Documentation ¶
Overview ¶
Package crypto implements cryptographical primitives for MTproto.
Reference:
Index ¶
- func CheckDHParams(dhPrime, g, gA, gB *big.Int) error
- func DataWithHash(data []byte, randomSource io.Reader) ([]byte, error)
- func DecomposePQ(pq *big.Int, randSource io.Reader) (p, q *big.Int, err error)
- func DecryptExchangeAnswer(data, key, iv []byte) (dst []byte, err error)
- func EncryptExchangeAnswer(rand io.Reader, answer, key, iv []byte) (dst []byte, err error)
- func GuessDataWithHash(dataWithHash []byte) []byte
- func InRange(x, min, max *big.Int) bool
- func Keys(authKey AuthKey, msgKey bin.Int128, mode Side) (key, iv bin.Int256)
- func MessageKey(authKey AuthKey, plaintextPadded []byte, mode Side) bin.Int128
- func NewSessionID(reader io.Reader) (int64, error)
- func ParseRSAPublicKeys(data []byte) ([]*rsa.PublicKey, error)
- func RSADecryptHashed(data []byte, key *rsa.PrivateKey) (r []byte)
- func RSAEncryptHashed(data []byte, key *rsa.PublicKey, randomSource io.Reader) ([]byte, error)
- func RSAFingerprint(key *rsa.PublicKey) int64
- func RandInt128(randSource io.Reader) (bin.Int128, error)
- func RandInt256(randSource io.Reader) (bin.Int256, error)
- func RandInt64(randSource io.Reader) (int64, error)
- func SHA256(from []byte) []byte
- func ServerSalt(newNonce bin.Int256, serverNonce bin.Int128) (salt int64)
- func TempAESKeys(newNonce, serverNonce *big.Int) (key, iv []byte)
- type AuthKey
- type AuthKeyWithID
- type Cipher
- func (c Cipher) Decrypt(k AuthKeyWithID, encrypted *EncryptedMessage) (*EncryptedMessageData, error)
- func (c Cipher) DecryptFromBuffer(k AuthKeyWithID, buf *bin.Buffer) (*EncryptedMessageData, error)
- func (c Cipher) DecryptMessage(k AuthKeyWithID, encrypted *EncryptedMessage) ([]byte, error)
- func (c Cipher) Encrypt(key AuthKeyWithID, data EncryptedMessageData, b *bin.Buffer) error
- func (c Cipher) EncryptMessage(k AuthKeyWithID, plaintext []byte) (*EncryptedMessage, error)
- func (c Cipher) Rand() io.Reader
- type EncryptedMessage
- type EncryptedMessageData
- type Side
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CheckDHParams ¶
CheckDHParams checks that g_a, g_b and g params meet key exchange conditions.
https://core.telegram.org/mtproto/auth_key#dh-key-exchange-complete
func DataWithHash ¶
DataWithHash prepends data with SHA1(data) and 0..15 random bytes so result length is divisible by 16.
Use GuessDataWithHash(result) to obtain data.
func DecomposePQ ¶
DecomposePQ decomposes pq into prime factors such that p < q.
func DecryptExchangeAnswer ¶ added in v0.12.0
DecryptExchangeAnswer decrypts messages created during key exchange.
func EncryptExchangeAnswer ¶ added in v0.12.0
EncryptExchangeAnswer encrypts messages created during key exchange.
func GuessDataWithHash ¶
GuessDataWithHash guesses data from data_with_hash.
func InRange ¶ added in v0.11.0
InRange checks whether x is in (min, max) range, i.e. min < x < max.
func Keys ¶
Keys returns (aes_key, aes_iv) pair for AES-IGE.
Reference: * https://core.telegram.org/mtproto/description#defining-aes-key-and-initialization-vector
Example:
key, iv := crypto.Keys(authKey, messageKey, crypto.Client) cipher, err := aes.NewCipher(key[:]) if err != nil { return nil, err } encryptor := ige.NewIGEEncrypter(cipher, iv[:])
func MessageKey ¶
MessageKey computes message key for provided auth_key and padded payload.
func NewSessionID ¶
NewSessionID generates new random int64 from reader.
Use crypto/rand.Reader if session id should be cryptographically safe.
func ParseRSAPublicKeys ¶
ParseRSAPublicKeys parses data as list of PEM-encdoed public keys.
func RSADecryptHashed ¶ added in v0.11.0
func RSADecryptHashed(data []byte, key *rsa.PrivateKey) (r []byte)
RSADecryptHashed decrypts given data with RSA, prefixing with a hash.
func RSAEncryptHashed ¶ added in v0.11.0
RSAEncryptHashed encrypts given data with RSA, prefixing with a hash.
func RSAFingerprint ¶
RSAFingerprint returns fingerprint of RSA public key as defined in MTProto.
func RandInt128 ¶
RandInt128 generates and returns new random 128-bit integer.
Use crypto/rand.Reader as randSource in production.
func RandInt256 ¶
RandInt256 generates and returns new random 256-bit integer.
Use crypto/rand.Reader as randSource in production.
func ServerSalt ¶ added in v0.12.0
ServerSalt computes server salt.
func TempAESKeys ¶
TempAESKeys returns tmp_aes_key and tmp_aes_iv based on new_nonce and server_nonce as defined in "Creating an Authorization Key".
Types ¶
type AuthKey ¶
type AuthKey [256]byte
AuthKey represents 2048-bit authorization key.
func (AuthKey) WithID ¶ added in v0.12.0
func (k AuthKey) WithID() AuthKeyWithID
WithID creates new AuthKeyWithID from AuthKey.
type AuthKeyWithID ¶ added in v0.12.0
AuthKeyWithID is a AuthKey with cached id.
func (AuthKeyWithID) Zero ¶ added in v0.12.0
func (a AuthKeyWithID) Zero() bool
Zero reports whether AuthKey is zero value.
type Cipher ¶ added in v0.11.0
type Cipher struct {
// contains filtered or unexported fields
}
Cipher is message encryption utility struct.
func NewClientCipher ¶ added in v0.11.0
NewClientCipher creates new client-side Cipher.
func NewServerCipher ¶ added in v0.11.0
NewServerCipher creates new server-side Cipher.
func (Cipher) Decrypt ¶ added in v0.12.0
func (c Cipher) Decrypt(k AuthKeyWithID, encrypted *EncryptedMessage) (*EncryptedMessageData, error)
Decrypt decrypts data from encrypted message using AES-IGE.
func (Cipher) DecryptFromBuffer ¶ added in v0.12.0
func (c Cipher) DecryptFromBuffer(k AuthKeyWithID, buf *bin.Buffer) (*EncryptedMessageData, error)
DecryptFromBuffer decodes EncryptedMessage and decrypts it.
func (Cipher) DecryptMessage ¶ added in v0.11.0
func (c Cipher) DecryptMessage(k AuthKeyWithID, encrypted *EncryptedMessage) ([]byte, error)
DecryptMessage decrypts data from encrypted message using AES-IGE.
func (Cipher) Encrypt ¶ added in v0.12.0
func (c Cipher) Encrypt(key AuthKeyWithID, data EncryptedMessageData, b *bin.Buffer) error
Encrypt encrypts EncryptedMessageData using AES-IGE to given buffer.
func (Cipher) EncryptMessage ¶ added in v0.11.0
func (c Cipher) EncryptMessage(k AuthKeyWithID, plaintext []byte) (*EncryptedMessage, error)
EncryptMessage encrypts plaintext using AES-IGE.
type EncryptedMessage ¶
EncryptedMessage of protocol.
type EncryptedMessageData ¶
type EncryptedMessageData struct { Salt int64 SessionID int64 MessageID int64 SeqNo int32 MessageDataLen int32 MessageDataWithPadding []byte }
EncryptedMessageData is stored in EncryptedMessage.EncryptedData.
func (*EncryptedMessageData) Data ¶ added in v0.11.0
func (e *EncryptedMessageData) Data() []byte
Data returns message data without hash.
type Side ¶
type Side byte
Side on which encryption is performed.
func (Side) DecryptSide ¶ added in v0.11.0
DecryptSide returns Side for decryption.