Documentation ¶
Index ¶
- Variables
- func NewMessage(clearText string, messageType int) (message, error)
- type CryptoEngine
- func (engine *CryptoEngine) Decrypt(encryptedBytes []byte) (*message, error)
- func (engine *CryptoEngine) DecryptWithPublicKey(encryptedBytes []byte, verificationEngine VerificationEngine) (*message, error)
- func (engine *CryptoEngine) NewEncryptedMessage(msg message) (EncryptedMessage, error)
- func (engine *CryptoEngine) NewEncryptedMessageWithPubKey(msg message, verificationEngine VerificationEngine) (EncryptedMessage, error)
- func (engine *CryptoEngine) PublicKey() []byte
- type EncryptedMessage
- type VerificationEngine
Constants ¶
This section is empty.
Variables ¶
var ( KeySizeError = errors.New(fmt.Sprintf("The provisioned key size is less than: %d\n", keySize)) KeyNotValidError = errors.New("The provisioned public key is not valid") SaltGenerationError = errors.New("Could not generate random salt") KeyGenerationError = errors.New("Could not generate random key") MessageDecryptionError = errors.New("Could not verify the message. Message has been tempered with!") MessageParsingError = errors.New("Could not parse the Message from bytes") )
Functions ¶
func NewMessage ¶
Create a new message with a clear text and the message type messageType: is an identifier to distinguish the messages on the receiver and parse them for example if zero is a JSON message and 1 is XML, then the received can parse different formats with different methods
Types ¶
type CryptoEngine ¶
type CryptoEngine struct {
// contains filtered or unexported fields
}
This is the basic object which needs to be instanciated for encrypting messages either via public key cryptography or private key cryptography The object has the methods necessary to execute all the needed functions to encrypt and decrypt a message, both with symmetric and asymmetric crypto
func InitCryptoEngine ¶
func InitCryptoEngine(communicationIdentifier string) (*CryptoEngine, error)
This function initialize all the necessary information to carry out a secure communication either via public key cryptography or secret key cryptography. The peculiarity is that the user of this package needs to take care of only one parameter, the communicationIdentifier. It defines a unique set of keys between the application and the communicationIdentifier unique end point. IMPORTANT: The parameter communicationIdentifier defines several assumptions the code use:
- it names the secret key files with the comuncationIdentifier prefix. This means that if you want to have different secret keys with different end points, you can differrentiate the key by having different unique communicationIdentifier. It, also, loads the already created keys back in memory based on the communicationIdentifier
- it does the same with the asymmetric keys
The communicationIdentifier parameter is URL unescape, trimmed, set to lower case and all the white spaces are replaced with an underscore. The publicKey parameter can be nil. In that case the CryptoEngine assumes it has been instanciated for symmetric crypto usage.
func (*CryptoEngine) Decrypt ¶
func (engine *CryptoEngine) Decrypt(encryptedBytes []byte) (*message, error)
This method is used to decrypt messages where symmetrci encryption is used
func (*CryptoEngine) DecryptWithPublicKey ¶
func (engine *CryptoEngine) DecryptWithPublicKey(encryptedBytes []byte, verificationEngine VerificationEngine) (*message, error)
This method is used to decrypt messages where symmetrci encryption is used
func (*CryptoEngine) NewEncryptedMessage ¶
func (engine *CryptoEngine) NewEncryptedMessage(msg message) (EncryptedMessage, error)
This method accepts a message , then encrypts its Version+Type+Text using a symmetric key
func (*CryptoEngine) NewEncryptedMessageWithPubKey ¶
func (engine *CryptoEngine) NewEncryptedMessageWithPubKey(msg message, verificationEngine VerificationEngine) (EncryptedMessage, error)
This method accepts the message as byte slice and the public key of the receiver of the messae, then encrypts it using the asymmetric key public key. If the public key is not privisioned and does not have the required length of 32 bytes it raises an exception.
func (*CryptoEngine) PublicKey ¶
func (engine *CryptoEngine) PublicKey() []byte
Gives access to the public key
type EncryptedMessage ¶
type EncryptedMessage struct {
// contains filtered or unexported fields
}
This struct represent the encrypted message which can be sent over the networl safely |lenght| => 8 bytes (uint64 total message length) |nonce| => 24 bytes ([]byte size) |message| => N bytes ([]byte message)
func (EncryptedMessage) ToBytes ¶
func (m EncryptedMessage) ToBytes() ([]byte, error)
STRUCTURE 8 => |SIZE| 24 => |NONCE| N => |DATA| |size| => 8 bytes (uint64 total message length) |type| => 4 bytes (int message version) |message| => N bytes ([]byte message)
type VerificationEngine ¶
type VerificationEngine struct {
// contains filtered or unexported fields
}
The verification engine links two peers basically. It holds the public key and the remote peer public key and the pre-shared key
func NewVerificationEngine ¶
func NewVerificationEngine(context string) (VerificationEngine, error)
This function instantiate the verification engine by leveraging the context Basically if a public key of a peer is available locally then it's locaded here
func NewVerificationEngineWithKey ¶
func NewVerificationEngineWithKey(publicKey []byte) (VerificationEngine, error)
This function instantiate the verification engine by passing it the key (at the moment only the public key) go nacl crypto does not support Ed25519 signatures yet
func (VerificationEngine) PublicKey ¶
func (e VerificationEngine) PublicKey() [keySize]byte
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
Godeps
|
|
_workspace/src/github.com/sec51/convert/smallendian
Package used to convert intergers to byte arrays in small endian
|
Package used to convert intergers to byte arrays in small endian |
_workspace/src/golang.org/x/crypto/hkdf
Package hkdf implements the HMAC-based Extract-and-Expand Key Derivation Function (HKDF) as defined in RFC 5869.
|
Package hkdf implements the HMAC-based Extract-and-Expand Key Derivation Function (HKDF) as defined in RFC 5869. |
_workspace/src/golang.org/x/crypto/nacl/box
Package box authenticates and encrypts messages using public-key cryptography.
|
Package box authenticates and encrypts messages using public-key cryptography. |
_workspace/src/golang.org/x/crypto/nacl/secretbox
Package secretbox encrypts and authenticates small messages.
|
Package secretbox encrypts and authenticates small messages. |
fuzzing
|
|
messagefrombytes
this file is used for fuzz testing only
|
this file is used for fuzz testing only |