mls

package module
v0.0.0-...-dbf16a9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 16, 2023 License: BSD-2-Clause Imports: 22 Imported by: 0

README

MLS implementation with admins. README text from forked CISCO respository is below.

Message Layer Security

Coverage Status

This is a protocol to do group key establishment in an asynchronous, message-oriented setting. Its core ideas borrow a lot from Asynchronous Ratchet Trees.

Right now, this is just a Go library that implements the core protocol. It is missing key things like message sequencing, deconfliction, and retransmission. The interface should not be considered stable.

The most you can really do with it is run the tests:

> go test -v

The tests in state_test.go will illustrate the basic flows that are supported.

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewAdminStateFromWelcome 

func NewAdminStateFromWelcome(suite CipherSuite, epochSecret []byte, welcome Welcome) (*AdminState, LeafIndex, []byte, error)

func NewStateFromWelcome 

func NewStateFromWelcome(suite CipherSuite, epochSecret []byte, welcome Welcome) (*State, LeafIndex, []byte, error)

Types

type AddProposal 

type AddProposal struct {
	KeyPackage KeyPackage
}

type AdminAddProposal 

type AdminAddProposal struct {
	Added LeafIndex
}

type AdminGroupContext 

type AdminGroupContext struct {
	GroupID                 []byte `tls:"head=1"`
	Epoch                   Epoch
	TreeHash                []byte `tls:"head=1"`
	ConfirmedTranscriptHash []byte `tls:"head=1"`
	Extensions              ExtensionList
}

type AdminGroupInfo 

type AdminGroupInfo struct {
	GroupID                 []byte `tls:"head=1"`
	Epoch                   Epoch
	Tree                    TreeKEMPublicKey
	ConfirmedTranscriptHash []byte `tls:"head=1"`
	InterimTranscriptHash   []byte `tls:"head=1"`
	Extensions              ExtensionList
	Confirmation            []byte `tls:"head=1"`
	SignerIndex             LeafIndex
	Signature               []byte                 `tls:"head=2"`
	Admins                  map[LeafIndex]struct{} `tls:"head=4"`
	NumAdmins               uint32
}

type AdminRemoveProposal 

type AdminRemoveProposal struct {
	Removed LeafIndex
}

type AdminState 

type AdminState struct {
	// Shared confirmed state
	CipherSuite             CipherSuite
	GroupID                 []byte `tls:"head=1"`
	Epoch                   Epoch
	Tree                    TreeKEMPublicKey
	ConfirmedTranscriptHash []byte `tls:"head=1"`
	InterimTranscriptHash   []byte `tls:"head=1"`
	Extensions              ExtensionList

	// Per-participant non-secret state
	Index            LeafIndex           `tls:"omit"`
	IdentityPriv     SignaturePrivateKey `tls:"omit"`
	TreePriv         TreeKEMPrivateKey   `tls:"omit"`
	Scheme           SignatureScheme     `tls:"omit"`
	PendingProposals []MLSPlaintext      `tls:"omit"`

	// Secret state
	PendingUpdates map[ProposalRef]adminUpdateSecrets `tls:"omit"`
	Keys           keyScheduleEpoch                   `tls:"omit"`

	// Helpful information
	NewCredentials map[LeafIndex]bool

	// Admins
	Admins    map[LeafIndex]struct{} `tls:"head=4"`
	NumAdmins uint32
}

TODO: admin list variable

func NewAdminStateFromWelcomeAndSecrets 

func NewAdminStateFromWelcomeAndSecrets(welcome Welcome, ss AdminStateSecrets) (*AdminState, error)

func NewEmptyAdminState 

func NewEmptyAdminState(groupID []byte, leafSecret []byte, sigPriv SignaturePrivateKey, kp KeyPackage) (*AdminState, error)

func NewEmptyAdminStateWithExtensions 

func NewEmptyAdminStateWithExtensions(groupID []byte, leafSecret []byte, sigPriv SignaturePrivateKey, kp KeyPackage, ext ExtensionList) (*AdminState, error)

func NewJoinedAdminState 

func NewJoinedAdminState(initSecret []byte, sigPrivs []SignaturePrivateKey, kps []KeyPackage, welcome Welcome) (*AdminState, error)

func (AdminState) Add 

func (s AdminState) Add(kp KeyPackage) (*MLSPlaintext, error)

func (AdminState) AdminAdd 

func (s AdminState) AdminAdd(added LeafIndex) (*MLSPlaintext, error)

func (*AdminState) AdminRemove 

func (s *AdminState) AdminRemove(removed LeafIndex) (*MLSPlaintext, error)

func (AdminState) AdminUpdate 

func (s AdminState) AdminUpdate(sigPriv *SignaturePrivateKey, kp KeyPackage) (*MLSPlaintext, error)

func (AdminState) Clone 

func (s AdminState) Clone() *AdminState

func (*AdminState) Commit 

func (s *AdminState) Commit(leafSecret []byte) (*MLSPlaintext, *Welcome, *AdminState, error)

