msgcrypt

package
v0.0.0-...-c45e87f Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 1, 2024 License: BSD-3-Clause Imports: 15 Imported by: 0

Documentation

Overview

Package msgcrypt implements message enryption and decryption.

Index

Constants

View Source 
const MaxSecretSize = 500

MaxSecretSize is the maximum size of a secret.

Variables

View Source 
var (
	// ErrNoLocksFound is returned if no matching locks could be found in the keylist of the server.
	ErrNoLocksFound = errors.New("msgcrypt: no matching locks found")
	// ErrNoKeylist is returned if no keylist is available.
	ErrNoKeylist = errors.New("msgcrypt: no keylist available")
	// ErrKeylistUntrusted is returned if the keylist could not be verified.
	ErrKeylistUntrusted = errors.New("msgcryt: keylist is untrusteed")
)
View Source 
var (
	// ErrSecretToLong is returned when trying to encode a real secret over 500 byte length.
	ErrSecretToLong = errors.New("msgcrypt: secret too long")
	// ErrEncryptedTooShort is returned if the encrypted message is too short.
	ErrEncryptedTooShort = errors.New("msgcrypt: encrypted message too short")
)
View Source 
var (
	// ErrMessageIncomplete is returned when a message is too short.
	ErrMessageIncomplete = errors.New("msgcrypt: message incomplete")
	// ErrCannotDecrypt is returned if the decryption failed.
	ErrCannotDecrypt = errors.New("msgcrypt: decryption failed")
)
View Source 
var (
	// ErrPolicyExpired is returned when the policy of a message has expired.
	ErrPolicyExpired = errors.New("msgcrypt: policy expired")
)

Functions

func DecryptKey 

func DecryptKey(sendKey *[32]byte, nonce *[32]byte, myPrivateKey *[32]byte) (secret *[32]byte)

DecryptKey returns a secret for a message.

func DecryptRatchetKey 

func DecryptRatchetKey(sendKey *[32]byte, nonce *[32]byte, ratchetPubKey *[32]byte, getSecret ratchet.SecretFunc) (secret *[32]byte, err error)

DecryptRatchetKey returns a secret from a ratchet message.

func DecryptRealSecret 

func DecryptRealSecret(secretKey *[32]byte, encrypted []byte) (realSecret []byte, err error)

DecryptRealSecret decrypts a real secret.

func EncryptRealSecret 

func EncryptRealSecret(realSecret []byte, rand io.Reader) (secretKey *[32]byte, encrypted []byte, err error)

EncryptRealSecret encrypts a real secret to a random secretKey.

func FromEphemeralKey 

func FromEphemeralKey(nonce *[32]byte, ephemeralKey *[32]byte, serverPublicKey *[32]byte, receiverPrivateKey *[32]byte) (secret *[32]byte)

FromEphemeralKey returns a secret from an ephemeral key.

func GenKeyPair 

func GenKeyPair(rand io.Reader) (pubkey, privkey *[32]byte, err error)

GenKeyPair generates a new key pair.

func PasswordDecrypt 

func PasswordDecrypt(password, message []byte) ([]byte, error)

PasswordDecrypt decrypts a message with a password.

func PasswordEncrypt 

func PasswordEncrypt(password, message []byte, rand io.Reader) ([]byte, error)

PasswordEncrypt encrypts a message with a password.

func SymDecrypt 

func SymDecrypt(key *[32]byte, message []byte) ([]byte, error)

SymDecrypt decrypts a message with a key.

func SymEncrypt 

func SymEncrypt(key *[32]byte, message []byte, rand io.Reader) ([]byte, error)

SymEncrypt encrypts message with a key.

func ToEphemeralKey 

func ToEphemeralKey(rand io.Reader, receiverPublicKey *[32]byte, serverPrivateKey *[32]byte) (secret *[32]byte, nonce *[32]byte, ephemeralKey *[32]byte, err error)

ToEphemeralKey creates a secret to encrypt to a key with an ephemeral key.

func ToPublicKey 

func ToPublicKey(rand io.Reader, serverPubKey *[32]byte) (secret *[32]byte, sendKey *[32]byte, nonce *[32]byte, err error)

ToPublicKey creates a secret to encrypt to a public key.

func ToRatchetKey 

func ToRatchetKey(rand io.Reader, ratchetPubKey *[32]byte) (secret *[32]byte, sendKey *[32]byte, nonce *[32]byte, err error)

ToRatchetKey creates a secrt to encrypt to a ratchet key.

Types

type Cypherlock 

type Cypherlock struct {
	SignatureKey *[ed25519.PublicKeySize]byte // SignatureKey for verification.
	ServerURL    string                       // Address of the server.
	Storage      clientinterface.Storage      // Storage interface
	ClientRPC    clientinterface.ClientRPC    // RPC interface.
	// contains filtered or unexported fields
}

Cypherlock implements the client's cypherlock functionality.

func (*Cypherlock) CreateLock 

func (cl *Cypherlock) CreateLock(passphrase []byte, secret []byte, validFrom, validTo uint64) (finalValidFrom, finalValidTo uint64, err error)

CreateLock creates a lock.

func (*Cypherlock) ExtendLock 

func (cl *Cypherlock) ExtendLock(passphrase []byte, now, validFrom, validTo uint64) (finalValidFrom, finalValidTo uint64, err error)

ExtendLock extends a lock towards the future.

func (*Cypherlock) LoadLock 

func (cl *Cypherlock) LoadLock(passphrase []byte, now uint64) (realSecret []byte, err error)

LoadLock returns the secret from a lock.

func (*Cypherlock) WriteLock 

func (cl *Cypherlock) WriteLock(passphrase []byte, secretKey *[32]byte, validFrom, validTo uint64) (finalValidFrom, finalValidTo uint64, err error)

WriteLock creates a set of oracle messages for the given parameters. It returns the _actual_ time range used.

type EnvelopeMessage 

type EnvelopeMessage struct {
	ReceiverPublicKey [32]byte // ServerKey
	SenderPublicKey   [32]byte // Ephemeral
	DHNonce           [32]byte
	SymNonce          [24]byte
	ValidFrom         uint64
	ValidTo           uint64
	RatchetMessage    []byte // Must be encrypted already.
	// contains filtered or unexported fields
}

EnvelopeMessage is the message to a server.

func NewEnvelopeMessage 

func NewEnvelopeMessage(receiverPublicKey *[32]byte, validFrom, validTo uint64, ratchetMessage []byte) *EnvelopeMessage

NewEnvelopeMessage cretes a new EnvelopeMessage.

func (*EnvelopeMessage) Decrypt 

func (em *EnvelopeMessage) Decrypt(receiverPrivateKey *[32]byte) error

Decrypt an EnvelopMessage.

func (*EnvelopeMessage) Encrypt 

func (em *EnvelopeMessage) Encrypt(rand io.Reader) ([]byte, error)

Encrypt an EnvelopeMessage.

func (*EnvelopeMessage) Parse 

func (em *EnvelopeMessage) Parse(d []byte) (*EnvelopeMessage, error)

Parse a binary EnvelopeMesssage.

type OracleMessage 

type OracleMessage struct {
	ValidFrom          uint64   // From when is the message valid.
	ValidTo            uint64   // Until when is the message valid.
	ResponsePrivateKey [32]byte // The private key to decrypt the server response.
	EncryptedSecretKey []byte   // The encrypted key to decrypt the secret.
	ServerURL          string   // The URL to send the message to.
	ServerMessage      []byte   // The message to send to the server. about 352 bytes.
}

OracleMessage contains an oracle message for the sender, and the secret access.

func (OracleMessage) Decrypt 

func (om OracleMessage) Decrypt(passphrase, message []byte) (*OracleMessage, error)

Decrypt the OracleMessage.

func (OracleMessage) Encrypt 

func (om OracleMessage) Encrypt(passphrase []byte, rand io.Reader) (encrypted []byte, filename string, err error)

Encrypt the OracleMessage

func (OracleMessage) Marshall 

func (om OracleMessage) Marshall() []byte

Marshall an OracleMessage.

func (*OracleMessage) ProcessResponseMessage 

func (om *OracleMessage) ProcessResponseMessage(d []byte) (secretKey *[32]byte, err error)

ProcessResponseMessage decrypts the responseMessage and secret.

