Documentation ¶
Overview ¶
go-crypto is a customized/convenience cryptography package for supporting Tendermint.
It wraps select functionality of equivalent functions in the Go standard library, for easy usage with our libraries.
Keys:
All key generation functions return an instance of the PrivKey interface which implements methods
AssertIsPrivKeyInner() Bytes() []byte Sign(msg []byte) Signature PubKey() PubKey Equals(PrivKey) bool Wrap() PrivKey
From the above method we can: a) Retrieve the public key if needed
pubKey := key.PubKey()
For example:
privKey, err := crypto.GenPrivKeyEd25519() if err != nil { ... } pubKey := privKey.PubKey() ... // And then you can use the private and public key doSomething(privKey, pubKey)
We also provide hashing wrappers around algorithms:
Sha256
sum := crypto.Sha256([]byte("This is Tendermint")) fmt.Printf("%x\n", sum)
Ripemd160
sum := crypto.Ripemd160([]byte("This is consensus")) fmt.Printf("%x\n", sum)
Index ¶
- Constants
- func CRandBytes(numBytes int) []byte
- func CRandHex(numDigits int) string
- func CReader() io.Reader
- func DecodeArmor(armorStr string) (blockType string, headers map[string]string, data []byte, err error)
- func DecryptSymmetric(ciphertext []byte, secret []byte) (plaintext []byte, err error)
- func EncodeArmor(blockType string, headers map[string]string, data []byte) string
- func EncryptSymmetric(plaintext []byte, secret []byte) (ciphertext []byte)
- func MixEntropy(seedBytes []byte)
- func RegisterAmino(cdc *amino.Codec)
- func Ripemd160(bytes []byte) []byte
- func Sha256(bytes []byte) []byte
- type Address
- type PrivKey
- type PrivKeyEd25519
- func (privKey PrivKeyEd25519) Bytes() []byte
- func (privKey PrivKeyEd25519) Equals(other PrivKey) bool
- func (privKey PrivKeyEd25519) Generate(index int) PrivKeyEd25519
- func (privKey PrivKeyEd25519) PubKey() PubKey
- func (privKey PrivKeyEd25519) Sign(msg []byte) Signature
- func (privKey PrivKeyEd25519) ToCurve25519() *[32]byte
- type PrivKeySecp256k1
- type PubKey
- type PubKeyEd25519
- func (pubKey PubKeyEd25519) Address() Address
- func (pubKey PubKeyEd25519) Bytes() []byte
- func (pubKey PubKeyEd25519) Equals(other PubKey) bool
- func (pubKey PubKeyEd25519) String() string
- func (pubKey PubKeyEd25519) ToCurve25519() *[32]byte
- func (pubKey PubKeyEd25519) VerifyBytes(msg []byte, sig_ Signature) bool
- type PubKeySecp256k1
- type Signature
- type SignatureEd25519
- type SignatureSecp256k1
Examples ¶
Constants ¶
const Version = "0.6.2"
Variables ¶
This section is empty.
Functions ¶
func CRandHex ¶
CRandHex returns a hex encoded string that's floor(numDigits/2) * 2 long.
Note: CRandHex(24) gives 96 bits of randomness that are usually strong enough for most purposes.
func DecodeArmor ¶
func DecryptSymmetric ¶
secret must be 32 bytes long. Use something like Sha256(Bcrypt(passphrase)) The ciphertext is (secretbox.Overhead + 24) bytes longer than the plaintext.
func EncodeArmor ¶
func EncryptSymmetric ¶
secret must be 32 bytes long. Use something like Sha256(Bcrypt(passphrase)) The ciphertext is (secretbox.Overhead + 24) bytes longer than the plaintext. NOTE: call crypto.MixEntropy() first.
func MixEntropy ¶
func MixEntropy(seedBytes []byte)
Mix additional bytes of randomness, e.g. from hardware, user-input, etc. It is OK to call it multiple times. It does not diminish security.
func RegisterAmino ¶ added in v0.6.0
Types ¶
type Address ¶ added in v0.5.0
An address is a []byte, but hex-encoded even in JSON. []byte leaves us the option to change the address length. Use an alias so Unmarshal methods (with ptr receivers) are available too.
type PrivKey ¶
type PrivKey interface { Bytes() []byte Sign(msg []byte) Signature PubKey() PubKey Equals(PrivKey) bool }
func PrivKeyFromBytes ¶
type PrivKeyEd25519 ¶
type PrivKeyEd25519 [64]byte
Implements PrivKey
func GenPrivKeyEd25519 ¶
func GenPrivKeyEd25519() PrivKeyEd25519
func GenPrivKeyEd25519FromSecret ¶
func GenPrivKeyEd25519FromSecret(secret []byte) PrivKeyEd25519
NOTE: secret should be the output of a KDF like bcrypt, if it's derived from user input.
