Documentation ¶
Overview ¶
Package crypto implements various cryptographic utilities used by libp2p. This includes a Public and Private key interface and key implementations for supported key algorithms.
Index ¶
- Constants
- Variables
- func ConfigDecodeKey(b string) ([]byte, error)
- func ConfigEncodeKey(b []byte) string
- func ECDSAKeyPairFromKey(priv *ecdsa.PrivateKey) (PrivKey, PubKey, error)
- func GenerateECDSAKeyPair(src io.Reader) (PrivKey, PubKey, error)
- func GenerateECDSAKeyPairWithCurve(curve elliptic.Curve, src io.Reader) (PrivKey, PubKey, error)
- func GenerateEd25519Key(src io.Reader) (PrivKey, PubKey, error)
- func GenerateKeyPair(typ, bits int) (PrivKey, PubKey, error)
- func GenerateKeyPairWithReader(typ, bits int, src io.Reader) (PrivKey, PubKey, error)
- func GenerateRSAKeyPair(bits int, src io.Reader) (PrivKey, PubKey, error)
- func GenerateSecp256k1Key(src io.Reader) (PrivKey, PubKey, error)
- func KeyEqual(k1, k2 Key) bool
- func KeyPairFromStdKey(priv crypto.PrivateKey) (PrivKey, PubKey, error)
- func KeyStretcher(cipherType string, hashType string, secret []byte) (StretchedKeys, StretchedKeys)
- func MarshalECDSAPrivateKey(ePriv ECDSAPrivateKey) ([]byte, error)
- func MarshalECDSAPublicKey(ePub ECDSAPublicKey) ([]byte, error)
- func MarshalPrivateKey(k PrivKey) ([]byte, error)
- func MarshalPublicKey(k PubKey) ([]byte, error)
- func PrivKeyToStdKey(priv PrivKey) (crypto.PrivateKey, error)
- func PubKeyToStdKey(pub PubKey) (crypto.PublicKey, error)
- func PublicKeyToProto(k PubKey) (*pb.PublicKey, error)
- type ECDSAPrivateKey
- func (ePriv *ECDSAPrivateKey) Bytes() ([]byte, error)
- func (ePriv *ECDSAPrivateKey) Equals(o Key) bool
- func (ePriv *ECDSAPrivateKey) GetPublic() PubKey
- func (ePriv *ECDSAPrivateKey) Raw() ([]byte, error)
- func (ePriv *ECDSAPrivateKey) Sign(data []byte) ([]byte, error)
- func (ePriv *ECDSAPrivateKey) Type() pb.KeyType
- type ECDSAPublicKey
- type ECDSASig
- type Ed25519PrivateKey
- func (k *Ed25519PrivateKey) Bytes() ([]byte, error)
- func (k *Ed25519PrivateKey) Equals(o Key) bool
- func (k *Ed25519PrivateKey) GetPublic() PubKey
- func (k *Ed25519PrivateKey) Raw() ([]byte, error)
- func (k *Ed25519PrivateKey) Sign(msg []byte) ([]byte, error)
- func (k *Ed25519PrivateKey) Type() pb.KeyType
- type Ed25519PublicKey
- type GenSharedKey
- type Key
- type PrivKey
- type PrivKeyUnmarshaller
- type PubKey
- func PublicKeyFromProto(pmes *pb.PublicKey) (PubKey, error)
- func UnmarshalECDSAPublicKey(data []byte) (PubKey, error)
- func UnmarshalEd25519PublicKey(data []byte) (PubKey, error)
- func UnmarshalPublicKey(data []byte) (PubKey, error)
- func UnmarshalRsaPublicKey(b []byte) (PubKey, error)
- func UnmarshalSecp256k1PublicKey(data []byte) (PubKey, error)
- type PubKeyUnmarshaller
- type RsaPrivateKey
- type RsaPublicKey
- type Secp256k1PrivateKey
- func (k *Secp256k1PrivateKey) Bytes() ([]byte, error)
- func (k *Secp256k1PrivateKey) Equals(o Key) bool
- func (k *Secp256k1PrivateKey) GetPublic() PubKey
- func (k *Secp256k1PrivateKey) Raw() ([]byte, error)
- func (k *Secp256k1PrivateKey) Sign(data []byte) ([]byte, error)
- func (k *Secp256k1PrivateKey) Type() pb.KeyType
- type Secp256k1PublicKey
- type StretchedKeys
Constants ¶
const ( // RSA is an enum for the supported RSA key type RSA = iota // Ed25519 is an enum for the supported Ed25519 key type Ed25519 // Secp256k1 is an enum for the supported Secp256k1 key type Secp256k1 // ECDSA is an enum for the supported ECDSA key type ECDSA )
const WeakRsaKeyEnv = "LIBP2P_ALLOW_WEAK_RSA_KEYS"
WeakRsaKeyEnv is an environment variable which, when set, lowers the minimum required bits of RSA keys to 512. This should be used exclusively in test situations.
