Documentation
¶
Index ¶
- Variables
- func DecryptWithEd25519(t ed25519.PrivateKey, context string, ciphertext []byte) ([]byte, error)
- func DecryptWithPrivKey(privKey crypto.PrivKey, context string, ciphertext []byte) ([]byte, error)
- func DecryptWithRSA(t *rsa.PrivateKey, context string, ciphertext []byte) ([]byte, error)
- func DeriveEd25519Key(context string, privKey crypto.PrivKey) (crypto.PrivKey, crypto.PubKey, error)
- func DeriveKey(context string, privKey crypto.PrivKey, out []byte) error
- func EncryptToEd25519(t ed25519.PublicKey, context string, msgSrc []byte) ([]byte, error)
- func EncryptToPubKey(pubKey crypto.PubKey, context string, msgSrc []byte) ([]byte, error)
- func EncryptToRSA(t *rsa.PublicKey, context string, msgSrc []byte) ([]byte, error)
- func IDB58Encode(id ID) string
- func NewNetAddr(pid ID) net.Addr
- type GetPeer
- type GetPeerResolver
- type GetPeerValue
- type ID
- type NetAddr
- type Peer
- type Signature
- func (m *Signature) CloneGenericVT() proto.Message
- func (m *Signature) CloneVT() *Signature
- func (*Signature) Descriptor() ([]byte, []int)deprecated
- func (this *Signature) EqualVT(that *Signature) bool
- func (x *Signature) GetHashType() hash.HashType
- func (x *Signature) GetPubKey() []byte
- func (x *Signature) GetSigData() []byte
- func (m *Signature) MarshalToSizedBufferVT(dAtA []byte) (int, error)
- func (m *Signature) MarshalToVT(dAtA []byte) (int, error)
- func (m *Signature) MarshalVT() (dAtA []byte, err error)
- func (s *Signature) ParsePubKey() (crypto.PubKey, error)
- func (*Signature) ProtoMessage()
- func (x *Signature) ProtoReflect() protoreflect.Message
- func (x *Signature) Reset()
- func (m *Signature) SizeVT() (n int)
- func (x *Signature) String() string
- func (m *Signature) UnmarshalVT(dAtA []byte) error
- func (s *Signature) Validate() error
- func (s *Signature) VerifyWithPublic(pubKey crypto.PubKey, data []byte) (bool, error)
- type SignedMsg
- func (m *SignedMsg) CloneGenericVT() proto.Message
- func (m *SignedMsg) CloneVT() *SignedMsg
- func (m *SignedMsg) ComputeMessageID() string
- func (*SignedMsg) Descriptor() ([]byte, []int)deprecated
- func (this *SignedMsg) EqualVT(that *SignedMsg) bool
- func (m *SignedMsg) ExtractAndVerify() (crypto.PubKey, ID, error)
- func (m *SignedMsg) ExtractPubKey() (crypto.PubKey, ID, error)
- func (x *SignedMsg) GetData() []byte
- func (x *SignedMsg) GetFromPeerId() string
- func (x *SignedMsg) GetSignature() *Signature
- func (m *SignedMsg) MarshalToSizedBufferVT(dAtA []byte) (int, error)
- func (m *SignedMsg) MarshalToVT(dAtA []byte) (int, error)
- func (m *SignedMsg) MarshalVT() (dAtA []byte, err error)
- func (m *SignedMsg) ParseFromPeerID() (ID, error)
- func (*SignedMsg) ProtoMessage()
- func (x *SignedMsg) ProtoReflect() protoreflect.Message
- func (x *SignedMsg) Reset()
- func (m *SignedMsg) Sign(privKey crypto.PrivKey, hashType hash.HashType) error
- func (m *SignedMsg) SizeVT() (n int)
- func (x *SignedMsg) String() string
- func (m *SignedMsg) UnmarshalVT(dAtA []byte) error
- func (m *SignedMsg) Validate() error
- func (m *SignedMsg) Verify(pubKey crypto.PubKey) error
Constants ¶
This section is empty.
Variables ¶
var ( // ErrEmptyPeerID is returned if the peer id cannot be empty. ErrEmptyPeerID = errors.New("peer id cannot be empty") // ErrBodyEmpty is returned if the message body was empty. ErrBodyEmpty = errors.New("message body cannot be empty") // ErrSignatureInvalid is returned for an invalid signature. ErrSignatureInvalid = errors.New("message signature invalid") // ErrShortMessage is returned if a message is too short. ErrShortMessage = errors.New("message too short") // ErrNoPrivKey is returned if the private key is not available. ErrNoPrivKey = errors.New("private key not available for peer") )
var ( ErrInvalidLength = fmt.Errorf("proto: negative length found during unmarshaling") ErrIntOverflow = fmt.Errorf("proto: integer overflow") ErrUnexpectedEndOfGroup = fmt.Errorf("proto: unexpected end of group") )
var File_github_com_aperturerobotics_bifrost_peer_peer_proto protoreflect.FileDescriptor
Functions ¶
func DecryptWithEd25519 ¶
DecryptWithEd25519 decrypts with a ed25519 key using curve25519.
generate msgPubKey aes256 key: blake3(context + encPubKey + ciphertext[:4]) decrypt msgPubKey from ciphertext[4:][:32] convert privKey to curve25519 public + private derive the shared secret with (privKey, msgPubKey) use blake3(msgPubKey)[:24] as the message nonce
ciphertext: msgNonce[:4] + aes256(msgPubKey) + chacha20poly1305(s2(message)) context and destination public key must be the same as when encrypting
func DecryptWithPrivKey ¶
DecryptWithPrivKey decrypts with the given private key.
Supported types: Ed25519, RSA Context must be same as when encrypting.
func DecryptWithRSA ¶
DecryptWithRSA decrypts a message with a RSA private key.
context must be the same as at encrypt time
func DeriveEd25519Key ¶
func DeriveEd25519Key(context string, privKey crypto.PrivKey) (crypto.PrivKey, crypto.PubKey, error)
DeriveEd25519Key derives a ed25519 private key from an existing private key.
The context string will be mixed to determine which key is generated. Not all private key types are supported.
func DeriveKey ¶
DeriveKey derives a crypto key using a private key.
Not all private key types are supported. Context string must be unique to the situation. Data is written to out.
func EncryptToEd25519 ¶
EncryptToEd25519 encrypts to a ed25519 key using curve25519.
convert destination key to curve25519 mix pub key into seed: blake3(context + msgSrc + encPubKey) generate the message priv key (ed25519) from seed derive the curve25519 public key from the message priv key use blake3(msgPubkeyCurve25519)[:24] as the message nonce generate msgPubKey aes256 key: blake3(context + encPubKey + msgNonce[:4])
ciphertext: msgNonce[:4] + aes256(msgPubKey) + chacha20poly1305(s2(message)) context and destination public key must be the same when decrypting
func EncryptToPubKey ¶
EncryptToPubKey encrypts a message to a public key.
Supported types: Ed25519, RSA Context must be same whem decrypting, optional.
func EncryptToRSA ¶
EncryptToRSA encrypts a message to a RSA public key.
marshal public key to pkix derive 32byte message key with blake3(context + msgSrc + pubPkix) derive 32byte message nonce with blake3(context + msgKey + pubPkix) compress message with s2 (snappy2) encrypt message with chacha20-poly1305
ciphertext: oaep(message-key) + chacha20poly1305(s2(msgSrc))
context must be the same at decrypt time
func NewNetAddr ¶
NewNetAddr constructs a new net.Addr from a peer ID.
Types ¶
type GetPeer ¶
type GetPeer interface {
// Directive indicates GetPeer is a directive.
directive.Directive
// GetPeerIDConstraint returns a specific peer ID node we are looking for.
// If empty, any node is matched.
GetPeerIDConstraint() ID
}
GetPeer is a directive to lookup a peer on a controller.
type GetPeerResolver ¶
type GetPeerResolver struct {
// contains filtered or unexported fields
}
GetPeerResolver resolves the GetPeer directive
func NewGetPeerResolver ¶
func NewGetPeerResolver( directive GetPeer, peer Peer, ) *GetPeerResolver
NewGetPeerResolver constructs a new GetPeer resolver
func (*GetPeerResolver) Resolve ¶
func (c *GetPeerResolver) Resolve(ctx context.Context, valHandler directive.ResolverHandler) error
Resolve resolves the values.
type ID ¶
ID is a peer identifier.
func IDFromBytes ¶
IDFromBytes cast a string to ID type, and validate the id to make sure it is a multihash.
func IDFromPrivateKey ¶
IDFromPrivateKey returns the Peer ID corresponding to sk
type NetAddr ¶
type NetAddr struct {
// contains filtered or unexported fields
}
NetAddr matches net.Addr with a peer ID
type Peer ¶
type Peer interface {
// GetPeerID returns the peer ID.
GetPeerID() ID
// GetPubKey returns the public key of the peer.
GetPubKey() crypto.PubKey
// GetPrivKey returns the private key.
// This may require an extra lookup operation.
// Returns ErrNoPrivKey if the private key is unavailable.
GetPrivKey(ctx context.Context) (crypto.PrivKey, error)
}
Peer is the common interface for a keypair-based identity.
func GetPeerWithID ¶
func GetPeerWithID( ctx context.Context, b bus.Bus, peerIDConstraint ID, ) (Peer, directive.Reference, error)
GetPeerWithID gets a peer. If peer ID is empty, selects any peer.
func NewPeer ¶
NewPeer builds a new Peer object with a private key. If privKey is nil, one will be generated.
func NewPeerWithID ¶ added in v0.7.3
NewPeerWithID constructs a new Peer by extracting the pubkey from the ID.
type Signature ¶
type Signature struct {
// PubKey is the public key of the peer.
// May be empty if the public key is to be inferred from context.
PubKey []byte `protobuf:"bytes,1,opt,name=pub_key,json=pubKey,proto3" json:"pub_key,omitempty"`
// HashType is the hash type used to hash the data.
// The signature is then of the hash bytes (usually 32).
HashType hash.HashType `protobuf:"varint,2,opt,name=hash_type,json=hashType,proto3,enum=hash.HashType" json:"hash_type,omitempty"`
// SigData contains the signature data.
// The format is defined by the key type.
SigData []byte `protobuf:"bytes,3,opt,name=sig_data,json=sigData,proto3" json:"sig_data,omitempty"`
// contains filtered or unexported fields
}
Signature contains a signature by a peer.
func NewSignature ¶
func NewSignature( privKey crypto.PrivKey, hashType hash.HashType, data []byte, inclPubKey bool, ) (*Signature, error)
NewSignature constructs a signature.
func NewSignatureWithHashedData ¶ added in v0.8.7
func NewSignatureWithHashedData( privKey crypto.PrivKey, hashType hash.HashType, hashData []byte, inclPubKey bool, ) (*Signature, error)
NewSignatureWithHashedData builds a new signature with already-hashed data. Skips the hash step.
func (*Signature) CloneGenericVT ¶ added in v0.8.3
func (*Signature) Descriptor
deprecated
func (*Signature) GetHashType ¶
func (*Signature) GetSigData ¶
func (*Signature) MarshalToSizedBufferVT ¶ added in v0.2.0
func (*Signature) MarshalToVT ¶ added in v0.2.0
func (*Signature) ParsePubKey ¶
ParsePubKey parses the incldued public key. Returns nil, nil if the pub key field was not set.
func (*Signature) ProtoMessage ¶
func (*Signature) ProtoMessage()
func (*Signature) ProtoReflect ¶ added in v0.2.0
func (x *Signature) ProtoReflect() protoreflect.Message
func (*Signature) UnmarshalVT ¶ added in v0.2.0
type SignedMsg ¶
type SignedMsg struct {
// FromPeerId is the peer identifier of the sender.
FromPeerId string `protobuf:"bytes,1,opt,name=from_peer_id,json=fromPeerId,proto3" json:"from_peer_id,omitempty"`
// Signature is the sender signature.
// Should not contain PubKey, which is inferred from peer id.
Signature *Signature `protobuf:"bytes,2,opt,name=signature,proto3" json:"signature,omitempty"`
// Data is the PubMessageInner data.
Data []byte `protobuf:"bytes,3,opt,name=data,proto3" json:"data,omitempty"`
// contains filtered or unexported fields
}
SignedMsg is a message from a peer with a signature.
func NewSignedMsg ¶
func NewSignedMsg( privKey crypto.PrivKey, hashType hash.HashType, innerData []byte, ) (*SignedMsg, error)
NewSignedMsg constructs/signs/encodes a new signed message.
func UnmarshalSignedMsg ¶
UnmarshalSignedMsg parses a signed message.
func (*SignedMsg) CloneGenericVT ¶ added in v0.8.3
func (*SignedMsg) ComputeMessageID ¶
ComputeMessageID computes a message id for a signed message.
func (*SignedMsg) Descriptor
deprecated
func (*SignedMsg) ExtractAndVerify ¶
ExtractAndVerify extracts public key & uses it to verify message
func (*SignedMsg) ExtractPubKey ¶
ExtractPubKey extracts the public key from the peer id.
func (*SignedMsg) GetFromPeerId ¶
func (*SignedMsg) GetSignature ¶
func (*SignedMsg) MarshalToSizedBufferVT ¶ added in v0.2.0
func (*SignedMsg) MarshalToVT ¶ added in v0.2.0
func (*SignedMsg) ParseFromPeerID ¶
ParseFromPeerID unmarshals the peer id.
func (*SignedMsg) ProtoMessage ¶
func (*SignedMsg) ProtoMessage()
func (*SignedMsg) ProtoReflect ¶ added in v0.2.0
func (x *SignedMsg) ProtoReflect() protoreflect.Message
Source Files
Directories