TODO: admin logic note that the 'normal' propCleaner is executed in proc because the committer speculatively processes the commit but we need propCleaner here because we might make new proposals!

func (AdminState) Equals 

func (s AdminState) Equals(o AdminState) bool

Compare the public and shared private aspects of two nodes

func (AdminState) GetSecrets 

func (s AdminState) GetSecrets() AdminStateSecrets

func (*AdminState) Handle 

func (s *AdminState) Handle(pt *MLSPlaintext) (*AdminState, error)

func (*AdminState) Protect 

func (s *AdminState) Protect(data []byte) (*MLSCiphertext, error)

func (*AdminState) Remove 

func (s *AdminState) Remove(removed LeafIndex) (*MLSPlaintext, error)

func (*AdminState) SetSecrets 

func (s *AdminState) SetSecrets(ss AdminStateSecrets)

func (*AdminState) Unprotect 

func (s *AdminState) Unprotect(ct *MLSCiphertext) ([]byte, error)

func (AdminState) Update 

func (s AdminState) Update(secret []byte, sigPriv *SignaturePrivateKey, kp KeyPackage) (*MLSPlaintext, error)

type AdminStateSecrets 

type AdminStateSecrets struct {
	CipherSuite CipherSuite

	// Per-participant non-secret state
	Index            LeafIndex
	InitPriv         HPKEPrivateKey
	IdentityPriv     SignaturePrivateKey
	AdminPriv        SignaturePrivateKey
	OldAdminPriv     SignaturePrivateKey
	Scheme           SignatureScheme
	PendingProposals []MLSPlaintext `tls:"head=4"`

	// Secret state
	PendingUpdates map[ProposalRef]adminUpdateSecrets `tls:"head=4"`
	Keys           keyScheduleEpoch
	TreePriv       TreeKEMPrivateKey
}

Isolated getters and setters for public and secret state

Note that the get/set operations here are very shallow. We basically assume that the StateSecrets object is temporary, as a carrier for marshaling / unmarshaling.

type AdminUpdateProposal 

type AdminUpdateProposal struct {
	KeyPackage  KeyPackage
	NewAdminKey SignaturePublicKey
}

type ApplicationData 

type ApplicationData struct {
	Data []byte `tls:"head=4"`
}

type BasicCredential 

type BasicCredential struct {
	Identity        []byte `tls:"head=2"`
	SignatureScheme SignatureScheme
	PublicKey       SignaturePublicKey
}
struct {
    opaque identity<0..2^16-1>;
    SignatureScheme algorithm;
    SignaturePublicKey public_key;
} BasicCredential;

type Bytes1 

type Bytes1 []byte

func (Bytes1) MarshalTLS 

func (b Bytes1) MarshalTLS() ([]byte, error)

func (*Bytes1) UnmarshalTLS 

func (b *Bytes1) UnmarshalTLS(data []byte) (int, error)

type CipherSuite 

type CipherSuite uint16
const (
	X25519_AES128GCM_SHA256_Ed25519        CipherSuite = 0x0001
	P256_AES128GCM_SHA256_P256             CipherSuite = 0x0002
	X25519_CHACHA20POLY1305_SHA256_Ed25519 CipherSuite = 0x0003
	X448_AES256GCM_SHA512_Ed448            CipherSuite = 0x0004 // UNSUPPORTED
	P521_AES256GCM_SHA512_P521             CipherSuite = 0x0005
	X448_CHACHA20POLY1305_SHA512_Ed448     CipherSuite = 0x0006 // UNSUPPORTED
)

func (CipherSuite) Constants 

func (cs CipherSuite) Constants() cipherConstants

func (CipherSuite) Digest 

func (cs CipherSuite) Digest(data []byte) []byte

func (CipherSuite) NewAEAD 

func (cs CipherSuite) NewAEAD(key []byte) (cipher.AEAD, error)

func (CipherSuite) NewHMAC 

func (cs CipherSuite) NewHMAC(key []byte) hash.Hash

func (CipherSuite) Scheme 

func (cs CipherSuite) Scheme() SignatureScheme

func (CipherSuite) String 

func (cs CipherSuite) String() string

type Commit 

type Commit struct {
	Updates      []ProposalID `tls:"head=2"`
	Removes      []ProposalID `tls:"head=2"`
	Adds         []ProposalID `tls:"head=2"`
	AdminUpdates []ProposalID `tls:"head=2"`
	AdminRemoves []ProposalID `tls:"head=2"`
	AdminAdds    []ProposalID `tls:"head=2"`

	Path *DirectPath `tls:"optional"`
}

func (Commit) PathRequired 

func (commit Commit) PathRequired() bool

TODO: modify this

func (Commit) ValidForTLS 

func (commit Commit) ValidForTLS() bool

type CommitData 

type CommitData struct {
	Commit       Commit
	Confirmation Confirmation
}

type Confirmation 

type Confirmation struct {
	Data []byte `tls:"head=1"`
}

type ContentType 

type ContentType uint8
const (
	ContentTypeInvalid     ContentType = 0
	ContentTypeApplication ContentType = 1
	ContentTypeProposal    ContentType = 2
	ContentTypeCommit      ContentType = 3
)

func (ContentType) ValidForTLS 

func (ct ContentType) ValidForTLS() error

type Credential 

type Credential struct {
	X509  *X509Credential
	Basic *BasicCredential
}
	struct {
		CredentialType credential_type;
		select (Credential.credential_type) {
			case basic:
				BasicCredential;
			case x509:
				opaque cert_data<1..2^24-1>;
		};
} Credential;

func NewBasicCredential 

func NewBasicCredential(userId []byte, scheme SignatureScheme, pub SignaturePublicKey) *Credential

func NewX509Credential 

func NewX509Credential(chain []*x509.Certificate) (*Credential, error)

func (Credential) Equals 

func (c Credential) Equals(o Credential) bool

compare the public aspects

func (Credential) Identity 

func (c Credential) Identity() []byte

func (Credential) MarshalTLS 

func (c Credential) MarshalTLS() ([]byte, error)

func (Credential) PublicKey 

func (c Credential) PublicKey() *SignaturePublicKey

func (Credential) Scheme 

func (c Credential) Scheme() SignatureScheme

func (Credential) Type 

func (c Credential) Type() CredentialType

func (*Credential) UnmarshalTLS 

func (c *Credential) UnmarshalTLS(data []byte) (int, error)

type CredentialType 

type CredentialType uint8
const (
	CredentialTypeInvalid CredentialType = 255
	CredentialTypeBasic   CredentialType = 0
	CredentialTypeX509    CredentialType = 1
)

func (CredentialType) ValidForTLS 

func (ct CredentialType) ValidForTLS() error

type DirectPath 

type DirectPath struct {
	LeafKeyPackage KeyPackage
	Steps          []DirectPathNode `tls:"head=4"`
}

func (DirectPath) ParentHashValid 

func (path DirectPath) ParentHashValid(suite CipherSuite) error

func (DirectPath) ParentHashes 

func (path DirectPath) ParentHashes(suite CipherSuite) ([][]byte, error)

This produces a list of parent hashes that are off by one with respect to the steps in the path. The path hash at position i goes with the public key at position i-1, and the path hash at position 0 goes in the leaf.

func (*DirectPath) Sign 

func (path *DirectPath) Sign(suite CipherSuite, initPub HPKEPublicKey, sigPriv SignaturePrivateKey, opts *KeyPackageOpts) error

type DirectPathNode 

type DirectPathNode struct {
	PublicKey            HPKEPublicKey
	EncryptedPathSecrets []HPKECiphertext `tls:"head=4"`
}

/ / DirectPath /

type EncryptedGroupSecrets 

type EncryptedGroupSecrets struct {
	KeyPackageHash        []byte `tls:"head=1"`
	EncryptedGroupSecrets HPKECiphertext
}

