Documentation ¶
Overview ¶
Package uid defines user IDs in Mute and necessary long-term and short-term key material.
Index ¶
- Constants
- Variables
- func KeyEntryEqual(a, b *KeyEntry) bool
- func SigKeyHash(sigPubKey string) (string, error)
- func VerifyNonce(sigPubKey string, nonce uint64, signature string) error
- type Entry
- type KeyEntry
- func (ke *KeyEntry) InitDHKey(rand io.Reader) error
- func (ke *KeyEntry) JSON() []byte
- func (ke *KeyEntry) PrivateKey() string
- func (ke *KeyEntry) PrivateKey32() *[32]byte
- func (ke *KeyEntry) PrivateKey64() *[64]byte
- func (ke *KeyEntry) PublicKey32() *[32]byte
- func (ke *KeyEntry) SetPrivateKey(privkey string) error
- func (ke *KeyEntry) Verify() error
- type KeyInit
- func (ki *KeyInit) Check() error
- func (ki *KeyInit) JSON() []byte
- func (ki *KeyInit) KeyEntryECDHE25519(sigPubKey string) (*KeyEntry, error)
- func (ki *KeyInit) MsgCount() uint64
- func (ki *KeyInit) SessionAnchor(sigPubKey string) (*SessionAnchor, error)
- func (ki *KeyInit) SigKeyHash() string
- func (ki *KeyInit) Sign(sigKey *cipher.Ed25519Key) string
- func (ki *KeyInit) Verify(keyInitRepositoryURIs []string, sigPubKey string) error
- func (ki *KeyInit) VerifySrvSig(signature, srvPubKey string) error
- type Message
- func (msg *Message) Check() error
- func (msg *Message) Domain() string
- func (msg *Message) Encrypt() (UIDHash, UIDIndex []byte, UIDMessageEncrypted string)
- func (msg *Message) Identity() string
- func (msg *Message) JSON() []byte
- func (msg *Message) KeyInit(msgcount, notafter, notbefore uint64, fallback bool, ...) (ki *KeyInit, pubKeyHash, privateKey string, err error)
- func (msg *Message) Localpart() string
- func (msg *Message) PrivateEncKey() string
- func (msg *Message) PrivateEncKey32() *[32]byte
- func (msg *Message) PrivateSigKey() string
- func (msg *Message) PrivateSigKey64() *[64]byte
- func (msg *Message) PubHash() string
- func (msg *Message) PubKey() *KeyEntry
- func (msg *Message) PublicEncKey32() *[32]byte
- func (msg *Message) PublicKey() (*[32]byte, error)
- func (msg *Message) PublicSigKey32() *[32]byte
- func (msg *Message) SetPrivateEncKey(privkey string) error
- func (msg *Message) SetPrivateSigKey(privkey string) error
- func (msg *Message) SigKeyHash() (string, error)
- func (msg *Message) SigPubKey() string
- func (msg *Message) SignNonce() (nonce uint64, signature string)
- func (msg *Message) Update(rand io.Reader) (*Message, error)
- func (msg *Message) VerifySelfSig() error
- func (msg *Message) VerifyUserSig(preMsg *Message) error
- type MessageReply
- type PFSPreference
- type SessionAnchor
Constants ¶
const DefaultCiphersuite string = "NACL HKDF AES256-CTR SHA512-HMAC ED25519 ECDHE25519"
DefaultCiphersuite defines the default ciphersuite:
Static Key Agreement: NaCL Key derivation function: HKDF Symmetric encryption: AES-256 in counter mode Integrity protection: SHA-512 HMAC Signature generation: Ed25519 Forward secure key agreement: ECDHE over curve25519
All valid ciphersuite strings are predefined and contain only upper-case letters.
const MaxNotAfter = uint64(90 * 24 * 60 * 60) // 90 days
MaxNotAfter defines the number of seconds the NOTAFTER field of a KeyInit message can be in the future.
const ProtocolVersion = "1.0"
ProtocolVersion defines the current version of the protocol. Version 1.0 has the following peculiarities.
For UIDMessage:
- UIDContent.PREFERENCES.FORWARDSEC must be "strict".
- UIDContent.PUBKEYS contains exactly one ECDHE25519 key for the default ciphersuite.
