saltpack

package
v0.0.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 6, 2024 License: MIT Imports: 16 Imported by: 1

README

Saltpack

See saltpack.org for more details.

This github.com/burlingtonbertie99/mykeys/saltpack package allows you to encrypt/decrypt, sign/verify using Saltpack.

Examples

Documentation

Overview

Package saltpack integrates keys with Saltpack (saltpack.org).

Index

Examples

Constants

This section is empty.

Variables

View Source 
var ErrInvalidData = errors.New("invalid data")

ErrInvalidData if data was invalid.

Functions

func Decrypt 

func Decrypt(b []byte, armored bool, kr Keyring) ([]byte, *keys.X25519PublicKey, error)

Decrypt bytes. If there was a sender, will return the X25519 public key.

Example 
aliceID := keys.ID("kbx15nsf9y4k28p83wth93tf7hafhvfajp45d2mge80ems45gz0c5gys57cytk")
encrypted := []byte(`BEGIN SALTPACK ENCRYPTED MESSAGE. 
	kcJn5brvybfNjz6 D5ll2Nk0YnkdsxV g8EmizCg7a8zpHt Wh3GEuw5BrCUP2u N00ZdO6tTiw5NAl 
	M2M9M0ErPX1xAmK Cfh7IG2sQfbxIH3 OmQwZxc13hjpoG4 1NWwphYm2HR7i1Z LOdCpf8kbf5UFSC 
	eEUlInuYgfWLJdT 7y3iBbCvlejdmJW aSRZAgrmiEqYfTL a0NzUyir4lT4h9G DUYEGWA8JD3cuCh 
	Xfi0TNH5BlgOnBm 65o53Xaztwpv6Q4 BMM6AoTyMYk9iR3 5ybluVFI5DJq0YP N6t. 
	END SALTPACK ENCRYPTED MESSAGE.`)

bob := keys.NewX25519KeyFromSeed(testSeed(0x02))

// Bob decrypts
out, sender, err := saltpack.Decrypt(encrypted, true, saltpack.NewKeyring(bob))
if err != nil {
	log.Fatal(err)
}

if sender != nil && sender.ID() == aliceID {
	fmt.Printf("signer is alice\n")
}
fmt.Printf("%s\n", string(out))

Output:

signer is alice
hi bob

func Encrypt 

func Encrypt(b []byte, armored bool, sender *keys.X25519Key, recipients ...keys.ID) ([]byte, error)

Encrypt to recipients. Sender can be nil. See https://saltpack.org/encryption-format-v2.

Example 
alice := keys.NewX25519KeyFromSeed(testSeed(0x01))
bobID := keys.ID("kbx1e6xn45wvkce7c7msc9upffw8dmxs9959q5xng369hgzcwrjc04vs8u82mj")

message := []byte("hi bob")

fmt.Printf("alice: %s\n", alice.ID())
fmt.Printf("bob: %s\n", bobID)

// Encrypt from alice to bob
encrypted, err := saltpack.Encrypt(message, true, alice, bobID)
if err != nil {
	log.Fatal(err)
}
fmt.Printf("%s...\n", encrypted[0:30])

Output:

alice: kbx15nsf9y4k28p83wth93tf7hafhvfajp45d2mge80ems45gz0c5gys57cytk
bob: kbx1e6xn45wvkce7c7msc9upffw8dmxs9959q5xng369hgzcwrjc04vs8u82mj
BEGIN SALTPACK ENCRYPTED MESSA...

func NewDecryptStream 

func NewDecryptStream(r io.Reader, armored bool, kr Keyring) (io.Reader, *keys.X25519PublicKey, error)

NewDecryptStream creates a decrypt stream. If there was a sender, will return a X25519 key ID.

func NewEncryptStream 

func NewEncryptStream(w io.Writer, armored bool, sender *keys.X25519Key, recipients ...keys.ID) (io.WriteCloser, error)

NewEncryptStream creates an encrypted armored io.WriteCloser. Sender can be nil, if you want it to be anonymous.

func NewSignStream 

func NewSignStream(w io.Writer, armored bool, detached bool, key *keys.EdX25519Key) (io.WriteCloser, error)

NewSignStream ...

func NewSigncryptOpenStream 

func NewSigncryptOpenStream(r io.Reader, armored bool, kr Keyring) (io.Reader, *keys.EdX25519PublicKey, error)

NewSigncryptOpenStream creates a signcrypt open stream.

func NewSigncryptStream 

func NewSigncryptStream(w io.Writer, armored bool, sender *keys.EdX25519Key, recipients ...keys.ID) (io.WriteCloser, error)

NewSigncryptStream creates a signcrypt stream.

func NewVerifyStream 

func NewVerifyStream(r io.Reader) (io.Reader, keys.ID, error)

NewVerifyStream ...

func SetLogger 

func SetLogger(l Logger)

SetLogger sets logger for the package.

func Sign 

func Sign(b []byte, armored bool, key *keys.EdX25519Key) ([]byte, error)

Sign bytes.

Example 
alice := keys.GenerateEdX25519Key()

message := []byte("hi from alice")

sig, err := saltpack.Sign(message, true, alice)
if err != nil {
	log.Fatal(err)
}
fmt.Printf("%s\n", alice.ID())
fmt.Printf("%s\n", sig)

Output:

func SignArmored 

func SignArmored(b []byte, key *keys.EdX25519Key) (string, error)

Sign bytes (armored).

func SignDetached 

func SignDetached(b []byte, armored bool, key *keys.EdX25519Key) ([]byte, error)

SignDetached ...

Example 
alice := keys.GenerateEdX25519Key()

message := []byte("hi from alice")

sig, err := saltpack.SignDetached(message, true, alice)
if err != nil {
	log.Fatal(err)
}
fmt.Printf("%s", sig)

Output:

func SignFile 

func SignFile(in string, out string, key *keys.EdX25519Key, armored bool, detached bool) error

SignFile signs a file.

func Signcrypt 

func Signcrypt(b []byte, armored bool, sender *keys.EdX25519Key, recipients ...keys.ID) ([]byte, error)

Signcrypt to recipients. https://saltpack.org/signcryption-format

Example 
alice := keys.NewEdX25519KeyFromSeed(testSeed(0x01))
bobID := keys.ID("kex1syuhwr4g05t4744r23nvxnr7en9cmz53knhr0gja7c84hr7fkw2quf6zcg")

message := []byte("hi bob")

fmt.Printf("alice: %s\n", alice.ID())
fmt.Printf("bob: %s\n", bobID)

// Signcrypt from alice to bob
encrypted, err := saltpack.Signcrypt(message, true, alice, bobID)
if err != nil {
	log.Fatal(err)
}
fmt.Printf("%s...\n", encrypted[0:30])

Output:

alice: kex132yw8ht5p8cetl2jmvknewjawt9xwzdlrk2pyxlnwjyqrdq0dawqqph077
bob: kex1syuhwr4g05t4744r23nvxnr7en9cmz53knhr0gja7c84hr7fkw2quf6zcg
BEGIN SALTPACK ENCRYPTED MESSA...

func SigncryptOpen 

func SigncryptOpen(b []byte, armored bool, kr Keyring) ([]byte, *keys.EdX25519PublicKey, error)

SigncryptOpen ...

Example 
aliceID := keys.ID("kex132yw8ht5p8cetl2jmvknewjawt9xwzdlrk2pyxlnwjyqrdq0dawqqph077")
encrypted := []byte(`BEGIN SALTPACK ENCRYPTED MESSAGE. 
	keDIDMQWYvVR58B FTfTeDQNHw4rtf4 DhnUhh7QIMs1BwB LmssBxGhQ4mlcCU qV8WjYl8IkxQJbg 
	ONicYJ6bKt4MtL5 u1uoXQQMHpGQoxv i81G0YjJmVk3fve kTnkT7hxuNZPhL3 2gdI2jzdhgOuv2I 
	GepiKbfYFkh9crE 1N4kuPgLFmiQoUb UxbqPeFjmNwUTf7 zGeNEy8DBW16Iyd jw64NZ1Ln4gebRP 
	2mFMbPdyBRdxldx ugMs9cTZ2cTcyWJ mTPQ9RkdnnfPGdd k6x2hQWAdkwBOmy 4NcS7hFls2iGX4I 
	4lh5nDtDzwGHFOn ehwbipT7iNVK9kE 388GznWBW4Vci88 43Z1Txd2cbm2dBJ y883ohi7SLL. 
	END SALTPACK ENCRYPTED MESSAGE.`)

bob := keys.NewEdX25519KeyFromSeed(testSeed(0x02))

// Bob decrypts
out, sender, err := saltpack.SigncryptOpen(encrypted, true, saltpack.NewKeyring(bob))
if err != nil {
	log.Fatal(err)
}

if sender != nil && sender.ID() == aliceID {
	fmt.Printf("signer is alice\n")
}
fmt.Printf("%s\n", string(out))

Output:

signer is alice
hi bob

func StripBefore 

func StripBefore(message string) string

StripBefore removes text before BEGIN.

func Verify 

func Verify(b []byte) ([]byte, keys.ID, error)

Verify ...

Example 
aliceID := keys.ID("kex1w2jep8dkr2s0g9kx5g6xe3387jslnlj08yactvn8xdtrx4cnypjq9rpnux")
signed := []byte(`BEGIN SALTPACK SIGNED MESSAGE. 
	kXR7VktZdyH7rvq v5wcIkHbs7mPCSd NhKLR9E0K47y29T QkuYinHym6EfZwL 
	1TwgxI3RQ52fHg5 1FzmLOMghcYLcV7 i0l0ovabGhxGrEl z7WuI4O3xMU5saq 
	U28RqUnKNroATPO 5rn2YyQcut2SeMn lXJBlDqRv9WyxjG M0PcKvsAsvmid1m 
	cqA4TCjz5V9VpuO zuIQ55lRQLeP5kU aWFxq5Nl8WsPqlR RdX86OuTbaKUvKI 
	wdNd6ISacrT0I82 qZ71sc7sTxiMxoI P43uCGaAZZ3Ab62 vR8N6WQPE8. 
	END SALTPACK SIGNED MESSAGE.`)

out, signer, err := saltpack.Verify(signed)
if err != nil {
	log.Fatal(err)
}
if signer == aliceID {
	fmt.Printf("signer is alice\n")
}
fmt.Printf("%s\n", string(out))

Output:

signer is alice
hi from alice

func VerifyArmored 

func VerifyArmored(s string) ([]byte, keys.ID, error)

VerifyArmored verified armored statement.

func VerifyDetached 

func VerifyDetached(sig []byte, b []byte) (keys.ID, error)

VerifyDetached ...

func VerifyDetachedReader 

func VerifyDetachedReader(sig []byte, r io.Reader) (keys.ID, error)

VerifyDetachedReader ...

func VerifyFile 

func VerifyFile(in string, out string) (keys.ID, error)

VerifyFile outputs verified file from in path.

func VerifyFileDetached 

func VerifyFileDetached(sig []byte, path string) (keys.ID, error)

VerifyFileDetached verifies file at path with signature.

Types

type ContextLogger 

type ContextLogger interface {
	Debugf(ctx context.Context, format string, args ...interface{})
	Infof(ctx context.Context, format string, args ...interface{})
	Warningf(ctx context.Context, format string, args ...interface{})
	Errorf(ctx context.Context, format string, args ...interface{})
}

ContextLogger interface used in this package with request context.

func NewContextLogger 

func NewContextLogger(lev LogLevel) ContextLogger

NewContextLogger ...

type Encoding 

type Encoding string

Encoding for saltpack (encrypt, signcrypt, sign). 

const (
	// UnknownEncoding is unknown.
	UnknownEncoding Encoding = ""
	// EncryptEncoding used saltpack.Encrypt
	EncryptEncoding Encoding = "encrypt"
	// SigncryptEncoding used saltpack.Signcrypt
	SigncryptEncoding Encoding = "signcrypt"
	// SignEncoding used saltpack.Sign
	SignEncoding Encoding = "sign"
)

func NewReader 

func NewReader(r io.Reader, kr Keyring) (out io.Reader, key keys.Key, enc Encoding, err error)

NewReader creates io.Reader for decryption after trying to detect the encoding. We peek up to 512 bytes from the reader, detect the encoding and return that stream.

func Open 

func Open(b []byte, kr Keyring) (out []byte, key keys.Key, enc Encoding, err error)

Open decrypts bytes after attempting to auto detect the encoding.

type Keyring 

type Keyring interface {
	X25519Keys() ([]*keys.X25519Key, error)
}

Keyring for Saltpack keys.

func NewKeyring 

func NewKeyring(keys ...keys.Key) Keyring

NewKeyring creates keyring for keys.

type LogLevel 

type LogLevel int

LogLevel ... 

const (
	// DebugLevel ...
	DebugLevel LogLevel = 3
	// InfoLevel ...
	InfoLevel LogLevel = 2
	// WarnLevel ...
	WarnLevel LogLevel = 1
	// ErrLevel ...
	ErrLevel LogLevel = 0
)

type Logger 

type Logger interface {
	Debugf(format string, args ...interface{})
	Infof(format string, args ...interface{})
	Warningf(format string, args ...interface{})
	Errorf(format string, args ...interface{})
}

Logger interface used in this package.

func NewLogger 

func NewLogger(lev LogLevel) Logger

NewLogger ...

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.