/ / EncryptedGroupSecrets /

type Epoch 

type Epoch uint64

/ / MLSPlaintext and MLSCiphertext /

type Extension 

type Extension struct {
	ExtensionType ExtensionType
	ExtensionData []byte `tls:"head=2"`
}

type ExtensionBody 

type ExtensionBody interface {
	Type() ExtensionType
}

type ExtensionList 

type ExtensionList struct {
	Entries []Extension `tls:"head=2"`
}

func NewExtensionList 

func NewExtensionList() ExtensionList

func (*ExtensionList) Add 

func (el *ExtensionList) Add(src ExtensionBody) error

func (ExtensionList) Find 

func (el ExtensionList) Find(dst ExtensionBody) (bool, error)

func (ExtensionList) Has 

func (el ExtensionList) Has(extType ExtensionType) bool

type ExtensionType 

type ExtensionType uint16
const (
	ExtensionTypeInvalid               ExtensionType = 0x0000
	ExtensionTypeSupportedVersions     ExtensionType = 0x0001
	ExtensionTypeSupportedCipherSuites ExtensionType = 0x0002
	ExtensionTypeLifetime              ExtensionType = 0x0003
	ExtensionTypeKeyID                 ExtensionType = 0x0004
	ExtensionTypeParentHash            ExtensionType = 0x0005
)

type GroupContext 

type GroupContext struct {
	GroupID                 []byte `tls:"head=1"`
	Epoch                   Epoch
	TreeHash                []byte `tls:"head=1"`
	ConfirmedTranscriptHash []byte `tls:"head=1"`
	Extensions              ExtensionList
}

/ / GroupContext /

type GroupInfo 

type GroupInfo struct {
	GroupID                 []byte `tls:"head=1"`
	Epoch                   Epoch
	Tree                    TreeKEMPublicKey
	ConfirmedTranscriptHash []byte `tls:"head=1"`
	InterimTranscriptHash   []byte `tls:"head=1"`
	Extensions              ExtensionList
	Confirmation            []byte `tls:"head=1"`
	SignerIndex             LeafIndex
	Signature               []byte `tls:"head=2"`
}

type GroupSecrets 

type GroupSecrets struct {
	EpochSecret []byte      `tls:"head=1"`
	PathSecret  *PathSecret `tls:"optional"`
}

type HPKECiphertext 

type HPKECiphertext struct {
	KEMOutput  []byte `tls:"head=2"`
	Ciphertext []byte `tls:"head=4"`
}

type HPKEInstance 

type HPKEInstance struct {
	BaseSuite CipherSuite
	Suite     hpke.CipherSuite
}

func (HPKEInstance) Decrypt 

func (h HPKEInstance) Decrypt(priv HPKEPrivateKey, aad []byte, ct HPKECiphertext) ([]byte, error)

func (HPKEInstance) Derive 

func (h HPKEInstance) Derive(seed []byte) (HPKEPrivateKey, error)

func (HPKEInstance) Encrypt 

func (h HPKEInstance) Encrypt(pub HPKEPublicKey, aad, pt []byte) (HPKECiphertext, error)

func (HPKEInstance) Generate 

func (h HPKEInstance) Generate() (HPKEPrivateKey, error)

type HPKEPrivateKey 

type HPKEPrivateKey struct {
	Data      []byte `tls:"head=2"`
	PublicKey HPKEPublicKey
}

type HPKEPublicKey 

type HPKEPublicKey struct {
	Data []byte `tls:"head=2"`
}

func (HPKEPublicKey) Equals 

func (k HPKEPublicKey) Equals(o HPKEPublicKey) bool

type KeyPackage 

type KeyPackage struct {
	Version     ProtocolVersion
	CipherSuite CipherSuite
	InitKey     HPKEPublicKey
	Credential  Credential
	Extensions  ExtensionList
	Signature   Signature
}

func NewKeyPackageWithInitKey 

func NewKeyPackageWithInitKey(suite CipherSuite, initKey HPKEPublicKey, cred *Credential, sigPriv SignaturePrivateKey) (*KeyPackage, error)

func NewKeyPackageWithSecret 

func NewKeyPackageWithSecret(suite CipherSuite, initSecret []byte, cred *Credential, sigPriv SignaturePrivateKey) (*KeyPackage, error)

func (KeyPackage) Clone 

func (kp KeyPackage) Clone() KeyPackage

func (KeyPackage) Equals 

func (kp KeyPackage) Equals(other KeyPackage) bool

func (*KeyPackage) SetExtensions 

func (kp *KeyPackage) SetExtensions(exts []ExtensionBody) error

func (*KeyPackage) Sign 

func (kp *KeyPackage) Sign(priv SignaturePrivateKey) error

func (KeyPackage) Verify 

func (kp KeyPackage) Verify() bool

type KeyPackageOpts 

type KeyPackageOpts struct {
}

type LeafCount 

type LeafCount uint32

type LeafIndex 

type LeafIndex uint32

type LeafNodeHashInput 

type LeafNodeHashInput struct {
	LeafIndex  LeafIndex
	KeyPackage *KeyPackage `tls:"optional"`
}

type LifetimeExtension 

type LifetimeExtension struct {
	NotBefore uint64
	NotAfter  uint64
}

func (LifetimeExtension) Type 

func (lte LifetimeExtension) Type() ExtensionType

type MLSCiphertext 

type MLSCiphertext struct {
	GroupID             []byte `tls:"head=1"`
	Epoch               Epoch
	ContentType         ContentType
	SenderDataNonce     []byte `tls:"head=1"`
	EncryptedSenderData []byte `tls:"head=1"`
	AuthenticatedData   []byte `tls:"head=4"`
	Ciphertext          []byte `tls:"head=4"`
}

type MLSPlaintext 

type MLSPlaintext struct {
	GroupID           []byte `tls:"head=1"`
	Epoch             Epoch
	Sender            Sender
	AuthenticatedData []byte `tls:"head=4"`
	Content           MLSPlaintextContent
	Signature         Signature
}

type MLSPlaintextContent 

type MLSPlaintextContent struct {
	Application *ApplicationData
	Proposal    *Proposal
	Commit      *CommitData
}

func (MLSPlaintextContent) MarshalTLS 

func (c MLSPlaintextContent) MarshalTLS() ([]byte, error)

func (MLSPlaintextContent) Type 

func (c MLSPlaintextContent) Type() ContentType

func (*MLSPlaintextContent) UnmarshalTLS 

func (c *MLSPlaintextContent) UnmarshalTLS(data []byte) (int, error)

type Node 

type Node struct {
	Leaf   *KeyPackage
	Parent *ParentNode
}

/ / Node /

func (*Node) Clone 

func (n *Node) Clone() *Node

func (*Node) Equals 

func (n *Node) Equals(other *Node) bool

func (Node) MarshalTLS 

func (n Node) MarshalTLS() ([]byte, error)

func (Node) PublicKey 

func (n Node) PublicKey() HPKEPublicKey

func (Node) Type 

func (n Node) Type() NodeType

func (*Node) UnmarshalTLS 

func (n *Node) UnmarshalTLS(data []byte) (int, error)

type NodeIndex 

type NodeIndex uint32

type NodeType 

type NodeType uint8
const (
	NodeTypeLeaf   NodeType = 0x00
	NodeTypeParent NodeType = 0x01
)

type OptionalNode 

type OptionalNode struct {
	Node *Node  `tls:"optional"`
	Hash []byte `tls:"omit"`
}

/ / OptionalNode /

func (OptionalNode) Blank 

func (n OptionalNode) Blank() bool

func (OptionalNode) Clone 

func (n OptionalNode) Clone() OptionalNode

func (*OptionalNode) SetLeafNodeHash 

func (n *OptionalNode) SetLeafNodeHash(suite CipherSuite, index LeafIndex) error

func (*OptionalNode) SetParentNodeHash 

func (n *OptionalNode) SetParentNodeHash(suite CipherSuite, index NodeIndex, left, right []byte) error

func (*OptionalNode) SetToBlank 

func (n *OptionalNode) SetToBlank()

type ParentHashExtension 

type ParentHashExtension struct {
	ParentHash []byte `tls:"head=1"`
}

func (ParentHashExtension) Type 

func (phe ParentHashExtension) Type() ExtensionType

type ParentNode 

type ParentNode struct {
	PublicKey      HPKEPublicKey
	UnmergedLeaves []LeafIndex `tls:"head=4"`
	ParentHash     []byte      `tls:"head=2"`
}

func (*ParentNode) AddUnmerged 

func (n *ParentNode) AddUnmerged(l LeafIndex)

func (ParentNode) Clone 

func (n ParentNode) Clone() ParentNode

func (*ParentNode) Equals 

func (n *ParentNode) Equals(other *ParentNode) bool

type ParentNodeHashInput 

type ParentNodeHashInput struct {
	NodeIndex  NodeIndex
	ParentNode *ParentNode `tls:"optional"`
	LeftHash   []byte      `tls:"head=1"`
	RightHash  []byte      `tls:"head=1"`
}

type PathSecret 

type PathSecret struct {
	Data []byte `tls:"head=1"`
}

/ / GroupSecrets /

type Proposal 

type Proposal struct {
	Add         *AddProposal
	Update      *UpdateProposal
	Remove      *RemoveProposal
	AdminAdd    *AdminAddProposal
	AdminUpdate *AdminUpdateProposal
	AdminRemove *AdminRemoveProposal
}