- UIDContent.SIGESCROW must be zero-value.
- UIDContent.REPOURIS contains one entry which is the domain of UIDContent.IDENTITY.
- UIDContent.CHAINLINK must be zero-value.
For KeyInit:
- Contents.MSGCOUNT must be 0.
Variables ¶
var ErrExpired = errors.New("uid: NOTAFTER has expired")
ErrExpired is raised when NOTAFTER has expired.
var ErrFuture = errors.New("uid: NOTAFTER is too far in the future")
ErrFuture is raised when NOTAFTER is too far in the future.
var ErrIncrement = errors.New("uid: message counter not incremented by one")
ErrIncrement is raised when the MSGCOUNTER of an updated UID message was not incremented by one.
var ErrInvalidKeyInitSig = errors.New("uid: KeyInit signature is invalid")
ErrInvalidKeyInitSig is raised when the KeyInit signature is invalid.
var ErrInvalidNonceSig = errors.New("uid: nonce signature invalid")
ErrInvalidNonceSig is raised when the nonce signature created by a UID message is invalid.
var ErrInvalidSelfSig = errors.New("uid: self-signature invalid")
ErrInvalidSelfSig is raised when the self-signature of an UID message is invalid.
var ErrInvalidSrvSig = errors.New("uid: server-signature invalid (keyserver keys up-to-date?)")
ErrInvalidSrvSig is raised when the server-signature of an UID message reply is invalid.
var ErrInvalidTimes = errors.New("uid: key init NOTBEFORE must be smaller than NOTAFTER")
ErrInvalidTimes is raised when NOTAFTER and NOTBEFORE are invalid.
var ErrInvalidUserSig = errors.New("uid: user-signature invalid")
ErrInvalidUserSig is raised when the self-signature of an UID message is invalid.
var ErrKeyEntryNotFound = errors.New("uid: KeyEntry not found")
ErrKeyEntryNotFound is raised when a KeyEntry for a given function is not found.
var ErrMsgMismatch = errors.New("uid: UIDMessageReply from key server doesn't match original UIDMessage")
ErrMsgMismatch is raised when the UIDMessage in a UIDMessageReply doesn't match the original UIDMessage.
var ErrRepoURI = errors.New("uid: KeyInit has invalid repoURI")
ErrRepoURI is raised when a KeyInit message has an invalid repo URI.
var ErrSessionAnchor = errors.New("uid: SESSIONANCHORHASH does not match decrypted SESSIONANCHOR")
ErrSessionAnchor is raised when the SESSIONANCHORHASH does not match the decrypted SESSIONANCHOR.
var ErrWrongSigKeyHash = errors.New("uid: KeyInit SIGKEYHASH does not match")
ErrWrongSigKeyHash is raised when the SIGKEYHASH of a KeyInit message does not match.
Functions ¶
func KeyEntryEqual ¶
KeyEntryEqual returns a boolean reporting whether a and b have the same exported fields.
func SigKeyHash ¶
SigKeyHash returns the SIGKEYHASH which corresponds to the sigPubKey.
Types ¶
type Entry ¶
type Entry struct { UIDMESSAGEENCRYPTED string // encrypted version of UIDMessage HASHCHAINENTRY string // corresponding key hashchain entry HASHCHAINPOS uint64 // position of key hashchain entry }
Entry describes a key server entry.
type KeyEntry ¶
type KeyEntry struct { CIPHERSUITE string // ciphersuite for which the key may be used. Example: "NACL HKDF AES-CTR256 SHA512-HMAC ED25519 ECDHE25519" FUNCTION string // function for which the key may be used in the ciphersuite. Example: "ECDHE25519" HASH string // SHA512 hash of PUBKEY PUBKEY string // the public key // contains filtered or unexported fields }
A KeyEntry describes a key in Mute.
func NewJSONKeyEntry ¶
NewJSONKeyEntry returns a new KeyEntry message initialized with the parameters given in the JSON byte array.
func (*KeyEntry) InitDHKey ¶
InitDHKey initializes the KeyEntry with a key for ECDHE25519.
TODO: InitDHKey has to be separated, should only end up in mutecrypt and not in mutekeyd.
func (*KeyEntry) PrivateKey ¶
PrivateKey returns the base64 encoded private key of KeyEntry.
func (*KeyEntry) PrivateKey32 ¶
PrivateKey32 returns the 32-byte private key of the KeyEntry.
func (*KeyEntry) PrivateKey64 ¶
PrivateKey64 returns the 64-byte private key of the KeyEntry.
func (*KeyEntry) PublicKey32 ¶
PublicKey32 returns the 32-byte public key of KeyEntry.
func (*KeyEntry) SetPrivateKey ¶
SetPrivateKey sets the private key to the given base64 encoded privkey string.
type KeyInit ¶
type KeyInit struct { Contents contents SIGNATURE string // signature of contents by UIDMessage.UIDContent.SIGKEY }
A KeyInit message contains short-term keys.
func NewJSONKeyInit ¶
NewJSONKeyInit returns a new KeyInit message initialized with the parameters given in the JSON byte array.
func (*KeyInit) KeyEntryECDHE25519 ¶
KeyEntryECDHE25519 returns the decrypted and verified ECDHE25519 KeyEntry for KeyInit.
func (*KeyInit) SessionAnchor ¶
func (ki *KeyInit) SessionAnchor(sigPubKey string) (*SessionAnchor, error)
SessionAnchor returns the decrypted and verified session anchor for KeyInit.
func (*KeyInit) SigKeyHash ¶
SigKeyHash returns the signature key hash of the KeyInit message.
func (*KeyInit) Sign ¶
func (ki *KeyInit) Sign(sigKey *cipher.Ed25519Key) string
Sign signs the KeyInit message and returns the signature.
func (*KeyInit) Verify ¶
Verify verifies that the KeyInit is valid and contains a valid ECDHE25519 key.
func (*KeyInit) VerifySrvSig ¶
VerifySrvSig verifies the signature with the srvPubKey.
type Message ¶
type Message struct { UIDContent uidContent // Signature over UIDContent by previous SIGESCROW. ESCROWSIGNATURE string // Signature over UIDContent by previous SIGKEY. USERSIGNATURE string // Signature over UIDContent by current SIGKEY. SELFSIGNATURE string // Signature over UIDContent by key server SIGESCROW in the case of // authorative keyserver links. // Must be zero unless an authorative link entry. LINKAUTHORITY string }
Message is a UIDMessage to be sent from user to key server. It represents a user ID in Mute and contains long-term keys.
func Create ¶
func Create( userID string, sigescrow bool, mixaddress, nymaddress string, pfsPreference PFSPreference, lastEntry string, rand io.Reader, ) (*Message, error)
Create creates a new UID message for the given userID and self-signs it. It automatically creates all necessary keys. If sigescrow is true, an escrow key is included in the created UID message. Necessary randomness is read from rand.
func NewJSON ¶
NewJSON returns a new UIDMessage initialized with the parameters given in the JSON uid string.
func (*Message) KeyInit ¶
func (msg *Message) KeyInit( msgcount, notafter, notbefore uint64, fallback bool, repoURI, mixaddress, nymaddress string, rand io.Reader, ) (ki *KeyInit, pubKeyHash, privateKey string, err error)
KeyInit returns a new KeyInit message for the given UID message. It also returns the pubKeyHash and privateKey for convenient further use. msgcount must increase for each message of the same type and user. notafter is the unixtime after which the key(s) should not be used anymore. notbefore is the unixtime before which the key(s) should not be used yet. fallback determines if the key may serve as a fallback key. repoURI is URI of the corresponding KeyInit repository. Necessary randomness is read from rand.
func (*Message) PrivateEncKey ¶
PrivateEncKey returns the base64 encoded private encryption key of the given UID message.
func (*Message) PrivateEncKey32 ¶
PrivateEncKey32 decodes the 32-byte private encryption key of the given UID message and returns it.
func (*Message) PrivateSigKey ¶
PrivateSigKey returns the base64 encoded private signature key of the UID message.
func (*Message) PrivateSigKey64 ¶
PrivateSigKey64 returns the 64-byte private signature key of the given UID message.
func (*Message) PubHash ¶
PubHash returns the public key hash which corresponds to the given UID message.
func (*Message) PublicEncKey32 ¶
PublicEncKey32 decodes the 32-byte public encryption key of the given UID message and returns it.
func (*Message) PublicKey ¶
PublicKey decodes the 32-byte public key from the given UID message and returns it.
func (*Message) PublicSigKey32 ¶
PublicSigKey32 returns the 32-byte public signature key of the given UID message and returns it.
func (*Message) SetPrivateEncKey ¶
SetPrivateEncKey sets the private encryption key to the given base64 encoded privkey string.
func (*Message) SetPrivateSigKey ¶
SetPrivateSigKey sets the private signature key to the given base64 encoded privkey string.
func (*Message) SigKeyHash ¶
SigKeyHash returns the SIGKEYHASH which corresponds to the given UID message.
func (*Message) SigPubKey ¶
SigPubKey returns the public signature key which corresponds to the given UID message.
func (*Message) Update ¶
Update generates an updated version of the given UID message, signs it with the private signature key, and returns it.
func (*Message) VerifySelfSig ¶
VerifySelfSig verifies that the self-signature of UIDMessage is valid.
func (*Message) VerifyUserSig ¶
VerifyUserSig verifies that the user-signature of UIDMessage is valid.
type MessageReply ¶
type MessageReply struct { ENTRY Entry SERVERSIGNATURE string // signature over Entry by keyserver's signature key }
A MessageReply indicates a successful reply from key server.
func CreateReply ¶
func CreateReply( UIDMessageEncrypted, HCEntry string, HCPos uint64, sigKey *cipher.Ed25519Key, ) *MessageReply
CreateReply creates MessageReply.
func NewJSONReply ¶
func NewJSONReply(uid string) (*MessageReply, error)
NewJSONReply returns a new MessageReply initialized with the parameters given in the JSON uid string.
func (*MessageReply) Decrypt ¶
func (reply *MessageReply) Decrypt(UIDHash []byte) ([]byte, *Message, error)
Decrypt decrypts the message reply and returns the resulting UIDIndex and UIDMesssage.
func (*MessageReply) JSON ¶
func (reply *MessageReply) JSON() []byte
JSON encodes MessageReply as a JSON string according to the specification.
func (*MessageReply) VerifySrvSig ¶
func (reply *MessageReply) VerifySrvSig(msg *Message, srvPubKey string) error
VerifySrvSig verifies that the server-signature of MessageReply is valid.
type PFSPreference ¶
type PFSPreference int
PFSPreference representes a perfect forward secrecy (PFS) preference.
const ( // Mandatory PFS preference. Mandatory PFSPreference = iota // Strict PFS preference. Strict // Optional PFS preference. Optional )
func (PFSPreference) String ¶
func (pfsPreference PFSPreference) String() string
String returns the string representation of pfsPreference.
type SessionAnchor ¶
type SessionAnchor struct { MIXADDRESS string // fully qualified address of mix to use as last hop to user NYMADDRESS string // a valid NymAddress PFKEYS []KeyEntry // for ephemeral/forward secure key agreement }
A SessionAnchor contains the keys for perfect forward secrecy.
func (*SessionAnchor) KeyEntry ¶
func (sa *SessionAnchor) KeyEntry(function string) (*KeyEntry, error)
KeyEntry returns the KeyEntry of the SessionAnchor for the given function.
func (*SessionAnchor) NymAddress ¶
func (sa *SessionAnchor) NymAddress() string
NymAddress returns the nymaddress of the SessionAnchor.
func (*SessionAnchor) PrivateKey ¶
func (sa *SessionAnchor) PrivateKey() string
PrivateKey returns the base64 encoded private signature key of session anchor.
func (*SessionAnchor) SetPrivateKey ¶
func (sa *SessionAnchor) SetPrivateKey(privkey string) error
SetPrivateKey sets the private key to the given base64 encoded privkey string.
Directories ¶
Path | Synopsis |
---|---|
Package identity contains helper functions for Mute identities.
|
Package identity contains helper functions for Mute identities. |
Package length defines the JSON encoded lengths of some uid datastructures (for padding purposes).
|
Package length defines the JSON encoded lengths of some uid datastructures (for padding purposes). |