crypto

package
v0.12.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 22, 2020 License: MIT Imports: 19 Imported by: 0

Documentation

Overview

Package crypto implements cryptographical primitives for MTproto.

Reference:

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CheckDHParams 

func CheckDHParams(dhPrime, g, gA, gB *big.Int) error

CheckDHParams checks that g_a, g_b and g params meet key exchange conditions.

https://core.telegram.org/mtproto/auth_key#dh-key-exchange-complete

func DataWithHash 

func DataWithHash(data []byte, randomSource io.Reader) ([]byte, error)

DataWithHash prepends data with SHA1(data) and 0..15 random bytes so result length is divisible by 16.

Use GuessDataWithHash(result) to obtain data.

func DecomposePQ 

func DecomposePQ(pq *big.Int, randSource io.Reader) (p, q *big.Int, err error)

DecomposePQ decomposes pq into prime factors such that p < q.

func DecryptExchangeAnswer added in v0.12.0 

func DecryptExchangeAnswer(data, key, iv []byte) (dst []byte, err error)

DecryptExchangeAnswer decrypts messages created during key exchange.

func EncryptExchangeAnswer added in v0.12.0 

func EncryptExchangeAnswer(rand io.Reader, answer, key, iv []byte) (dst []byte, err error)

EncryptExchangeAnswer encrypts messages created during key exchange.

func GuessDataWithHash 

func GuessDataWithHash(dataWithHash []byte) []byte

GuessDataWithHash guesses data from data_with_hash.

func InRange added in v0.11.0 

func InRange(x, min, max *big.Int) bool

InRange checks whether x is in (min, max) range, i.e. min < x < max.

func Keys 

func Keys(authKey AuthKey, msgKey bin.Int128, mode Side) (key, iv bin.Int256)

Keys returns (aes_key, aes_iv) pair for AES-IGE.

Reference: * https://core.telegram.org/mtproto/description#defining-aes-key-and-initialization-vector

Example: 

key, iv := crypto.Keys(authKey, messageKey, crypto.Client)
cipher, err := aes.NewCipher(key[:])
if err != nil {
	return nil, err
}
encryptor := ige.NewIGEEncrypter(cipher, iv[:])

func MessageKey 

func MessageKey(authKey AuthKey, plaintextPadded []byte, mode Side) bin.Int128

MessageKey computes message key for provided auth_key and padded payload.

func NewSessionID 

func NewSessionID(reader io.Reader) (int64, error)

NewSessionID generates new random int64 from reader.

Use crypto/rand.Reader if session id should be cryptographically safe.

func ParseRSAPublicKeys 

func ParseRSAPublicKeys(data []byte) ([]*rsa.PublicKey, error)

ParseRSAPublicKeys parses data as list of PEM-encdoed public keys.

func RSADecryptHashed added in v0.11.0 

func RSADecryptHashed(data []byte, key *rsa.PrivateKey) (r []byte)

RSADecryptHashed decrypts given data with RSA, prefixing with a hash.

func RSAEncryptHashed added in v0.11.0 

func RSAEncryptHashed(data []byte, key *rsa.PublicKey, randomSource io.Reader) ([]byte, error)

RSAEncryptHashed encrypts given data with RSA, prefixing with a hash.

func RSAFingerprint 

func RSAFingerprint(key *rsa.PublicKey) int64

RSAFingerprint returns fingerprint of RSA public key as defined in MTProto.

func RandInt128 

func RandInt128(randSource io.Reader) (bin.Int128, error)

RandInt128 generates and returns new random 128-bit integer.

Use crypto/rand.Reader as randSource in production.

func RandInt256 

func RandInt256(randSource io.Reader) (bin.Int256, error)

RandInt256 generates and returns new random 256-bit integer.

Use crypto/rand.Reader as randSource in production.

func RandInt64 

func RandInt64(randSource io.Reader) (int64, error)

RandInt64 returns random int64 from randSource.

func ServerSalt added in v0.12.0 

func ServerSalt(newNonce bin.Int256, serverNonce bin.Int128) (salt int64)

ServerSalt computes server salt.

func TempAESKeys 

func TempAESKeys(newNonce, serverNonce *big.Int) (key, iv []byte)

TempAESKeys returns tmp_aes_key and tmp_aes_iv based on new_nonce and server_nonce as defined in "Creating an Authorization Key".

Types

type AuthKey 

type AuthKey [256]byte

AuthKey represents 2048-bit authorization key.

func (AuthKey) AuxHash 

func (k AuthKey) AuxHash() [8]byte

AuxHash returns aux_hash value of key.

func (AuthKey) ID 

func (k AuthKey) ID() [8]byte

ID returns auth_key_id.

func (AuthKey) WithID added in v0.12.0 

func (k AuthKey) WithID() AuthKeyWithID

WithID creates new AuthKeyWithID from AuthKey.

func (AuthKey) Zero 

func (k AuthKey) Zero() bool

Zero reports whether AuthKey is zero value.

type AuthKeyWithID added in v0.12.0 

type AuthKeyWithID struct {
	AuthKey   AuthKey
	AuthKeyID [8]byte
}

AuthKeyWithID is a AuthKey with cached id.

func (AuthKeyWithID) Zero added in v0.12.0 

func (a AuthKeyWithID) Zero() bool

Zero reports whether AuthKey is zero value.

type Cipher added in v0.11.0 

type Cipher struct {
	// contains filtered or unexported fields
}

Cipher is message encryption utility struct.

func NewClientCipher added in v0.11.0 

func NewClientCipher(rand io.Reader) Cipher

NewClientCipher creates new client-side Cipher.

func NewServerCipher added in v0.11.0 

func NewServerCipher(rand io.Reader) Cipher

NewServerCipher creates new server-side Cipher.

func (Cipher) Decrypt added in v0.12.0 

func (c Cipher) Decrypt(k AuthKeyWithID, encrypted *EncryptedMessage) (*EncryptedMessageData, error)

Decrypt decrypts data from encrypted message using AES-IGE.

func (Cipher) DecryptFromBuffer added in v0.12.0 

func (c Cipher) DecryptFromBuffer(k AuthKeyWithID, buf *bin.Buffer) (*EncryptedMessageData, error)

DecryptFromBuffer decodes EncryptedMessage and decrypts it.

func (Cipher) DecryptMessage added in v0.11.0 

func (c Cipher) DecryptMessage(k AuthKeyWithID, encrypted *EncryptedMessage) ([]byte, error)

DecryptMessage decrypts data from encrypted message using AES-IGE.

func (Cipher) Encrypt added in v0.12.0 

func (c Cipher) Encrypt(key AuthKeyWithID, data EncryptedMessageData, b *bin.Buffer) error

Encrypt encrypts EncryptedMessageData using AES-IGE to given buffer.

func (Cipher) EncryptMessage added in v0.11.0 

func (c Cipher) EncryptMessage(k AuthKeyWithID, plaintext []byte) (*EncryptedMessage, error)

EncryptMessage encrypts plaintext using AES-IGE.

func (Cipher) Rand added in v0.11.0 

func (c Cipher) Rand() io.Reader

Rand returns random generator.

type EncryptedMessage 

type EncryptedMessage struct {
	AuthKeyID [8]byte
	MsgKey    bin.Int128

	EncryptedData []byte
}

EncryptedMessage of protocol.

func (*EncryptedMessage) Decode 

func (e *EncryptedMessage) Decode(b *bin.Buffer) error

Decode implements bin.Decoder.

func (EncryptedMessage) Encode 

func (e EncryptedMessage) Encode(b *bin.Buffer) error

Encode implements bin.Encoder.

type EncryptedMessageData 

type EncryptedMessageData struct {
	Salt                   int64
	SessionID              int64
	MessageID              int64
	SeqNo                  int32
	MessageDataLen         int32
	MessageDataWithPadding []byte
}

EncryptedMessageData is stored in EncryptedMessage.EncryptedData.

func (*EncryptedMessageData) Data added in v0.11.0 

func (e *EncryptedMessageData) Data() []byte

Data returns message data without hash.

func (*EncryptedMessageData) Decode 

func (e *EncryptedMessageData) Decode(b *bin.Buffer) error

Decode implements bin.Decoder.

func (EncryptedMessageData) Encode 

func (e EncryptedMessageData) Encode(b *bin.Buffer) error

Encode implements bin.Encoder.

type Side 

type Side byte

Side on which encryption is performed. 

const (
	// Client side of encryption (e.g. messages from client).
	Client Side = 0
	// Server side of encryption (e.g. RPC responses).
	Server Side = 1
)

func (Side) DecryptSide added in v0.11.0 

func (s Side) DecryptSide() Side

DecryptSide returns Side for decryption.

Source Files

View all Source files

Directories

Path Synopsis
Package srp contains implementation of Secure Remote Password protocol.
 Package srp contains implementation of Secure Remote Password protocol.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.