cryptography

package
v1.5.6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 23, 2022 License: GPL-3.0 Imports: 17 Imported by: 8

README

Cryptography

Wrappers around Go cryptographic functions, you should avoid using any cryptographic primitives that are not from this package.

Documentation

Index

Constants

View Source 
const (
	// TOTPDigits - Number of digits in the TOTP
	TOTPDigits          = 8
	TOTPPeriod          = uint(30)
	TOTPSecretKey       = "server.totp"
	ServerECCKeyPairKey = "server.ecc"
)

Variables

View Source 
var (
	// ErrInvalidKeyLength - Invalid key length
	ErrInvalidKeyLength = errors.New("invalid length")

	// ErrReplayAttack - Replay attack
	ErrReplayAttack = errors.New("replay attack detected")

	// ErrDecryptFailed
	ErrDecryptFailed = errors.New("decryption failed")
)

Functions

func Decrypt added in v1.5.0 

func Decrypt(key [chacha20poly1305.KeySize]byte, ciphertext []byte) ([]byte, error)

Decrypt - Decrypt using chacha20poly1305 https://pkg.go.dev/golang.org/x/crypto/chacha20poly1305

func ECCDecrypt added in v1.5.0 

func ECCDecrypt(senderPublicKey *[32]byte, recipientPrivateKey *[32]byte, ciphertext []byte) ([]byte, error)

ECCDecrypt - Decrypt using Curve 25519 + ChaCha20Poly1305

func ECCEncrypt added in v1.5.0 

func ECCEncrypt(recipientPublicKey *[32]byte, senderPrivateKey *[32]byte, plaintext []byte) ([]byte, error)

ECCEncrypt - Encrypt using Nacl Box

func Encrypt added in v1.5.0 

func Encrypt(key [chacha20poly1305.KeySize]byte, plaintext []byte) ([]byte, error)

Encrypt - Encrypt using chacha20poly1305 https://pkg.go.dev/golang.org/x/crypto/chacha20poly1305

func KeyFromBytes added in v1.5.0 

func KeyFromBytes(data []byte) ([chacha20poly1305.KeySize]byte, error)

KeyFromBytes - Convert to fixed length buffer

func MinisignServerPrivateKey added in v1.5.0 

func MinisignServerPrivateKey() *minisign.PrivateKey

MinisignServerPrivateKey - Get the server's minisign key pair

func MinisignServerPublicKey added in v1.5.0 

func MinisignServerPublicKey() string

MinisignServerPublicKey - Get the server's minisign public key string

func MinisignServerSign added in v1.5.0 

func MinisignServerSign(message []byte) string

MinisignServerSign - Sign a message with the server's minisign private key

func RandomKey added in v1.5.0 

func RandomKey() [chacha20poly1305.KeySize]byte

RandomKey - Generate random ID of randomIDSize bytes

func TOTPOptions added in v1.5.0 

func TOTPOptions() totp.ValidateOpts

TOTPOptions - Customized totp validation options

func TOTPServerSecret added in v1.5.0 

func TOTPServerSecret() (string, error)

TOTPServerSecret - Get the server-wide totp secret value, the goal of the totp is for the implant to prove it was generated by this server. To that end we simply use a server-wide secret and ignore issuers/accounts. In order to bypass this check you'd have to extract the totp secret from a binary generated by the server.

func ValidateTOTP added in v1.5.0 

func ValidateTOTP(code string) (bool, error)

ValidateTOTP - Validate a TOTP code

Types

type CipherContext added in v1.5.0 

type CipherContext struct {
	Key [chacha20poly1305.KeySize]byte
	// contains filtered or unexported fields
}

CipherContext - Tracks a series of messages encrypted under the same key and detects/prevents replay attacks.

func NewCipherContext added in v1.5.0 

func NewCipherContext(key [chacha20poly1305.KeySize]byte) *CipherContext

NewCipherContext - Wrapper around creating a cipher context from a key

func (*CipherContext) Decrypt added in v1.5.0 

func (c *CipherContext) Decrypt(ciphertext []byte) ([]byte, error)

Decrypt - Decrypt a message with the contextual key and check for replay attacks

func (*CipherContext) Encrypt added in v1.5.0 

func (c *CipherContext) Encrypt(plaintext []byte) ([]byte, error)

Encrypt - Encrypt a message with the contextual key

type ECCKeyPair added in v1.5.0 

type ECCKeyPair struct {
	Public  *[32]byte `json:"public"`
	Private *[32]byte `json:"private"`
}

ECCKeyPair - Holds the public/private key pair

func ECCServerKeyPair added in v1.5.0 

func ECCServerKeyPair() *ECCKeyPair

ECCServerKeyPair - Get teh server's ECC key pair

func RandomECCKeyPair added in v1.5.0 

func RandomECCKeyPair() (*ECCKeyPair, error)

RandomeECCKeyPair - Generate a random Curve 25519 key pair

func (*ECCKeyPair) PrivateBase64 added in v1.5.0 

func (e *ECCKeyPair) PrivateBase64() string

PrivateBase64 - Base64 encoded private key

func (*ECCKeyPair) PublicBase64 added in v1.5.0 

func (e *ECCKeyPair) PublicBase64() string

PublicBase64 - Base64 encoded public key

Source Files

View all Source files

Directories

Path Synopsis
Package minisign implements the minisign signature scheme.
 Package minisign implements the minisign signature scheme.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.