Documentation
¶
Index ¶
- Constants
- Variables
- func Derive25519KEK(alg, apu []byte, fromPrivKey, toPubKey *[chacha.KeySize]byte) ([]byte, error)
- func IsChachaKeyValid(key []byte) bool
- func IsEncKeyPairValid(kp *EncKeyPair) bool
- func IsMessagingKeysValid(kpb *MessagingKeys) bool
- func IsSigKeyPairValid(kp *SigKeyPair) bool
- func Nonce(pub1, pub2 []byte) (*[NonceSize]byte, error)
- func PublicEd25519toCurve25519(pub []byte) ([]byte, error)
- func SecretEd25519toCurve25519(priv []byte) ([]byte, error)
- func VerifyKeys(sender KeyPair, recipients [][]byte) error
- type EncKeyPair
- type EncryptionAlgorithm
- type KeyPair
- type MessagingKeys
- type SigKeyPair
- type SignatureAlgorithm
Constants ¶
const ( // Curve25519 encryption key type Curve25519 = EncryptionAlgorithm("Curve25519") // EdDSA signature key type EdDSA = SignatureAlgorithm("EdDSA") )
const Curve25519KeySize = 32
Curve25519KeySize number of bytes in a Curve25519 public or private key
const NonceSize = 24
NonceSize size of a nonce used by Box encryption (Xchacha20Poly1305)
Variables ¶
var ErrInvalidKey = errors.New("invalid key")
ErrInvalidKey is used when a key is invalid
var ErrKeyNotFound = errors.New("key not found")
ErrKeyNotFound is returned when key not found
Functions ¶
func Derive25519KEK ¶
Derive25519KEK is a utility function that will derive an ephemeral symmetric key (kek) using fromPrivKey and toPubKey
func IsChachaKeyValid ¶
IsChachaKeyValid will return true if key size is the same as chacha20poly1305.keySize false otherwise
func IsEncKeyPairValid ¶
func IsEncKeyPairValid(kp *EncKeyPair) bool
IsEncKeyPairValid is a utility function that validates an EncKeyPair
func IsMessagingKeysValid ¶
func IsMessagingKeysValid(kpb *MessagingKeys) bool
IsMessagingKeysValid is a utility function that validates a KeyPair
func IsSigKeyPairValid ¶
func IsSigKeyPairValid(kp *SigKeyPair) bool
IsSigKeyPairValid is a utility function that validates an EncKeyPair
func PublicEd25519toCurve25519 ¶
PublicEd25519toCurve25519 takes an Ed25519 public key and provides the corresponding Curve25519 public key
This function wraps PublicKeyToCurve25519 from Adam Langley's ed25519 repo: https://github.com/agl/ed25519
func SecretEd25519toCurve25519 ¶
SecretEd25519toCurve25519 converts a secret key from Ed25519 to curve25519 format
This function wraps PrivateKeyToCurve25519 from Adam Langley's ed25519 repo: https://github.com/agl/ed25519
func VerifyKeys ¶
VerifyKeys is a utility function that verifies if sender key pair and recipients keys are valid (not empty)
Types ¶
type EncKeyPair ¶
type EncKeyPair struct {
KeyPair `json:"keypair,omitempty"`
// Alg is the encryption algorithm of keys enclosed in this key pair
Alg EncryptionAlgorithm `json:"alg,omitempty"`
}
EncKeyPair represents a private/public encryption key pair
type EncryptionAlgorithm ¶
type EncryptionAlgorithm string
EncryptionAlgorithm represents a content encryption algorithm.
type KeyPair ¶
type KeyPair struct {
// Priv is a private key
Priv []byte `json:"priv,omitempty"`
// Pub is a public key
Pub []byte `json:"pub,omitempty"`
}
KeyPair represents a private/public key pair
type MessagingKeys ¶
type MessagingKeys struct {
*EncKeyPair `json:"enckeypair,omitempty"`
*SigKeyPair `json:"sigkeypair,omitempty"`
}
MessagingKeys represents a pair of key pairs, one for encryption and one for signature usually stored in a KMS, it helps prevent converting signing keys into encryption ones TODO refactor this structure and all KeyPair handling as per issue #596
type SigKeyPair ¶
type SigKeyPair struct {
KeyPair `json:"keypair,omitempty"`
// Alg is the signature algorithm of keys enclosed in this key pair
Alg SignatureAlgorithm `json:"alg,omitempty"`
}
SigKeyPair represents a private/public signature (verification) key pair
type SignatureAlgorithm ¶
type SignatureAlgorithm string
SignatureAlgorithm represents a signature algorithm.
Source Files