Variables ¶
var ( // ErrNotECDSAPubKey is returned when the public key passed is not an ecdsa public key ErrNotECDSAPubKey = errors.New("not an ecdsa public key") // ErrNilSig is returned when the signature is nil ErrNilSig = errors.New("sig is nil") // ErrNilPrivateKey is returned when a nil private key is provided ErrNilPrivateKey = errors.New("private key is nil") // ErrNilPublicKey is returned when a nil public key is provided ErrNilPublicKey = errors.New("public key is nil") // ECDSACurve is the default ecdsa curve used ECDSACurve = elliptic.P256() )
var ( // ErrBadKeyType is returned when a key is not supported ErrBadKeyType = errors.New("invalid or unsupported key type") // KeyTypes is a list of supported keys KeyTypes = []int{ RSA, Ed25519, Secp256k1, ECDSA, } )
var ErrRsaKeyTooSmall error
ErrRsaKeyTooSmall is returned when trying to generate or parse an RSA key that's smaller than MinRsaKeyBits bits. In test
var MinRsaKeyBits = 2048
var PrivKeyUnmarshallers = map[pb.KeyType]PrivKeyUnmarshaller{ pb.KeyType_RSA: UnmarshalRsaPrivateKey, pb.KeyType_Ed25519: UnmarshalEd25519PrivateKey, pb.KeyType_Secp256k1: UnmarshalSecp256k1PrivateKey, pb.KeyType_ECDSA: UnmarshalECDSAPrivateKey, }
PrivKeyUnmarshallers is a map of unmarshallers by key type
var PubKeyUnmarshallers = map[pb.KeyType]PubKeyUnmarshaller{ pb.KeyType_RSA: UnmarshalRsaPublicKey, pb.KeyType_Ed25519: UnmarshalEd25519PublicKey, pb.KeyType_Secp256k1: UnmarshalSecp256k1PublicKey, pb.KeyType_ECDSA: UnmarshalECDSAPublicKey, }
PubKeyUnmarshallers is a map of unmarshallers by key type
Functions ¶
func ConfigDecodeKey ¶
ConfigDecodeKey decodes from b64 (for config file) to a byte array that can be unmarshalled.
func ConfigEncodeKey ¶
ConfigEncodeKey encodes a marshalled key to b64 (for config file).
func ECDSAKeyPairFromKey ¶
func ECDSAKeyPairFromKey(priv *ecdsa.PrivateKey) (PrivKey, PubKey, error)
ECDSAKeyPairFromKey generates a new ecdsa private and public key from an input private key
func GenerateECDSAKeyPair ¶
GenerateECDSAKeyPair generates a new ecdsa private and public key
func GenerateECDSAKeyPairWithCurve ¶
GenerateECDSAKeyPairWithCurve generates a new ecdsa private and public key with a speicified curve
func GenerateEd25519Key ¶
GenerateEd25519Key generates a new ed25519 private and public key pair.
func GenerateKeyPair ¶
GenerateKeyPair generates a private and public key
func GenerateKeyPairWithReader ¶
GenerateKeyPairWithReader returns a keypair of the given type and bitsize
func GenerateRSAKeyPair ¶
GenerateRSAKeyPair generates a new rsa private and public key
func GenerateSecp256k1Key ¶
GenerateSecp256k1Key generates a new Secp256k1 private and public key pair
func KeyEqual ¶
KeyEqual checks whether two Keys are equivalent (have identical byte representations).
func KeyPairFromStdKey ¶
func KeyPairFromStdKey(priv crypto.PrivateKey) (PrivKey, PubKey, error)
KeyPairFromStdKey wraps standard library (and secp256k1) private keys in libp2p/go-libp2p-core/crypto keys
func KeyStretcher ¶
func KeyStretcher(cipherType string, hashType string, secret []byte) (StretchedKeys, StretchedKeys)
PENDING DEPRECATION: KeyStretcher() will be deprecated with secio; for new code, please use PBKDF2 (golang.org/x/crypto/pbkdf2) instead. KeyStretcher returns a set of keys for each party by stretching the shared key. (myIV, theirIV, myCipherKey, theirCipherKey, myMACKey, theirMACKey). This function accepts the following cipher types: - AES-128 - AES-256 The function will panic upon receiving an unknown cipherType
func MarshalECDSAPrivateKey ¶
func MarshalECDSAPrivateKey(ePriv ECDSAPrivateKey) ([]byte, error)
MarshalECDSAPrivateKey returns x509 bytes from a private key
func MarshalECDSAPublicKey ¶
func MarshalECDSAPublicKey(ePub ECDSAPublicKey) ([]byte, error)
MarshalECDSAPublicKey returns x509 bytes from a public key
func MarshalPrivateKey ¶
MarshalPrivateKey converts a key object into its protobuf serialized form.
func MarshalPublicKey ¶
MarshalPublicKey converts a public key object into a protobuf serialized public key
func PrivKeyToStdKey ¶
func PrivKeyToStdKey(priv PrivKey) (crypto.PrivateKey, error)
PrivKeyToStdKey converts libp2p/go-libp2p-core/crypto private keys to standard library (and secp256k1) private keys
func PubKeyToStdKey ¶
PubKeyToStdKey converts libp2p/go-libp2p-core/crypto private keys to standard library (and secp256k1) public keys
Types ¶
type ECDSAPrivateKey ¶
type ECDSAPrivateKey struct {
// contains filtered or unexported fields
}
ECDSAPrivateKey is an implementation of an ECDSA private key
func (*ECDSAPrivateKey) Bytes ¶
func (ePriv *ECDSAPrivateKey) Bytes() ([]byte, error)
Bytes returns the private key as protobuf bytes
func (*ECDSAPrivateKey) Equals ¶
func (ePriv *ECDSAPrivateKey) Equals(o Key) bool
Equals compares two private keys
func (*ECDSAPrivateKey) GetPublic ¶
func (ePriv *ECDSAPrivateKey) GetPublic() PubKey
GetPublic returns a public key
func (*ECDSAPrivateKey) Raw ¶
func (ePriv *ECDSAPrivateKey) Raw() ([]byte, error)
Raw returns x509 bytes from a private key
func (*ECDSAPrivateKey) Sign ¶
func (ePriv *ECDSAPrivateKey) Sign(data []byte) ([]byte, error)
Sign returns the signature of the input data
func (*ECDSAPrivateKey) Type ¶
func (ePriv *ECDSAPrivateKey) Type() pb.KeyType
Type returns the key type
type ECDSAPublicKey ¶
type ECDSAPublicKey struct {
// contains filtered or unexported fields
}
ECDSAPublicKey is an implementation of an ECDSA public key
func (*ECDSAPublicKey) Bytes ¶
func (ePub *ECDSAPublicKey) Bytes() ([]byte, error)
Bytes returns the public key as protobuf bytes
func (*ECDSAPublicKey) Equals ¶
func (ePub *ECDSAPublicKey) Equals(o Key) bool
Equals compares to public keys
func (*ECDSAPublicKey) Raw ¶
func (ePub *ECDSAPublicKey) Raw() ([]byte, error)
Raw returns x509 bytes from a public key
func (*ECDSAPublicKey) Type ¶
func (ePub *ECDSAPublicKey) Type() pb.KeyType
Type returns the key type
type Ed25519PrivateKey ¶
type Ed25519PrivateKey struct {
// contains filtered or unexported fields
}
Ed25519PrivateKey is an ed25519 private key.
func (*Ed25519PrivateKey) Bytes ¶
func (k *Ed25519PrivateKey) Bytes() ([]byte, error)
Bytes marshals an ed25519 private key to protobuf bytes.