func (Proposal) MarshalTLS 

func (p Proposal) MarshalTLS() ([]byte, error)

func (Proposal) Type 

func (p Proposal) Type() ProposalType

func (*Proposal) UnmarshalTLS 

func (p *Proposal) UnmarshalTLS(data []byte) (int, error)

type ProposalID 

type ProposalID struct {
	Hash []byte `tls:"head=1"`
}

/ / Commit /

func (ProposalID) String 

func (pid ProposalID) String() string

type ProposalRef 

type ProposalRef uint64

type ProposalType 

type ProposalType uint8

/ / Proposal / 

const (
	ProposalTypeInvalid     ProposalType = 0
	ProposalTypeAdd         ProposalType = 1
	ProposalTypeUpdate      ProposalType = 2
	ProposalTypeRemove      ProposalType = 3
	ProposalTypeAdminAdd    ProposalType = 4
	ProposalTypeAdminUpdate ProposalType = 5
	ProposalTypeAdminRemove ProposalType = 6
)

func (ProposalType) ValidForTLS 

func (pt ProposalType) ValidForTLS() error

type ProtocolVersion 

type ProtocolVersion uint8
const (
	ProtocolVersionMLS10 ProtocolVersion = 0x00
)

type RemoveProposal 

type RemoveProposal struct {
	Removed LeafIndex
}

type Sender 

type Sender struct {
	Type   SenderType
	Sender uint32
}

type SenderType 

type SenderType uint8
const (
	SenderTypeInvalid       SenderType = 0
	SenderTypeMember        SenderType = 1
	SenderTypePreconfigured SenderType = 2
	SenderTypeNewMember     SenderType = 3
)

func (SenderType) ValidForTLS 

func (st SenderType) ValidForTLS() error

type Signature 

type Signature struct {
	Data []byte `tls:"head=2"`
}

/ / KeyPackage /

type SignaturePrivateKey 

type SignaturePrivateKey struct {
	Data      []byte `tls:"head=2"`
	PublicKey SignaturePublicKey
}

type SignaturePublicKey 

type SignaturePublicKey struct {
	Data []byte `tls:"head=2"`
}

func (SignaturePublicKey) Equals 

func (pub SignaturePublicKey) Equals(other SignaturePublicKey) bool

type SignatureScheme 

type SignatureScheme uint16
const (
	ECDSA_SECP256R1_SHA256 SignatureScheme = 0x0403
	ECDSA_SECP521R1_SHA512 SignatureScheme = 0x0603
	Ed25519                SignatureScheme = 0x0807
)

func (SignatureScheme) Derive 

func (ss SignatureScheme) Derive(preSeed []byte) (SignaturePrivateKey, error)

func (SignatureScheme) Generate 

func (ss SignatureScheme) Generate() (SignaturePrivateKey, error)

func (SignatureScheme) Sign 

func (ss SignatureScheme) Sign(priv *SignaturePrivateKey, message []byte) ([]byte, error)

func (SignatureScheme) String 

func (ss SignatureScheme) String() string

func (SignatureScheme) Verify 

func (ss SignatureScheme) Verify(pub *SignaturePublicKey, message, signature []byte) bool

type State 

type State struct {
	// Shared confirmed state
	CipherSuite             CipherSuite
	GroupID                 []byte `tls:"head=1"`
	Epoch                   Epoch
	Tree                    TreeKEMPublicKey
	ConfirmedTranscriptHash []byte `tls:"head=1"`
	InterimTranscriptHash   []byte `tls:"head=1"`
	Extensions              ExtensionList

	// Per-participant non-secret state
	Index            LeafIndex           `tls:"omit"`
	IdentityPriv     SignaturePrivateKey `tls:"omit"`
	TreePriv         TreeKEMPrivateKey   `tls:"omit"`
	Scheme           SignatureScheme     `tls:"omit"`
	PendingProposals []MLSPlaintext      `tls:"omit"`

	// Secret state
	PendingUpdates map[ProposalRef]updateSecrets `tls:"omit"`
	Keys           keyScheduleEpoch              `tls:"omit"`

