security

package

v0.0.0-...-8027ee6 Latest Latest Go to latest Published: May 7, 2023 License: MIT Imports: 24 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/code-to-go/safepool

Documentation ¶

Index ¶

Constants
Variables
func AppendToSignedHash(s SignedHash, i Identity) error
func DecryptBlock(key []byte, nonce []byte, cipherdata []byte) ([]byte, error)
func EcDecrypt(identity Identity, data []byte) ([]byte, error)
func EcEncrypt(identity Identity, data []byte) ([]byte, error)
func EncryptBlock(key []byte, nonce []byte, data []byte) ([]byte, error)
func EncryptingReader(keyId uint64, keyFunc func(uint64) []byte, r io.ReadSeekCloser) (io.ReadSeekCloser, error)
func FileHash(name string) ([]byte, error)
func GenerateBytesKey(size int) []byte
func Marshal(identity Identity, v any, signatureField string) ([]byte, error)
func NewHash() hash.Hash
func QuickHash(data []byte) []byte
func SameIdentity(a, b Identity) bool
func SetAlias(i Identity, alias string) error
func SetIdentity(i Identity) error
func Sign(identity Identity, data []byte) ([]byte, error)
func Trust(i Identity, trusted bool) error
func Unmarshal(data []byte, v any, signatureField string) (id string, err error)
func Verify(id string, data []byte, sig []byte) bool
func VerifySignedHash(s SignedHash, trusts []Identity, hash []byte) bool
type HashReader
- func NewHashReader(r io.ReadSeekCloser) (*HashReader, error)
- func (s *HashReader) Close() error
- func (s *HashReader) Read(p []byte) (n int, err error)
- func (s *HashReader) Seek(offset int64, whence int) (int64, error)
type HashWriter
- func NewHashWriter(w io.Writer) (*HashWriter, error)
- func (s *HashWriter) Write(p []byte) (n int, err error)
type Identity
- func GetIdentity(id string) (identity Identity, ok bool, err error)
- func Identities() ([]Identity, error)
- func IdentityFromBase64(b64 string) (Identity, error)
- func IdentityFromId(id string) (Identity, error)
- func NewIdentity(nick string) (Identity, error)
- func Trusted() ([]Identity, error)
- func (i Identity) Base64() (string, error)
- func (i Identity) Id() string
- func (i Identity) Public() Identity
type Key
type PrivateKey
type Public
type PublicKey
type SignedData
type SignedHash
- func NewSignedHash(hash []byte, i Identity) (SignedHash, error)
type SignedHashEvidence
type StreamReader
- func (sr *StreamReader) Close() error
- func (sr *StreamReader) Read(p []byte) (n int, err error)
- func (sr *StreamReader) Seek(offset int64, whence int) (int64, error)
type StreamWriter
- func DecryptingWriter(keyFunc func(uint64) []byte, w io.Writer) (*StreamWriter, error)
- func (sr *StreamWriter) Write(p []byte) (n int, err error)

Constants ¶

View Source

const (
	Secp256k1 = "secp256k1"
	Ed25519   = "ed25519"
)

View Source

const (
	PublicKeySize  = ed25519.PublicKeySize
	PrivateKeySize = ed25519.PrivateKeySize
	SignatureSize  = ed25519.SignatureSize
)

View Source

const AESHeaderSize = 8 + aes.BlockSize

View Source

const SignatureField = "dgst_ed25519_blake2b"

Variables ¶

View Source

var ErrInvalidSignature = errors.New("signature is invalid")

Functions ¶

func AppendToSignedHash ¶

func AppendToSignedHash(s SignedHash, i Identity) error

func DecryptBlock ¶

func DecryptBlock(key []byte, nonce []byte, cipherdata []byte) ([]byte, error)

func EcDecrypt ¶

func EcDecrypt(identity Identity, data []byte) ([]byte, error)

func EcEncrypt ¶

func EcEncrypt(identity Identity, data []byte) ([]byte, error)

func EncryptBlock ¶

func EncryptBlock(key []byte, nonce []byte, data []byte) ([]byte, error)

func EncryptingReader ¶

func EncryptingReader(keyId uint64, keyFunc func(uint64) []byte, r io.ReadSeekCloser) (io.ReadSeekCloser, error)

EncryptedWriter wraps w with an OFB cipher stream.

