crypto

package
v0.22.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 10, 2018 License: Apache-2.0 Imports: 21 Imported by: 0

README

crypto

crypto is the cryptographic package adapted for Tendermint's uses

Importing it

import "github.com/tendermint/tendermint/crypto"

Binary encoding

For Binary encoding, please refer to the Tendermint encoding spec.

JSON Encoding

crypto .Bytes() uses Amino:binary encoding, but Amino:JSON is also supported.

Example Amino:JSON encodings:

crypto.PrivKeyEd25519     - {"type":"954568A3288910","value":"EVkqJO/jIXp3rkASXfh9YnyToYXRXhBr6g9cQVxPFnQBP/5povV4HTjvsy530kybxKHwEi85iU8YL0qQhSYVoQ=="}
crypto.SignatureEd25519   - {"type":"6BF5903DA1DB28","value":"77sQNZOrf7ltExpf7AV1WaYPCHbyRLgjBsoWVzcduuLk+jIGmYk+s5R6Emm29p12HeiNAuhUJgdFGmwkpeGJCA=="}
crypto.PubKeyEd25519      - {"type":"AC26791624DE60","value":"AT/+aaL1eB0477Mud9JMm8Sh8BIvOYlPGC9KkIUmFaE="}
crypto.PrivKeySecp256k1   - {"type":"019E82E1B0F798","value":"zx4Pnh67N+g2V+5vZbQzEyRerX9c4ccNZOVzM9RvJ0Y="}
crypto.SignatureSecp256k1 - {"type":"6D1EA416E1FEE8","value":"MEUCIQCIg5TqS1l7I+MKTrSPIuUN2+4m5tA29dcauqn3NhEJ2wIgICaZ+lgRc5aOTVahU/XoLopXKn8BZcl0bnuYWLvohR8="}
crypto.PubKeySecp256k1    - {"type":"F8CCEAEB5AE980","value":"A8lPKJXcNl5VHt1FK8a244K9EJuS4WX1hFBnwisi0IJx"}

Documentation

Overview

Ripemd160

sum := crypto.Ripemd160([]byte("This is consensus"))
fmt.Printf("%x\n", sum)

Index

Examples

Constants

View Source
const PubKeyEd25519Size = 32
View Source
const PubKeySecp256k1Size = 33
View Source
const SignatureEd25519Size = 64
View Source
const Version = "0.9.0-dev"

Variables

This section is empty.

Functions

func CRandBytes

func CRandBytes(numBytes int) []byte

This uses the OS and the Seed(s).

func CRandHex

func CRandHex(numDigits int) string

CRandHex returns a hex encoded string that's floor(numDigits/2) * 2 long.

Note: CRandHex(24) gives 96 bits of randomness that are usually strong enough for most purposes.

func CReader

func CReader() io.Reader

Returns a crand.Reader mixed with user-supplied entropy

func DecodeArmor

func DecodeArmor(armorStr string) (blockType string, headers map[string]string, data []byte, err error)

func DecryptSymmetric

func DecryptSymmetric(ciphertext []byte, secret []byte) (plaintext []byte, err error)

secret must be 32 bytes long. Use something like Sha256(Bcrypt(passphrase)) The ciphertext is (secretbox.Overhead + 24) bytes longer than the plaintext.

func EncodeArmor

func EncodeArmor(blockType string, headers map[string]string, data []byte) string

func EncryptSymmetric

func EncryptSymmetric(plaintext []byte, secret []byte) (ciphertext []byte)

secret must be 32 bytes long. Use something like Sha256(Bcrypt(passphrase)) The ciphertext is (secretbox.Overhead + 24) bytes longer than the plaintext. NOTE: call crypto.MixEntropy() first.

func MixEntropy

func MixEntropy(seedBytes []byte)

Mix additional bytes of randomness, e.g. from hardware, user-input, etc. It is OK to call it multiple times. It does not diminish security.