	// Helpful information
	NewCredentials map[LeafIndex]bool
}

func NewEmptyState 

func NewEmptyState(groupID []byte, leafSecret []byte, sigPriv SignaturePrivateKey, kp KeyPackage) (*State, error)

func NewEmptyStateWithExtensions 

func NewEmptyStateWithExtensions(groupID []byte, leafSecret []byte, sigPriv SignaturePrivateKey, kp KeyPackage, ext ExtensionList) (*State, error)

func NewJoinedState 

func NewJoinedState(initSecret []byte, sigPrivs []SignaturePrivateKey, kps []KeyPackage, welcome Welcome) (*State, error)

func NewStateFromWelcomeAndSecrets 

func NewStateFromWelcomeAndSecrets(welcome Welcome, ss StateSecrets) (*State, error)

func (State) Add 

func (s State) Add(kp KeyPackage) (*MLSPlaintext, error)

func (State) Clone 

func (s State) Clone() *State

func (*State) Commit 

func (s *State) Commit(leafSecret []byte) (*MLSPlaintext, *Welcome, *State, error)

func (State) Equals 

func (s State) Equals(o State) bool

Compare the public and shared private aspects of two nodes

func (State) GetSecrets 

func (s State) GetSecrets() StateSecrets

func (*State) Handle 

func (s *State) Handle(pt *MLSPlaintext) (*State, error)

func (*State) Protect 

func (s *State) Protect(data []byte) (*MLSCiphertext, error)

func (*State) Remove 

func (s *State) Remove(removed LeafIndex) (*MLSPlaintext, error)

func (*State) SetSecrets 

func (s *State) SetSecrets(ss StateSecrets)

func (*State) Unprotect 

func (s *State) Unprotect(ct *MLSCiphertext) ([]byte, error)

func (State) Update 

func (s State) Update(secret []byte, sigPriv *SignaturePrivateKey, kp KeyPackage) (*MLSPlaintext, error)

type StateSecrets 

type StateSecrets struct {
	CipherSuite CipherSuite

	// Per-participant non-secret state
	Index            LeafIndex
	InitPriv         HPKEPrivateKey
	IdentityPriv     SignaturePrivateKey
	Scheme           SignatureScheme
	PendingProposals []MLSPlaintext `tls:"head=4"`

	// Secret state
	PendingUpdates map[ProposalRef]updateSecrets `tls:"head=4"`
	Keys           keyScheduleEpoch
	TreePriv       TreeKEMPrivateKey
}

Isolated getters and setters for public and secret state

Note that the get/set operations here are very shallow. We basically assume that the StateSecrets object is temporary, as a carrier for marshaling / unmarshaling.

type SupportedCipherSuitesExtension 

type SupportedCipherSuitesExtension struct {
	SupportedCipherSuites []CipherSuite `tls:"head=1"`
}

func (SupportedCipherSuitesExtension) Type 

func (sce SupportedCipherSuitesExtension) Type() ExtensionType

type SupportedVersionsExtension 

type SupportedVersionsExtension struct {
	SupportedVersions []ProtocolVersion `tls:"head=1"`
}

func (SupportedVersionsExtension) Type 

func (sve SupportedVersionsExtension) Type() ExtensionType

type TreeKEMPrivateKey 

type TreeKEMPrivateKey struct {
	Suite        CipherSuite
	Index        LeafIndex
	UpdateSecret []byte               `tls:"head=1"`
	PathSecrets  map[NodeIndex]Bytes1 `tls:"head=4"`
	// contains filtered or unexported fields
}

func NewTreeKEMPrivateKey 

func NewTreeKEMPrivateKey(suite CipherSuite, size LeafCount, index LeafIndex, leafSecret []byte) *TreeKEMPrivateKey

func NewTreeKEMPrivateKeyForJoiner 

func NewTreeKEMPrivateKeyForJoiner(suite CipherSuite, index LeafIndex, size LeafCount, leafSecret []byte, intersect NodeIndex, pathSecret []byte) *TreeKEMPrivateKey

func (TreeKEMPrivateKey) Clone 

func (priv TreeKEMPrivateKey) Clone() TreeKEMPrivateKey

func (TreeKEMPrivateKey) Consistent 

func (priv TreeKEMPrivateKey) Consistent(other TreeKEMPrivateKey) bool

func (TreeKEMPrivateKey) ConsistentPub 

func (priv TreeKEMPrivateKey) ConsistentPub(pub TreeKEMPublicKey) bool

func (*TreeKEMPrivateKey) Decap 

func (priv *TreeKEMPrivateKey) Decap(from LeafIndex, pub TreeKEMPublicKey, context []byte, path DirectPath) error

TODO(RLB) Onece the spec is updated to have EncryptedPathSecrets as a map, change the TreeKEMPublicKey argument to just be a size.

