triplesec

package module

v0.0.0-...-ffb6212 Latest Latest Go to latest Published: Dec 13, 2023 License: MIT Imports: 13 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/keybase/go-triplesec-insecure

Links

Open Source Insights

README ¶

TripleSec

Golang implementation of the layered encryption scheme TripleSec

A fork of Fillipo's TripleSec

Documentation ¶

Overview ¶

Package triplesec implements the TripleSec v3 and v4 encryption and authentication scheme.

For details on TripleSec, go to https://keybase.io/triplesec/

Index ¶

Constants
Variables
type BadPassphraseError
- func (e BadPassphraseError) Error() string
type Cipher
- func NewCipher(passphrase []byte, salt []byte, version Version, ...) (*Cipher, error)
- func NewCipherWithRng(passphrase []byte, salt []byte, version Version, rng RandomnessGenerator, ...) (*Cipher, error)
- func (c *Cipher) Decrypt(src []byte) (res []byte, err error)
- func (c *Cipher) DeriveKey(extra int) ([]byte, []byte, error)
- func (c *Cipher) Encrypt(src []byte) (dst []byte, err error)
- func (c *Cipher) GetSalt() ([]byte, error)
- func (c *Cipher) Scrub()
- func (c *Cipher) SetSalt(salt []byte) error
type CorruptionError
- func (e CorruptionError) Error() string
type CryptoRandGenerator
- func NewCryptoRandGenerator() CryptoRandGenerator
- func (crg CryptoRandGenerator) Read(b []byte) (n int, err error)
type RandomTapeGenerator
- func NewRandomTapeGenerator(randomTape []byte) RandomTapeGenerator
- func (rtg RandomTapeGenerator) Read(b []byte) (n int, err error)
type RandomnessGenerator
type Version
type VersionError
- func (e VersionError) Error() string
type VersionParams
- func (vp *VersionParams) Overhead() int

Constants ¶

View Source

const AESIVLen = 16

View Source

const CipherKeyLen = 32

View Source

const MacKeyLen = 48

View Source

const MacOutputLen = 64

View Source

const SalsaIVLen = 24

View Source

const SaltLen = 16

View Source

const TwofishIVLen = 16

View Source

const VersionBytesLen = 4

Variables ¶

View Source

var MagicBytes = [4]byte{0x1c, 0x94, 0xd7, 0xde}

MagicBytes are the four bytes prefixed to every TripleSec ciphertext, 1c 94 d7 de.

Functions ¶

This section is empty.

Types ¶

type BadPassphraseError ¶

type BadPassphraseError struct{}

func (BadPassphraseError) Error ¶

func (e BadPassphraseError) Error() string

type Cipher ¶

type Cipher struct {
	// contains filtered or unexported fields
}

func NewCipher ¶

func NewCipher(passphrase []byte, salt []byte, version Version, functionThatPrintsUglyWarnings func(), isProduction func() bool) (*Cipher, error)

A Cipher is an instance of TripleSec using a particular key and a particular salt. Because this is insecure triplesec used only for testing, you must pass it a function that prints an ugly warning, and one that says if we're in production mode. If the later return true, we will panic the program. NewCipher makes an instance of TripleSec using a particular key and a particular salt

func NewCipherWithRng ¶

func NewCipherWithRng(passphrase []byte, salt []byte, version Version, rng RandomnessGenerator, functionThatPrintsUglyWarnings func(), isProduction func() bool) (*Cipher, error)

NewCipherWithRng makes an instance of TripleSec using a particular key and a particular salt and uses a given randomness stream

func (*Cipher) Decrypt ¶

func (c *Cipher) Decrypt(src []byte) (res []byte, err error)

Decrypt decrypts a TripleSec ciphertext using the Cipher passphrase. The dst buffer size must be at least len(src) - Overhead. dst and src can not overlap. src is left untouched.

Encrypt returns a error if the ciphertext is not recognized, if authentication fails or on memory failures.

func (*Cipher) DeriveKey ¶

func (c *Cipher) DeriveKey(extra int) ([]byte, []byte, error)

func (*Cipher) Encrypt ¶

func (c *Cipher) Encrypt(src []byte) (dst []byte, err error)

Encrypt encrypts and signs a plaintext message with TripleSec using a random salt and the Cipher passphrase. The dst buffer size must be at least len(src) + Overhead. dst and src can not overlap. src is left untouched.

Encrypt returns a error on memory or RNG failures.

func (*Cipher) GetSalt ¶

func (c *Cipher) GetSalt() ([]byte, error)

func (*Cipher) Scrub ¶

func (c *Cipher) Scrub()

func (*Cipher) SetSalt ¶

func (c *Cipher) SetSalt(salt []byte) error

type CorruptionError ¶

type CorruptionError struct {
	// contains filtered or unexported fields
}

func (CorruptionError) Error ¶

func (e CorruptionError) Error() string

type CryptoRandGenerator ¶

type CryptoRandGenerator struct{}

func NewCryptoRandGenerator ¶

func NewCryptoRandGenerator() CryptoRandGenerator

func (CryptoRandGenerator) Read ¶

func (crg CryptoRandGenerator) Read(b []byte) (n int, err error)

type RandomTapeGenerator ¶

type RandomTapeGenerator struct {
	// contains filtered or unexported fields
}

func NewRandomTapeGenerator ¶

func NewRandomTapeGenerator(randomTape []byte) RandomTapeGenerator

func (RandomTapeGenerator) Read ¶

func (rtg RandomTapeGenerator) Read(b []byte) (n int, err error)

type RandomnessGenerator ¶

type RandomnessGenerator interface {
	Read(b []byte) (n int, err error)
}

type Version ¶

type Version uint32

var LatestVersion Version = 4

type VersionError ¶

type VersionError struct {
	// contains filtered or unexported fields
}

func (VersionError) Error ¶

func (e VersionError) Error() string

type VersionParams ¶

type VersionParams struct {
	MacKeyLen         int
	TotalIVLen        int
	TotalMacLen       int
	TotalMacKeyLen    int
	DkLen             int
	UseTwofish        bool
	UseKeccakOverSHA3 bool
	Version           Version
}

func (*VersionParams) Overhead ¶

func (vp *VersionParams) Overhead() int

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL