crypto

package
v0.0.0-...-4f7ffea Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 25, 2021 License: MIT Imports: 17 Imported by: 0

Documentation

Index

Constants

View Source 
const ExchangePubSize = curve25519.PointSize
View Source 
const ExchangeSecretSize = curve25519.PointSize
View Source 
const IdentityPubSize = ed25519.PublicKeySize
View Source 
const MessageKeySize = 32

MessageKeySize is the number of bytes in a message key

View Source 
const SharedSecretSize = 32

SharedSecretSize is the number of bytes in a shared secret

Variables

This section is empty.

Functions

func GenerateBundle 

func GenerateBundle() (BundlePub, BundlePriv, error)

GenerateBundle generates a new bundle of exchange keys, possibly failing

func GenerateExchange 

func GenerateExchange() (ExchangePub, ExchangePriv, error)

GenerateExchange creates a new exchange key-pair

This will use a secure source of randomness.

An error may be returned if generation fails.

func GenerateIdentity 

func GenerateIdentity() (IdentityPub, IdentityPriv, error)

GenerateIdentity creates a new identity key-pair.

This generates a new key, using a secure source of randomness.

An error may be returned if generation fails.

Types

type BackwardExchangeParams 

type BackwardExchangeParams struct {
	// The public identity of the initiator
	Them IdentityPub
	// The Ephemeral key used by the initiator
	Ephemeral ExchangePub
	// The private Identity of the recipient
	Identity IdentityPriv
	// The private Prekey of the recipient
	Prekey ExchangePriv
	// The private OneTime key of the recipient
	OneTime ExchangePriv
}

BackwardExchangeParams contains the parameters for an exchange from a recipient

type BundlePriv 

type BundlePriv []ExchangePriv

BundlePriv is a collection of the private counterparts to single-use exchange keys

type BundlePub 

type BundlePub []byte

BundlePub is a collection of single-use exchange keys

func BundleFromBytes 

func BundleFromBytes(data []byte) (BundlePub, error)

BundleFromBytes converts a slice of bytes into a public bundle.

This will fail if the length of the data doesn't match an expected length for a bundle.

func (BundlePub) Get 

func (bundle BundlePub) Get(index int) ExchangePub

Get returns the exchange key at a given index.

This will panic if the index is < 0 or >= bundle.Len().

func (BundlePub) Len 

func (bundle BundlePub) Len() int

Len returns the number of exchange keys in this bundle

type DoubleRatchet 

type DoubleRatchet struct {
	// contains filtered or unexported fields
}

DoubleRatchet holds the state used for the Diffie Hellman double ratchet.

This will be setup based on the exchange to derive a secret, and then updated as messages arrive.

func DoubleRatchetFromInitiator 

func DoubleRatchetFromInitiator(secret SharedSecret, receivingPub ExchangePub) (ratchet DoubleRatchet, err error)

DoubleRatchetFromInitiator creates a double ratchet, with information by the initiator of an exchange.

The parameters passed by this function should be known to the initiator of an X3DH exchange.

The receivingPub should be the signed prekey.

func DoubleRatchetFromReceiver 

func DoubleRatchetFromReceiver(secret SharedSecret, pub ExchangePub, priv ExchangePriv) DoubleRatchet

DoubleRatchetFromReceiver creates a double ratchet, with information from the receiver of an exchange.

We use the shared secret we've derived from an exchange, as well as our signed prekey.

func (*DoubleRatchet) Decrypt 

func (ratchet *DoubleRatchet) Decrypt(ciphertext, additional []byte) ([]byte, error)

Decrypt uses the current state of the ratchet to decrypt a piece of data.

The ciphertext will contain the necessary headers.

This will also advance the state of the ratchet accordingly.

func (*DoubleRatchet) Encrypt 

func (ratchet *DoubleRatchet) Encrypt(plaintext, additional []byte) ([]byte, error)

Encrypt uses the current state of the ratchet to encrypt a piece of data.

type ExchangePriv 

type ExchangePriv []byte

ExchangePriv is the private component of an exchange key

type ExchangePub 

type ExchangePub []byte

ExchangePub is the public component of an exchange key

func ExchangePubFromBytes 

func ExchangePubFromBytes(pubBytes []byte) (ExchangePub, error)

ExchangePubFromBytes creates a public exchange key from bytes

This will return an error if the number of bytes is incorrect.

type ForwardExchangeParams 

type ForwardExchangeParams struct {
	// The private identity key for the initiator
	Me IdentityPriv
	// The private part of an Ephemeral exchange key
	Ephemeral ExchangePriv
	// The public Identity key for the recipient
	Identity IdentityPub
	// The signed Prekey for the recipient
	Prekey ExchangePub
	// The OneTime key for the recipient
	OneTime ExchangePub
}

ForwardExchangeParams is the information to do an exchange, from a person initiating the exchange

type IdentityPriv 

type IdentityPriv ed25519.PrivateKey

IdentityPriv is the private component of an identity key

This can be used to generate signatures for an identity.

func (IdentityPriv) Sign 

func (priv IdentityPriv) Sign(data []byte) Signature

Sign uses an identity to generate signature for some data

Forging this signature should be impossible without having acess to the private key. Anyone with the public part of an identity key can verify the signature.

func (IdentityPriv) SignBundle 

func (priv IdentityPriv) SignBundle(bundle BundlePub) Signature

SignBundle uses an identity key to sign a bundle of exchange keys

type IdentityPub 

type IdentityPub ed25519.PublicKey

IdentityPub is the public component of an identity key

This can be used to verify signatures from an identity.

func IdentityPubFromBase64 

func IdentityPubFromBase64(data string) (IdentityPub, error)

IdentityPubFromBase64 attempts to convert URL-safe Base64 into a public identity key

This will return an error if decoding fails, or if the number of bytes doesn't match the size of a public key.

func IdentityPubFromString 

func IdentityPubFromString(s string) (IdentityPub, error)

IdentityPubFromString attempts to parse an identity from a string, potentially failing

func (IdentityPub) String 

func (pub IdentityPub) String() string

String returns the string representation of an identity

func (IdentityPub) Verify 

func (pub IdentityPub) Verify(data []byte, sig Signature) bool

Verify uses the public part of an identity to verify a signature on some data

func (IdentityPub) VerifyBundle 

func (pub IdentityPub) VerifyBundle(bundle BundlePub, sig Signature) bool

VerifyBundle verifies a signature generated over a bundle of exchange keys

type MessageKey 

type MessageKey []byte

messageKey represents a key used for encrypting messages

func (MessageKey) Decrypt 

func (key MessageKey) Decrypt(ciphertext, additional []byte) ([]byte, error)

func (MessageKey) Encrypt 

func (key MessageKey) Encrypt(plaintext, additional []byte) ([]byte, error)

type SharedSecret 

type SharedSecret []byte

SharedSecret is derived between two parties, exchanging only public information

func BackwardExchange 

func BackwardExchange(params *BackwardExchangeParams) (SharedSecret, error)

BackwardExchange derives a shared secret, using the initiators public information

This is the corollary to ForwardExchange, allow the recipient to derive a shared secret with an initiator. This is done with the recipient's private information, and the initiator's public information.

func ForwardExchange 

func ForwardExchange(params *ForwardExchangeParams) (SharedSecret, error)

ForwardExchange performs an exchange with the parameters, deriving a shared secret.

This exchange is used by an initiator, with their private information, to derive a shared secret with a recipient, using their public information.

type Signature 

type Signature []byte

Signature represents a signature over some data with an identity key

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.