func (*OracleMessage) Unmarshall 

func (om *OracleMessage) Unmarshall(d []byte) (*OracleMessage, error)

Unmarshall an OracleMessage.

func (*OracleMessage) Valid 

func (om *OracleMessage) Valid() bool

Valid returns true if the message is currently valid.

type OracleMessageTemplate 

type OracleMessageTemplate struct {
	ValidFrom        uint64   // From when is the message valid.
	ValidTo          uint64   // Until when is the message valid.
	ServerURL        string   // The URL to send the message to.
	ServerPublicKey  [32]byte // The server's public key.
	RatchetPublicKey [32]byte // The public key for the ratchet.
}

OracleMessageTemplate is the template from which to create an OracleMessage.

func (OracleMessageTemplate) Create 

func (omt OracleMessageTemplate) Create(secretKey *[32]byte, rand io.Reader) (*OracleMessage, error)

Create an OracleMessage from an OracleMessageTemplate

func (OracleMessageTemplate) CreateEncrypted 

func (omt OracleMessageTemplate) CreateEncrypted(passphrase []byte, secretKey *[32]byte, rand io.Reader) (enc []byte, filename string, err error)

CreateEncrypted creates an encrypted Oracle message from template.

type RatchetMessage 

type RatchetMessage struct {
	RatchetPublicKey  [32]byte // Ratchet pubkey
	SenderPublicKey   [32]byte // Ephemeral
	ReceiverPublicKey [32]byte // Encrypt response to this, with ServerKey
	DHNonce           [32]byte
	SymNonce          [24]byte
	Payload           []byte
	// contains filtered or unexported fields
}

RatchetMessage is a message for a ratchet.

func NewRatchetMessage 

func NewRatchetMessage(ratchetPubkey *[32]byte, payload []byte, rand io.Reader) (msg *RatchetMessage, receivePrivKey *[32]byte, err error)

NewRatchetMessage creates a new RatchetMessage with fields set.

func (*RatchetMessage) Decrypt 

func (rm *RatchetMessage) Decrypt(getSecret ratchet.SecretFunc) error

Decrypt ratchet message.

func (*RatchetMessage) Encrypt 

func (rm *RatchetMessage) Encrypt(rand io.Reader) ([]byte, error)

Encrypt the RatchetMessage.

func (*RatchetMessage) Parse 

func (rm *RatchetMessage) Parse(d []byte) (*RatchetMessage, error)

Parse a binary encrypted RatchetMessage into the struct.

type ResponseMessage 

type ResponseMessage struct {
	ReceiverPublicKey  [32]byte // RatchetMessage.ReceiverPublicKey
	EphemeralPublicKey [32]byte // Ephemeral
	SenderPublicKey    [32]byte // ServerKey
	DHNonce            [32]byte
	SymNonce           [24]byte
	Payload            []byte
	// contains filtered or unexported fields
}

ResponseMessage is a message containing a decrypted payload.

func NewResponseMessage 

func NewResponseMessage(senderPubKey, receiverPubKey *[32]byte, payload []byte) *ResponseMessage

NewResponseMessage creates a new NewResponseMessage.

func (*ResponseMessage) Decrypt 

func (rmsg *ResponseMessage) Decrypt(receiverPrivateKey *[32]byte) error

Decrypt a ReponseMessage.

func (*ResponseMessage) Encrypt 

func (rmsg *ResponseMessage) Encrypt(serverPrivateKey *[32]byte, rand io.Reader) ([]byte, error)

Encrypt a ResponseMessage.

func (*ResponseMessage) Parse 

func (rmsg *ResponseMessage) Parse(d []byte) (*ResponseMessage, error)

Parse a binary ResponseMessage.

type ServerConfig 

type ServerConfig struct {
	PublicKey, PrivateKey [32]byte           // Server's long term curve25519 keypari
	GetSecretFunc         ratchet.SecretFunc // Lookup function of fountain.
	RandomSource          io.Reader          // Random source for key generation.
}

ServerConfig contains the static configuration for OracleMessage processing.

func (ServerConfig) ProcessOracleMessage 

func (sc ServerConfig) ProcessOracleMessage(d []byte) ([]byte, error)

ProcessOracleMessage is the server-side processing of OracleMessages.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.