func RegisterAmino

func RegisterAmino(cdc *amino.Codec)

RegisterAmino registers all crypto related types in the given (amino) codec.

func Ripemd160

func Ripemd160(bytes []byte) []byte
Example
package main

import (
	"fmt"

	"github.com/tendermint/tendermint/crypto"
)

func main() {
	sum := crypto.Ripemd160([]byte("This is Tendermint"))
	fmt.Printf("%x\n", sum)
}
Output:

051e22663e8f0fd2f2302f1210f954adff009005

func Sha256

func Sha256(bytes []byte) []byte
Example
package main

import (
	"fmt"

	"github.com/tendermint/tendermint/crypto"
)

func main() {
	sum := crypto.Sha256([]byte("This is Tendermint"))
	fmt.Printf("%x\n", sum)
}
Output:

f91afb642f3d1c87c17eb01aae5cb65c242dfdbe7cf1066cc260f4ce5d33b94e

Types

type Address

type Address = cmn.HexBytes

An address is a []byte, but hex-encoded even in JSON. []byte leaves us the option to change the address length. Use an alias so Unmarshal methods (with ptr receivers) are available too.

type PrivKey

type PrivKey interface {
	Bytes() []byte
	Sign(msg []byte) (Signature, error)
	PubKey() PubKey
	Equals(PrivKey) bool
}

func PrivKeyFromBytes

func PrivKeyFromBytes(privKeyBytes []byte) (privKey PrivKey, err error)

type PrivKeyEd25519

type PrivKeyEd25519 [64]byte

Implements PrivKey

func GenPrivKeyEd25519

func GenPrivKeyEd25519() PrivKeyEd25519

func GenPrivKeyEd25519FromSecret

func GenPrivKeyEd25519FromSecret(secret []byte) PrivKeyEd25519

NOTE: secret should be the output of a KDF like bcrypt, if it's derived from user input.

func (PrivKeyEd25519) Bytes

func (privKey PrivKeyEd25519) Bytes() []byte

func (PrivKeyEd25519) Equals

func (privKey PrivKeyEd25519) Equals(other PrivKey) bool

Equals - you probably don't need to use this. Runs in constant time based on length of the keys.

func (PrivKeyEd25519) Generate

func (privKey PrivKeyEd25519) Generate(index int) PrivKeyEd25519

Deterministically generates new priv-key bytes from key.

func (PrivKeyEd25519) PubKey

func (privKey PrivKeyEd25519) PubKey() PubKey

func (PrivKeyEd25519) Sign

func (privKey PrivKeyEd25519) Sign(msg []byte) (Signature, error)

func (PrivKeyEd25519) ToCurve25519

func (privKey PrivKeyEd25519) ToCurve25519() *[32]byte

type PrivKeySecp256k1

type PrivKeySecp256k1 [32]byte

Implements PrivKey

func GenPrivKeySecp256k1

func GenPrivKeySecp256k1() PrivKeySecp256k1

func GenPrivKeySecp256k1FromSecret

func GenPrivKeySecp256k1FromSecret(secret []byte) PrivKeySecp256k1

NOTE: secret should be the output of a KDF like bcrypt, if it's derived from user input.

func (PrivKeySecp256k1) Bytes

func (privKey PrivKeySecp256k1) Bytes() []byte

func (PrivKeySecp256k1) Equals

func (privKey PrivKeySecp256k1) Equals(other PrivKey) bool

Equals - you probably don't need to use this. Runs in constant time based on length of the keys.

func (PrivKeySecp256k1) PubKey

func (privKey PrivKeySecp256k1) PubKey() PubKey

func (PrivKeySecp256k1) Sign

func (privKey PrivKeySecp256k1) Sign(msg []byte) (Signature, error)

type PubKey

type PubKey interface {
	Address() Address
	Bytes() []byte
	VerifyBytes(msg []byte, sig Signature) bool
	Equals(PubKey) bool
}

func PubKeyFromBytes

func PubKeyFromBytes(pubKeyBytes []byte) (pubKey PubKey, err error)

type PubKeyEd25519

type PubKeyEd25519 [PubKeyEd25519Size]byte

Implements PubKeyInner

func (PubKeyEd25519) Address

func (pubKey PubKeyEd25519) Address() Address

Address is the SHA256-20 of the raw pubkey bytes.