func (*Ed25519PrivateKey) Equals ¶
func (k *Ed25519PrivateKey) Equals(o Key) bool
Equals compares two ed25519 private keys.
func (*Ed25519PrivateKey) GetPublic ¶
func (k *Ed25519PrivateKey) GetPublic() PubKey
GetPublic returns an ed25519 public key from a private key.
func (*Ed25519PrivateKey) Raw ¶
func (k *Ed25519PrivateKey) Raw() ([]byte, error)
Raw private key bytes.
func (*Ed25519PrivateKey) Sign ¶
func (k *Ed25519PrivateKey) Sign(msg []byte) ([]byte, error)
Sign returns a signature from an input message.
func (*Ed25519PrivateKey) Type ¶
func (k *Ed25519PrivateKey) Type() pb.KeyType
Type of the private key (Ed25519).
type Ed25519PublicKey ¶
type Ed25519PublicKey struct {
// contains filtered or unexported fields
}
Ed25519PublicKey is an ed25519 public key.
func (*Ed25519PublicKey) Bytes ¶
func (k *Ed25519PublicKey) Bytes() ([]byte, error)
Bytes returns a ed25519 public key as protobuf bytes.
func (*Ed25519PublicKey) Equals ¶
func (k *Ed25519PublicKey) Equals(o Key) bool
Equals compares two ed25519 public keys.
func (*Ed25519PublicKey) Raw ¶
func (k *Ed25519PublicKey) Raw() ([]byte, error)
Raw public key bytes.
func (*Ed25519PublicKey) Type ¶
func (k *Ed25519PublicKey) Type() pb.KeyType
Type of the public key (Ed25519).
type GenSharedKey ¶
GenSharedKey generates the shared key from a given private key
func GenerateEKeyPair ¶
func GenerateEKeyPair(curveName string) ([]byte, GenSharedKey, error)
GenerateEKeyPair returns an ephemeral public key and returns a function that will compute the shared secret key. Used in the identify module.
Focuses only on ECDH now, but can be made more general in the future.
type Key ¶
type Key interface { // Bytes returns a serialized, storeable representation of this key // DEPRECATED in favor of Marshal / Unmarshal Bytes() ([]byte, error) // Equals checks whether two PubKeys are the same Equals(Key) bool // Raw returns the raw bytes of the key (not wrapped in the // libp2p-crypto protobuf). // // This function is the inverse of {Priv,Pub}KeyUnmarshaler. Raw() ([]byte, error) // Type returns the protobof key type. Type() pb.KeyType }
Key represents a crypto key that can be compared to another key
type PrivKey ¶
type PrivKey interface { Key // Cryptographically sign the given bytes Sign([]byte) ([]byte, error) // Return a public key paired with this private key GetPublic() PubKey }
PrivKey represents a private key that can be used to generate a public key and sign data
func UnmarshalECDSAPrivateKey ¶
UnmarshalECDSAPrivateKey returns a private key from x509 bytes
func UnmarshalEd25519PrivateKey ¶
UnmarshalEd25519PrivateKey returns a private key from input bytes.
func UnmarshalPrivateKey ¶
UnmarshalPrivateKey converts a protobuf serialized private key into its representative object
func UnmarshalRsaPrivateKey ¶
UnmarshalRsaPrivateKey returns a private key from the input x509 bytes
func UnmarshalSecp256k1PrivateKey ¶
UnmarshalSecp256k1PrivateKey returns a private key from bytes
type PrivKeyUnmarshaller ¶
PrivKeyUnmarshaller is a func that creates a PrivKey from a given slice of bytes
type PubKey ¶
type PubKey interface { Key // Verify that 'sig' is the signed hash of 'data' Verify(data []byte, sig []byte) (bool, error) }
PubKey is a public key that can be used to verifiy data signed with the corresponding private key
func PublicKeyFromProto ¶
PublicKeyFromProto converts an unserialized protobuf PublicKey message into its representative object.
func UnmarshalECDSAPublicKey ¶
UnmarshalECDSAPublicKey returns the public key from x509 bytes
func UnmarshalEd25519PublicKey ¶
UnmarshalEd25519PublicKey returns a public key from input bytes.
func UnmarshalPublicKey ¶
UnmarshalPublicKey converts a protobuf serialized public key into its representative object
func UnmarshalRsaPublicKey ¶
UnmarshalRsaPublicKey returns a public key from the input x509 bytes
func UnmarshalSecp256k1PublicKey ¶
UnmarshalSecp256k1PublicKey returns a public key from bytes
type PubKeyUnmarshaller ¶
PubKeyUnmarshaller is a func that creates a PubKey from a given slice of bytes
type RsaPrivateKey ¶
type RsaPrivateKey struct {
// contains filtered or unexported fields
}
RsaPrivateKey is an rsa private key
func (*RsaPrivateKey) Bytes ¶
func (sk *RsaPrivateKey) Bytes() ([]byte, error)
Bytes returns protobuf bytes from a private key
func (*RsaPrivateKey) Equals ¶
func (sk *RsaPrivateKey) Equals(k Key) bool
Equals checks whether this key is equal to another
func (*RsaPrivateKey) GetPublic ¶
func (sk *RsaPrivateKey) GetPublic() PubKey
GetPublic returns a public key
func (*RsaPrivateKey) Raw ¶
func (sk *RsaPrivateKey) Raw() ([]byte, error)
func (*RsaPrivateKey) Sign ¶
func (sk *RsaPrivateKey) Sign(message []byte) ([]byte, error)
Sign returns a signature of the input data
func (*RsaPrivateKey) Type ¶
func (sk *RsaPrivateKey) Type() pb.KeyType
type RsaPublicKey ¶
type RsaPublicKey struct {
// contains filtered or unexported fields
}
RsaPublicKey is an rsa public key
func (*RsaPublicKey) Bytes ¶
func (pk *RsaPublicKey) Bytes() ([]byte, error)
Bytes returns protobuf bytes of a public key
func (*RsaPublicKey) Equals ¶
func (pk *RsaPublicKey) Equals(k Key) bool
Equals checks whether this key is equal to another
func (*RsaPublicKey) Raw ¶
func (pk *RsaPublicKey) Raw() ([]byte, error)
func (*RsaPublicKey) Type ¶
func (pk *RsaPublicKey) Type() pb.KeyType
type Secp256k1PrivateKey ¶
type Secp256k1PrivateKey btcec.PrivateKey
Secp256k1PrivateKey is an Secp256k1 private key
func (*Secp256k1PrivateKey) Bytes ¶
func (k *Secp256k1PrivateKey) Bytes() ([]byte, error)
Bytes returns protobuf bytes from a private key
func (*Secp256k1PrivateKey) Equals ¶
func (k *Secp256k1PrivateKey) Equals(o Key) bool
Equals compares two private keys
func (*Secp256k1PrivateKey) GetPublic ¶
func (k *Secp256k1PrivateKey) GetPublic() PubKey
GetPublic returns a public key
func (*Secp256k1PrivateKey) Raw ¶
func (k *Secp256k1PrivateKey) Raw() ([]byte, error)
Raw returns the bytes of the key
func (*Secp256k1PrivateKey) Sign ¶
func (k *Secp256k1PrivateKey) Sign(data []byte) ([]byte, error)
Sign returns a signature from input data
func (*Secp256k1PrivateKey) Type ¶
func (k *Secp256k1PrivateKey) Type() pb.KeyType
Type returns the private key type
type Secp256k1PublicKey ¶
Secp256k1PublicKey is an Secp256k1 public key
func (*Secp256k1PublicKey) Bytes ¶
func (k *Secp256k1PublicKey) Bytes() ([]byte, error)
Bytes returns protobuf bytes from a public key
func (*Secp256k1PublicKey) Equals ¶
func (k *Secp256k1PublicKey) Equals(o Key) bool
Equals compares two public keys
func (*Secp256k1PublicKey) Raw ¶
func (k *Secp256k1PublicKey) Raw() ([]byte, error)
Raw returns the bytes of the key
func (*Secp256k1PublicKey) Type ¶
func (k *Secp256k1PublicKey) Type() pb.KeyType
Type returns the public key type
type StretchedKeys ¶
StretchedKeys ...