func (*TreeKEMPrivateKey) SetLeafSecret 

func (priv *TreeKEMPrivateKey) SetLeafSecret(secret []byte)

func (TreeKEMPrivateKey) SharedPathSecret 

func (priv TreeKEMPrivateKey) SharedPathSecret(to LeafIndex) (NodeIndex, []byte, bool)

type TreeKEMPublicKey 

type TreeKEMPublicKey struct {
	Suite CipherSuite    `tls:"omit"`
	Nodes []OptionalNode `tls:"head=4"`
}

func NewTreeKEMPublicKey 

func NewTreeKEMPublicKey(suite CipherSuite) *TreeKEMPublicKey

func (*TreeKEMPublicKey) AddLeaf 

func (pub *TreeKEMPublicKey) AddLeaf(keyPkg KeyPackage) LeafIndex

func (*TreeKEMPublicKey) BlankPath 

func (pub *TreeKEMPublicKey) BlankPath(index LeafIndex)

func (TreeKEMPublicKey) Clone 

func (pub TreeKEMPublicKey) Clone() TreeKEMPublicKey

func (TreeKEMPublicKey) Encap 

func (pub TreeKEMPublicKey) Encap(from LeafIndex, context, leafSecret []byte, leafSigPriv SignaturePrivateKey, opts *KeyPackageOpts) (*TreeKEMPrivateKey, *DirectPath, error)

func (TreeKEMPublicKey) Equals 

func (pub TreeKEMPublicKey) Equals(o TreeKEMPublicKey) bool

func (TreeKEMPublicKey) Find 

func (pub TreeKEMPublicKey) Find(kp KeyPackage) (LeafIndex, bool)

func (TreeKEMPublicKey) KeyPackage 

func (pub TreeKEMPublicKey) KeyPackage(index LeafIndex) (KeyPackage, bool)

func (*TreeKEMPublicKey) Merge 

func (pub *TreeKEMPublicKey) Merge(from LeafIndex, path DirectPath) error

func (TreeKEMPublicKey) RootHash 

func (pub TreeKEMPublicKey) RootHash() []byte

func (*TreeKEMPublicKey) SetHashAll 

func (pub *TreeKEMPublicKey) SetHashAll() error

func (TreeKEMPublicKey) Size 

func (pub TreeKEMPublicKey) Size() LeafCount

func (*TreeKEMPublicKey) UpdateLeaf 

func (pub *TreeKEMPublicKey) UpdateLeaf(index LeafIndex, keyPkg KeyPackage)

func (*TreeKEMPublicKey) UpdateLeafAdmin 

func (pub *TreeKEMPublicKey) UpdateLeafAdmin(index LeafIndex, keyPkg KeyPackage)

type UpdateProposal 

type UpdateProposal struct {
	KeyPackage KeyPackage
}

type Welcome 

type Welcome struct {
	Version            ProtocolVersion
	CipherSuite        CipherSuite
	Secrets            []EncryptedGroupSecrets `tls:"head=4"`
	EncryptedGroupInfo []byte                  `tls:"head=4"`
	// contains filtered or unexported fields
}

func (Welcome) AdminDecrypt 

func (w Welcome) AdminDecrypt(suite CipherSuite, epochSecret []byte) (*AdminGroupInfo, error)

func (Welcome) Decrypt 

func (w Welcome) Decrypt(suite CipherSuite, epochSecret []byte) (*GroupInfo, error)

func (*Welcome) EncryptTo 

func (w *Welcome) EncryptTo(kp KeyPackage, pathSecret []byte)

TODO(RLB): Return error instead of panicking

type X509Credential 

type X509Credential struct {
	Chain []*x509.Certificate
}

case x509: 

opaque cert_data<1..2^24-1>;

func (X509Credential) Equals 

func (cred X509Credential) Equals(other *X509Credential) bool

func (X509Credential) MarshalTLS 

func (cred X509Credential) MarshalTLS() ([]byte, error)

func (X509Credential) PublicKey 

func (cred X509Credential) PublicKey() *SignaturePublicKey

func (X509Credential) Scheme 

func (cred X509Credential) Scheme() SignatureScheme

func (*X509Credential) UnmarshalTLS 

func (cred *X509Credential) UnmarshalTLS(data []byte) (int, error)

func (X509Credential) Verify 

func (cred X509Credential) Verify(trusted []*x509.Certificate) error

XXX(RLB): This is a very simple chain validation, just looking at signatures and whatever basic hop-by-hop policy is applied by CheckSignatureFrom. More complex things like name constraints are not considered. They would be if we were using x509.Certificate.Verify, but that method (1) requires a DNS name as the authentication anchor, and (2) builds its own chain without strict ordering.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.