func (PubKeyEd25519) Bytes

func (pubKey PubKeyEd25519) Bytes() []byte

func (PubKeyEd25519) Equals

func (pubKey PubKeyEd25519) Equals(other PubKey) bool

func (PubKeyEd25519) String

func (pubKey PubKeyEd25519) String() string

func (PubKeyEd25519) ToCurve25519

func (pubKey PubKeyEd25519) ToCurve25519() *[PubKeyEd25519Size]byte

For use with golang/crypto/nacl/box If error, returns nil.

func (PubKeyEd25519) VerifyBytes

func (pubKey PubKeyEd25519) VerifyBytes(msg []byte, sig_ Signature) bool

type PubKeySecp256k1

type PubKeySecp256k1 [PubKeySecp256k1Size]byte

Implements PubKey. Compressed pubkey (just the x-cord), prefixed with 0x02 or 0x03, depending on the y-cord.

func (PubKeySecp256k1) Address

func (pubKey PubKeySecp256k1) Address() Address

Implements Bitcoin style addresses: RIPEMD160(SHA256(pubkey))

func (PubKeySecp256k1) Bytes

func (pubKey PubKeySecp256k1) Bytes() []byte

func (PubKeySecp256k1) Equals

func (pubKey PubKeySecp256k1) Equals(other PubKey) bool

func (PubKeySecp256k1) String

func (pubKey PubKeySecp256k1) String() string

func (PubKeySecp256k1) VerifyBytes

func (pubKey PubKeySecp256k1) VerifyBytes(msg []byte, sig_ Signature) bool

type Signature

type Signature interface {
	Bytes() []byte
	IsZero() bool
	Equals(Signature) bool
}

func SignatureEd25519FromBytes

func SignatureEd25519FromBytes(data []byte) Signature

func SignatureFromBytes

func SignatureFromBytes(pubKeyBytes []byte) (pubKey Signature, err error)

func SignatureSecp256k1FromBytes

func SignatureSecp256k1FromBytes(data []byte) Signature

type SignatureEd25519

type SignatureEd25519 [SignatureEd25519Size]byte

Implements Signature

func (SignatureEd25519) Bytes

func (sig SignatureEd25519) Bytes() []byte

func (SignatureEd25519) Equals

func (sig SignatureEd25519) Equals(other Signature) bool

func (SignatureEd25519) IsZero

func (sig SignatureEd25519) IsZero() bool

func (SignatureEd25519) String

func (sig SignatureEd25519) String() string

type SignatureSecp256k1

type SignatureSecp256k1 []byte

Implements Signature

func (SignatureSecp256k1) Bytes

func (sig SignatureSecp256k1) Bytes() []byte

func (SignatureSecp256k1) Equals

func (sig SignatureSecp256k1) Equals(other Signature) bool

func (SignatureSecp256k1) IsZero

func (sig SignatureSecp256k1) IsZero() bool

func (SignatureSecp256k1) String

func (sig SignatureSecp256k1) String() string

Directories

Path Synopsis
Package hkdfchacha20poly1305 creates an AEAD using hkdf, chacha20, and poly1305 When sealing and opening, the hkdf is used to obtain the nonce and subkey for chacha20.
Package hkdfchacha20poly1305 creates an AEAD using hkdf, chacha20, and poly1305 When sealing and opening, the hkdf is used to obtain the nonce and subkey for chacha20.
Package merkle computes a deterministic minimal height Merkle tree hash.
Package merkle computes a deterministic minimal height Merkle tree hash.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL