anywhere and is destroyed after the encryption has finished.
XChaCha20-Poly1305 is used for AEAD. Additional data (AD) for the AEAD is composed via concatenating PK and EPK. Shared key computed using Curve25519 is used as the initial key material for HKDF. Additional data is used as salt. Key and nonce for XChaCha20-Poly1305 are generated via HKDF.
Additional data is concatenated with the resulting ciphertext. Public key is stored alongside the encrypted message to simplify the search of the corresponding private key performed by the recipient.
Ephemeral key pair is generated every time the encryption is called. Thus, a new key pair will be generated for the same plaintext every time the encryption is called.
Generating ephemeral keys for every encrypting operation guarantees uniqueness of derived keys and nonce.
Resulting message structure:
[Header:1||EPK:32||ciphertext] EPK - Ephemeral public key
Index ¶
Constants ¶
const (
// KeySize is the size, in bytes, of public and private keys
KeySize = 32
)
Variables ¶
This section is empty.
Functions ¶
func GenerateKeys ¶
GenerateKeys creates a public/private key pair
func New ¶
func New(publicKey, privateKey []byte) crypto.EncryptDecrypter
New returns a new instance of the encryptDecrypter
Types ¶
This section is empty.
Source Files