Documentation ¶
Overview ¶
Package crypto implements cryptographical primitives for MTproto.
Reference:
Index ¶
- Constants
- func CheckDHParams(dhPrime, g, gA, gB *big.Int) error
- func CheckGP(g int, p *big.Int) error
- func DataWithHash(data []byte, randomSource io.Reader) ([]byte, error)
- func DecomposePQ(pq *big.Int, randSource io.Reader) (p, q *big.Int, err error)
- func DecryptExchangeAnswer(data, key, iv []byte) (dst []byte, err error)
- func EncryptExchangeAnswer(rand io.Reader, answer, key, iv []byte) (dst []byte, err error)
- func GuessDataWithHash(dataWithHash []byte) []byte
- func InRange(x, min, max *big.Int) bool
- func Keys(authKey Key, msgKey bin.Int128, mode Side) (key, iv bin.Int256)
- func MessageKey(authKey Key, plaintextPadded []byte, mode Side) bin.Int128
- func NewSessionID(reader io.Reader) (int64, error)
- func NonceHash1(newNonce bin.Int256, key Key) (r bin.Int128)
- func ParseRSA(data []byte) (*rsa.PublicKey, error)
- func ParseRSAPublicKeys(data []byte) ([]*rsa.PublicKey, error)
- func Prime(p *big.Int) bool
- func RSADecryptHashed(data []byte, key *rsa.PrivateKey) (r []byte, err error)
- func RSAEncryptHashed(data []byte, key *rsa.PublicKey, randomSource io.Reader) ([]byte, error)
- func RSAFingerprint(key *rsa.PublicKey) int64
- func RSAPublicDecrypt(pub *rsa.PublicKey, sig []byte) ([]byte, error)
- func RandInt128(randSource io.Reader) (bin.Int128, error)
- func RandInt256(randSource io.Reader) (bin.Int256, error)
- func RandInt64(randSource io.Reader) (int64, error)
- func RandInt64n(randSource io.Reader, n int64) (int64, error)
- func SHA256(from ...[]byte) []byte
- func ServerSalt(newNonce bin.Int256, serverNonce bin.Int128) (salt int64)
- func TempAESKeys(newNonce, serverNonce *big.Int) (key, iv []byte)
- type AuthKey
- type Cipher
- func (c Cipher) Decrypt(k AuthKey, encrypted *EncryptedMessage) (*EncryptedMessageData, error)
- func (c Cipher) DecryptFromBuffer(k AuthKey, buf *bin.Buffer) (*EncryptedMessageData, error)
- func (c Cipher) Encrypt(key AuthKey, data EncryptedMessageData, b *bin.Buffer) error
- func (c Cipher) Rand() io.Reader
- type EncryptedMessage
- type EncryptedMessageData
- func (e *EncryptedMessageData) Data() []byte
- func (e *EncryptedMessageData) Decode(b *bin.Buffer) error
- func (e *EncryptedMessageData) DecodeWithoutCopy(b *bin.Buffer) error
- func (e EncryptedMessageData) Encode(b *bin.Buffer) error
- func (e EncryptedMessageData) EncodeWithoutCopy(b *bin.Buffer) error
- type Key
- type Side
Constants ¶
const RSAKeyBits = 2048
RSAKeyBits is RSA key size.
Can be used as rsa.GenerateKey(src, RSAKeyBits).
Variables ¶
This section is empty.
Functions ¶
func CheckDHParams ¶
CheckDHParams checks that g_a, g_b and g params meet key exchange conditions.
https://core.telegram.org/mtproto/auth_key#dh-key-exchange-complete
func CheckGP ¶ added in v0.15.1
CheckGP checks whether p = dh_prime is a safe 2048-bit prime (meaning that both p and (p-1)/2 are prime, and that 2^2047 < p < 2^2048), and that g generates a cyclic subgroup of prime order (p-1)/2, i.e. is a quadratic residue mod p. Also check that g is 2, 3, 4, 5, 6 or 7.
This function is needed by some Telegram algorithms(Key generation, SRP 2FA). See https://core.telegram.org/mtproto/auth_key. See https://core.telegram.org/api/srp.
func DataWithHash ¶
DataWithHash prepends data with SHA1(data) and 0..15 random bytes so result length is divisible by 16.
Use GuessDataWithHash(result) to obtain data.
func DecomposePQ ¶
DecomposePQ decomposes pq into prime factors such that p < q.
func DecryptExchangeAnswer ¶ added in v0.12.0
DecryptExchangeAnswer decrypts messages created during key exchange.
func EncryptExchangeAnswer ¶ added in v0.12.0
EncryptExchangeAnswer encrypts messages created during key exchange.
func GuessDataWithHash ¶
GuessDataWithHash guesses data from data_with_hash.
func InRange ¶ added in v0.11.0
InRange checks whether x is in (min, max) range, i.e. min < x < max.
func Keys ¶
Keys returns (aes_key, aes_iv) pair for AES-IGE.
Reference: * https://core.telegram.org/mtproto/description#defining-aes-key-and-initialization-vector
Example:
key, iv := crypto.Keys(authKey, messageKey, crypto.Client) cipher, err := aes.NewCipher(key[:]) if err != nil { return nil, err } encryptor := ige.NewIGEEncrypter(cipher, iv[:])
func MessageKey ¶
MessageKey computes message key for provided auth_key and padded payload.
func NewSessionID ¶
NewSessionID generates new random int64 from reader.
Use crypto/rand.Reader if session id should be cryptographically safe.
func NonceHash1 ¶ added in v0.15.1
NonceHash1 computes nonce_hash_1. See https://core.telegram.org/mtproto/auth_key#dh-key-exchange-complete.
func ParseRSAPublicKeys ¶
ParseRSAPublicKeys parses data as list of PEM-encdoed public keys.
func RSADecryptHashed ¶ added in v0.11.0
func RSADecryptHashed(data []byte, key *rsa.PrivateKey) (r []byte, err error)
RSADecryptHashed decrypts given data with RSA.
func RSAEncryptHashed ¶ added in v0.11.0
RSAEncryptHashed encrypts given data with RSA, prefixing with a hash.
func RSAFingerprint ¶
RSAFingerprint returns fingerprint of RSA public key as defined in MTProto.
func RSAPublicDecrypt ¶ added in v0.31.0
RSAPublicDecrypt recovers the message digest from the raw signature using the signer’s RSA public key.
See also OpenSSL’s RSA_public_decrypt with RSA_NO_PADDING.
func RandInt128 ¶
RandInt128 generates and returns new random 128-bit integer.
Use crypto/rand.Reader as randSource in production.
func RandInt256 ¶
RandInt256 generates and returns new random 256-bit integer.
Use crypto/rand.Reader as randSource in production.
func RandInt64n ¶ added in v0.15.0
RandInt64n returns random int64 from randSource in [0; n).
func ServerSalt ¶ added in v0.12.0
ServerSalt computes server salt.
func TempAESKeys ¶
TempAESKeys returns tmp_aes_key and tmp_aes_iv based on new_nonce and server_nonce as defined in "Creating an Authorization Key".
Types ¶
type Cipher ¶ added in v0.11.0
type Cipher struct {
// contains filtered or unexported fields
}
Cipher is message encryption utility struct.
func NewClientCipher ¶ added in v0.11.0
NewClientCipher creates new client-side Cipher.
func NewServerCipher ¶ added in v0.11.0
NewServerCipher creates new server-side Cipher.
func (Cipher) Decrypt ¶ added in v0.12.0
func (c Cipher) Decrypt(k AuthKey, encrypted *EncryptedMessage) (*EncryptedMessageData, error)
Decrypt decrypts data from encrypted message using AES-IGE.
func (Cipher) DecryptFromBuffer ¶ added in v0.12.0
DecryptFromBuffer decodes EncryptedMessage and decrypts it.
type EncryptedMessage ¶
EncryptedMessage of protocol.
func (*EncryptedMessage) Decode ¶
func (e *EncryptedMessage) Decode(b *bin.Buffer) error
Decode implements bin.Decoder.
func (*EncryptedMessage) DecodeWithoutCopy ¶ added in v0.43.0
func (e *EncryptedMessage) DecodeWithoutCopy(b *bin.Buffer) error
DecodeWithoutCopy is like Decode, but EncryptedData references to given buffer instead of copying.
type EncryptedMessageData ¶
type EncryptedMessageData struct { Salt int64 SessionID int64 MessageID int64 SeqNo int32 MessageDataLen int32 MessageDataWithPadding []byte // Message to encode to MessageDataWithPadding. // Needed to prevent unnecessary allocations in EncodeWithoutCopy. Message bin.Encoder }
EncryptedMessageData is stored in EncryptedMessage.EncryptedData.
func (*EncryptedMessageData) Data ¶ added in v0.11.0
func (e *EncryptedMessageData) Data() []byte
Data returns message data without hash.
func (*EncryptedMessageData) Decode ¶
func (e *EncryptedMessageData) Decode(b *bin.Buffer) error
Decode implements bin.Decoder.
func (*EncryptedMessageData) DecodeWithoutCopy ¶ added in v0.43.0
func (e *EncryptedMessageData) DecodeWithoutCopy(b *bin.Buffer) error
DecodeWithoutCopy is like Decode, but MessageDataWithPadding references to given buffer instead of copying.
func (EncryptedMessageData) Encode ¶
func (e EncryptedMessageData) Encode(b *bin.Buffer) error
Encode implements bin.Encoder.
func (EncryptedMessageData) EncodeWithoutCopy ¶ added in v0.43.1
func (e EncryptedMessageData) EncodeWithoutCopy(b *bin.Buffer) error
EncodeWithoutCopy is like Encode, but tries to encode Message and uses only one buffer to encode. If Message is nil, fallbacks to Encode.
type Key ¶ added in v0.19.0
type Key [256]byte
Key represents 2048-bit authorization key value.
type Side ¶
type Side byte
Side on which encryption is performed.
func (Side) DecryptSide ¶ added in v0.11.0
DecryptSide returns Side for decryption.