func FileHash ¶

func FileHash(name string) ([]byte, error)

func GenerateBytesKey ¶

func GenerateBytesKey(size int) []byte

func Marshal ¶

func Marshal(identity Identity, v any, signatureField string) ([]byte, error)

func NewHash ¶

func NewHash() hash.Hash

func QuickHash ¶

func QuickHash(data []byte) []byte

func SameIdentity ¶

func SameIdentity(a, b Identity) bool

func SetAlias ¶

func SetAlias(i Identity, alias string) error

func SetIdentity ¶

func SetIdentity(i Identity) error

func Sign ¶

func Sign(identity Identity, data []byte) ([]byte, error)

func Trust ¶

func Trust(i Identity, trusted bool) error

func Unmarshal ¶

func Unmarshal(data []byte, v any, signatureField string) (id string, err error)

func Verify ¶

func Verify(id string, data []byte, sig []byte) bool

func VerifySignedHash ¶

func VerifySignedHash(s SignedHash, trusts []Identity, hash []byte) bool

Types ¶

type HashReader ¶

type HashReader struct {
	Hash hash.Hash
	// contains filtered or unexported fields
}

func NewHashReader ¶

func NewHashReader(r io.ReadSeekCloser) (*HashReader, error)

func (*HashReader) Close ¶

func (s *HashReader) Close() error

func (*HashReader) Read ¶

func (s *HashReader) Read(p []byte) (n int, err error)

func (*HashReader) Seek ¶

func (s *HashReader) Seek(offset int64, whence int) (int64, error)

type HashWriter ¶

type HashWriter struct {
	Hash hash.Hash
	// contains filtered or unexported fields
}

func NewHashWriter ¶

func NewHashWriter(w io.Writer) (*HashWriter, error)

func (*HashWriter) Write ¶

func (s *HashWriter) Write(p []byte) (n int, err error)

type Identity ¶

type Identity struct {
	Nick  string `json:"n"`
	Email string `json:"m"`

	SignatureKey  Key `json:"s"`
	EncryptionKey Key `json:"e"`

	Trusted []string `json:"t"`
	Avatar  []byte   `json:"a"`
}

func GetIdentity ¶

func GetIdentity(id string) (identity Identity, ok bool, err error)

func Identities ¶

func Identities() ([]Identity, error)

func IdentityFromBase64 ¶

func IdentityFromBase64(b64 string) (Identity, error)

func IdentityFromId ¶

func IdentityFromId(id string) (Identity, error)

func NewIdentity ¶

func NewIdentity(nick string) (Identity, error)

func Trusted ¶

func Trusted() ([]Identity, error)

func (Identity) Base64 ¶

func (i Identity) Base64() (string, error)

func (Identity) Id ¶

func (i Identity) Id() string

func (Identity) Public ¶

func (i Identity) Public() Identity

type Key ¶

type Key struct {
	Public  []byte `json:"pu"`
	Private []byte `json:"pr,omitempty"`
}

type PrivateKey ¶

type PrivateKey ed25519.PrivateKey

type Public ¶

type Public struct {
	Id    PublicKey
	Nick  string
	Email string
}

type PublicKey ¶

type PublicKey ed25519.PublicKey

type SignedData ¶

type SignedData struct {
	Signature [SignatureSize]byte
	Signer    PublicKey
}

type SignedHash ¶

type SignedHash struct {
	Hash       []byte
	Signatures map[string][]byte
}

func NewSignedHash ¶

func NewSignedHash(hash []byte, i Identity) (SignedHash, error)

type SignedHashEvidence ¶

type SignedHashEvidence struct {
	Key       []byte `json:"k"`
	Signature []byte `json:"s"`
}

type StreamReader ¶

type StreamReader struct {
	// contains filtered or unexported fields
}

func (*StreamReader) Close ¶

func (sr *StreamReader) Close() error

func (*StreamReader) Read ¶

func (sr *StreamReader) Read(p []byte) (n int, err error)

func (*StreamReader) Seek ¶

func (sr *StreamReader) Seek(offset int64, whence int) (int64, error)

type StreamWriter ¶

type StreamWriter struct {
	// contains filtered or unexported fields
}

func DecryptingWriter ¶

func DecryptingWriter(keyFunc func(uint64) []byte, w io.Writer) (*StreamWriter, error)

EncryptedWriter wraps w with an OFB cipher stream.

func (*StreamWriter) Write ¶

func (sr *StreamWriter) Write(p []byte) (n int, err error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL