Documentation
¶
Overview ¶
Package shares implements signed&encrypted share groups
Index ¶
- Constants
- Variables
- func GenShareRequestMessage(content, sigkeybytes, receivePub, sendPub, sendPriv []byte) ([]byte, error)
- func GenShareRequestMessages(msgList, pubkey, privkey []byte) (messages []byte, err error)
- type CommonMessageHeader
- type EncryptedCommonHeader
- type MessageBlock
- func DecodeShareMessage(pubkey, privkey, msg []byte) (*MessageBlock, error)
- func DecodeShareMessageFromList(pubkey, privkey, messageList []byte) (*MessageBlock, error)
- func NewMessageBlock(Threshhold byte, SecretHash, SigPubKey []byte) (*MessageBlock, error)
- func VerifyShareRequest(pubkey, privkey, message, myshares []byte) (*MessageBlock, []byte, error)
- func VerifyShareRequestFromList(pubkey, privkey, messageList, myshares []byte) (*MessageBlock, []byte, error)
- func (messages *MessageBlock) Combine() ([]byte, error)
- func (messages *MessageBlock) GenShareReply(recipientPubKey []byte, numShares int, fake bool) ([]byte, error)
- func (messages *MessageBlock) GenShareRequestTemplate(pubkey, privkey []byte) []byte
- func (messages *MessageBlock) GenerateShareMessageList() ([]byte, error)
- func (messages *MessageBlock) InsertShareReplies(shareReplies, pub, priv []byte) ([]byte, error)
- func (messages *MessageBlock) LoadShare(share []byte, duplicateCheck bool) error
- func (messages *MessageBlock) LoadShares(shares [][]byte, duplicateCheck bool) ([]byte, error)
- type ShareConfig
- type ShareMember
- type ShareMemberMessage
- type ShareRequest
- type SignedShare
Constants ¶
View Source
const ( ShareMessageType = iota + 1 ShareRequestType ShareResponseType )
View Source
const ( // PublicKeyXField field marker for public key X part PublicKeyXField = iota + 1 // PublicKeyYField field marker for public key Y part PublicKeyYField // SecretField is the secret when padded SecretField ShareField // RField is the R of a signature RField // SField is the S of a signature SField // NonceField is the Nonce for the signature NonceField ShareRawField // PublicKeyField is the public key in a signature PublicKeyField // CommentField contains the comment CommentField // SigKeyPublicHashField contains the hash of the ecdsa pubkey SigKeyPublicHashField // CommentHashField contains the hash of the comment CommentHashField // SigkeyPublicByteField contains the ecdsa pubkey SigkeyPublicByteField // SecretHashField contains the hash of the secret SecretHashField // ThreshholdField contains the threshold ThreshholdField // MemberSecretField contains the secret that identifies share group members MemberSecretField // MessageHeaderField contains either the encrypted or public header MessageHeaderField // NaclMessageField contains a NaCL encrypted message NaclMessageField NumSharesField ShareMessageField EncodedShare // FakeMessageField contains a fake share, if any FakeMessageField // PaddingField is the padding PaddingField // SpecificContentField contains per-recipient data SpecificContentField // CommonContentField contains global data CommonContentField // HMACField contains an HMAC HMACField // MessageTypeField contains the message type of the message MessageTypeField )
Variables ¶
View Source
var ( // ErrConfig is returned when the configuration is wrong ErrConfig = errors.New("Shares: Bad config") // ErrSecretShort is returned when the secret is too short (<10 bytes) ErrSecretShort = errors.New("Shares: Secret is smaller than 10 bytes") // ErrSecretLong is returned when the secret is too long (>255-3-3 == 249 bytes) ErrSecretLong = errors.New("Shares: Secret is bigger than 248 bytes") // ErrCommentShort is returned when the comment is too short (<4 bytes) ErrCommentShort = errors.New("Shares: Comment is smaller than 4 bytes") // ErrCommentLong is returned when the comment is too long (max 1024 byte) ErrCommentLong = errors.New("Shares: Comment is longer than 1024 bytes") // ErrThresholdSmall is returned when the threshold is too small (<3) ErrThresholdSmall = errors.New("Shares: Threshold is smaller than 3") // ErrThresholdBig is returned when the threshold is too big >253 ErrThresholdBig = errors.New("Shares: Threshold is bigger than 253") // ErrThresholdExceed is returned when the Threshold cannot be fullfilled by the shares ErrThresholdExceed = errors.New("Shares: Threshold bigger than number of shares") ErrSharesOverThreshold = errors.New("Shares: Member can reveal secret alone, increase Threshold or assign less Shares") ErrTooManyShares = errors.New("Shares: Cannot produce more than 254 shares") ErrTooFewShares = errors.New("Shares: Need to generate at least 4 shares") // ErrDuplicateMember is returned if trying to add the same member twice to the share group ErrDuplicateMember = errors.New("Shares: Duplicate member") ErrNegativeShares = errors.New("Shares: Negative shares") // ErrTooFewMembers is returned if <2 members are in the group ErrTooFewMembers = errors.New("Shares: Need at least two members") // ErrSignatureDecode is returned if an encoded signature cannot be decoded ErrSignatureDecode = errors.New("Shares: Cannot decode signed share") ErrTooFewSharesToRecover = errors.New("Shares: Cannot recover secret, too few shares known") // ErrSecretNotRecovered is returned when the secret could not been recovered ErrSecretNotRecovered = errors.New("Shares: Secret not recovered") // ErrCannotConvert is returned if type conversion fails ErrCannotConvert = errors.New("Shares: Cannot convert type") // ErrCannotDecode is returned if type decoding fails ErrCannotDecode = errors.New("Shares: Cannot decode type") // ErrSignatureVerify is returned if signature verification failed ErrSignatureVerify = errors.New("Shares: Signature could not be verified") // ErrPubkeyNotMatching is returned when a wrong public key is present ErrPubkeyNotMatching = errors.New("Shares: Public Key mismatch") // ErrNotFound is returned if no matching entry in the list could be found ErrNotFound = errors.New("Shares: No entry found") // ErrHMAC is returned if the hmac does not verify ErrHMAC = errors.New("Shares: HMAC failure") // ErrNoFakes is returned if a fake was requested but not available ErrNoFakes = errors.New("Shares: No fake available") // ErrBadMessageType is returned if trying to parse a message of a different type ErrBadMessageType = errors.New("Shares: Unexpected message type") // ErrMixedPubKeys is returned if a single share response contains mixed senders ErrMixedPubKeys = errors.New("Shares: Mixed public keys") )
Functions ¶
func GenShareRequestMessage ¶
func GenShareRequestMessage(content, sigkeybytes, receivePub, sendPub, sendPriv []byte) ([]byte, error)
GenShareRequestMessage encodes and encrypts a ShareRequestTemplate for a single public key
func GenShareRequestMessages ¶
GenShareRequestMessages encodes and encrypts all ShareRequestTemplates
Types ¶
type CommonMessageHeader ¶
type CommonMessageHeader struct {
Comment []byte // The comment
SigPubKeyHash []byte // The hash of the signature public key
Encoded []byte // Header encoded
}
CommonMessageHeader is the public header of a message
type EncryptedCommonHeader ¶
type EncryptedCommonHeader struct {
MemberSecret []byte // secret to verify membership in sharing group
CommentHash []byte // hash of comment
SigkeyPublicByte []byte // encoded public key
SecretHash []byte // Hash of the secret
Threshhold byte // Minimum number of shares required to reconstruct secret
Encoded []byte // The EncryptedCommonHeader bytepack encoded
}
EncryptedCommonHeader is the encrypted header that is common to all messages
type MessageBlock ¶
type MessageBlock struct {
// Message generation
SigPublicKey *ecdsa.PublicKey // Public key for signature verification
EncryptKey *naclwrapper.NaCLKeyPair // Keypair for NaCL-Encryption
MemberMessages []ShareMemberMessage // The generated member messages
KnownMembers map[[32]byte]bool // known members
CommonMessageHeader *CommonMessageHeader
EncryptedCommonHeader *EncryptedCommonHeader
}
MessageBlock defines all fields needed in message generation
func DecodeShareMessage ¶
func DecodeShareMessage(pubkey, privkey, msg []byte) (*MessageBlock, error)
DecodeShareMessage decode a share message, taking into account that some fields might be missing
func DecodeShareMessageFromList ¶
func DecodeShareMessageFromList(pubkey, privkey, messageList []byte) (*MessageBlock, error)
DecodeShareMessageFromList decode a share message from a list, taking into account that some fields might be missing
func NewMessageBlock ¶
func NewMessageBlock(Threshhold byte, SecretHash, SigPubKey []byte) (*MessageBlock, error)
NewMessageBlock initializes the data for a new combine run
func VerifyShareRequest ¶
func VerifyShareRequest(pubkey, privkey, message, myshares []byte) (*MessageBlock, []byte, error)
VerifyShareRequest decrypts, decodes and validates a ShareRequestMessage. Returns the corresponding messageblock (includes shares), public key of sender
func VerifyShareRequestFromList ¶
func VerifyShareRequestFromList(pubkey, privkey, messageList, myshares []byte) (*MessageBlock, []byte, error)
VerifyShareRequestFromList decrypts, decodes and validates a ShareRequestMessage from a List. Returns the corresponding messageblock (includes shares), public key of sender
func (*MessageBlock) Combine ¶
func (messages *MessageBlock) Combine() ([]byte, error)
Combine combines the shares and returns the secret
func (*MessageBlock) GenShareReply ¶
func (messages *MessageBlock) GenShareReply(recipientPubKey []byte, numShares int, fake bool) ([]byte, error)
GenShareReply constructs,encodes and encrypts a share reply based on public key,
func (*MessageBlock) GenShareRequestTemplate ¶
func (messages *MessageBlock) GenShareRequestTemplate(pubkey, privkey []byte) []byte
GenShareRequestTemplate constructs a share request out of a single share message and the corresponding private key
func (*MessageBlock) GenerateShareMessageList ¶
func (messages *MessageBlock) GenerateShareMessageList() ([]byte, error)
GenerateShareMessageList generates all share messages for the group
func (*MessageBlock) InsertShareReplies ¶
func (messages *MessageBlock) InsertShareReplies(shareReplies, pub, priv []byte) ([]byte, error)
InsertShareReplies loads ShareReply messages, decrypts them, and adds the shares to the message block
func (*MessageBlock) LoadShare ¶
func (messages *MessageBlock) LoadShare(share []byte, duplicateCheck bool) error
LoadShare loads a share into the MessageBlock, verifying the signature
func (*MessageBlock) LoadShares ¶
func (messages *MessageBlock) LoadShares(shares [][]byte, duplicateCheck bool) ([]byte, error)
LoadShares loads a share into the MessageBlock, verifying the signature
type ShareConfig ¶
type ShareConfig struct {
// Defined during New:
// Defined by added members:
// Message generation
}
ShareConfig is the configuration for a single sharing operations
func New ¶
func New(Secret, Comment []byte, Threshhold int) (*ShareConfig, error)
New returns a new ShareConfig
func (*ShareConfig) AddMember ¶
func (sc *ShareConfig) AddMember(PublicKey []byte, NumShares int, HasFake bool) error
AddMember adds a new member to the group. Updates ShareConfig
func (*ShareConfig) GenerateMessages ¶
func (sc *ShareConfig) GenerateMessages() (*MessageBlock, error)
GenerateMessages generates the messages to the members
func (*ShareConfig) Verify ¶
func (sc *ShareConfig) Verify() error
Verify verifies the ShareConfig struct and members for validity
func (*ShareConfig) VerifyInit ¶
func (sc *ShareConfig) VerifyInit() error
VerifyInit verifies the ShareConfig struct for validity
type ShareMemberMessage ¶
type ShareMemberMessage struct {
}
ShareMemberMessage is a single message to be sent (specific parts only)
type ShareRequest ¶
type ShareRequest struct {
// contains filtered or unexported fields
}
ShareRequest is a received share request message
Source Files
Click to show internal directories.
Click to hide internal directories.