func (PrivKeyEd25519) Bytes ¶
func (privKey PrivKeyEd25519) Bytes() []byte
func (PrivKeyEd25519) Equals ¶
func (privKey PrivKeyEd25519) Equals(other PrivKey) bool
Equals - you probably don't need to use this. Runs in constant time based on length of the keys.
func (PrivKeyEd25519) Generate ¶
func (privKey PrivKeyEd25519) Generate(index int) PrivKeyEd25519
Deterministically generates new priv-key bytes from key.
func (PrivKeyEd25519) PubKey ¶
func (privKey PrivKeyEd25519) PubKey() PubKey
func (PrivKeyEd25519) Sign ¶
func (privKey PrivKeyEd25519) Sign(msg []byte) Signature
func (PrivKeyEd25519) ToCurve25519 ¶
func (privKey PrivKeyEd25519) ToCurve25519() *[32]byte
type PrivKeySecp256k1 ¶
type PrivKeySecp256k1 [32]byte
Implements PrivKey
func GenPrivKeySecp256k1 ¶
func GenPrivKeySecp256k1() PrivKeySecp256k1
func GenPrivKeySecp256k1FromSecret ¶
func GenPrivKeySecp256k1FromSecret(secret []byte) PrivKeySecp256k1
NOTE: secret should be the output of a KDF like bcrypt, if it's derived from user input.
func (PrivKeySecp256k1) Bytes ¶
func (privKey PrivKeySecp256k1) Bytes() []byte
func (PrivKeySecp256k1) Equals ¶
func (privKey PrivKeySecp256k1) Equals(other PrivKey) bool
Equals - you probably don't need to use this. Runs in constant time based on length of the keys.
func (PrivKeySecp256k1) PubKey ¶
func (privKey PrivKeySecp256k1) PubKey() PubKey
func (PrivKeySecp256k1) Sign ¶
func (privKey PrivKeySecp256k1) Sign(msg []byte) Signature
type PubKey ¶
type PubKey interface { Address() Address Bytes() []byte VerifyBytes(msg []byte, sig Signature) bool Equals(PubKey) bool }
func PubKeyFromBytes ¶
type PubKeyEd25519 ¶
type PubKeyEd25519 [32]byte
Implements PubKeyInner
func (PubKeyEd25519) Address ¶
func (pubKey PubKeyEd25519) Address() Address
func (PubKeyEd25519) Bytes ¶
func (pubKey PubKeyEd25519) Bytes() []byte
func (PubKeyEd25519) Equals ¶
func (pubKey PubKeyEd25519) Equals(other PubKey) bool
func (PubKeyEd25519) String ¶
func (pubKey PubKeyEd25519) String() string
func (PubKeyEd25519) ToCurve25519 ¶
func (pubKey PubKeyEd25519) ToCurve25519() *[32]byte
For use with golang/crypto/nacl/box If error, returns nil.
func (PubKeyEd25519) VerifyBytes ¶
func (pubKey PubKeyEd25519) VerifyBytes(msg []byte, sig_ Signature) bool
type PubKeySecp256k1 ¶
type PubKeySecp256k1 [33]byte
Implements PubKey. Compressed pubkey (just the x-cord), prefixed with 0x02 or 0x03, depending on the y-cord.
func (PubKeySecp256k1) Address ¶
func (pubKey PubKeySecp256k1) Address() Address
Implements Bitcoin style addresses: RIPEMD160(SHA256(pubkey))
func (PubKeySecp256k1) Bytes ¶
func (pubKey PubKeySecp256k1) Bytes() []byte
func (PubKeySecp256k1) Equals ¶
func (pubKey PubKeySecp256k1) Equals(other PubKey) bool
func (PubKeySecp256k1) String ¶
func (pubKey PubKeySecp256k1) String() string
func (PubKeySecp256k1) VerifyBytes ¶
func (pubKey PubKeySecp256k1) VerifyBytes(msg []byte, sig_ Signature) bool
type SignatureEd25519 ¶
type SignatureEd25519 [64]byte
Implements Signature
func (SignatureEd25519) Bytes ¶
func (sig SignatureEd25519) Bytes() []byte
func (SignatureEd25519) Equals ¶
func (sig SignatureEd25519) Equals(other Signature) bool
func (SignatureEd25519) IsZero ¶
func (sig SignatureEd25519) IsZero() bool
func (SignatureEd25519) String ¶
func (sig SignatureEd25519) String() string
type SignatureSecp256k1 ¶
type SignatureSecp256k1 []byte
Implements Signature
func (SignatureSecp256k1) Bytes ¶
func (sig SignatureSecp256k1) Bytes() []byte
func (SignatureSecp256k1) Equals ¶
func (sig SignatureSecp256k1) Equals(other Signature) bool
func (SignatureSecp256k1) IsZero ¶
func (sig SignatureSecp256k1) IsZero() bool
func (SignatureSecp256k1) String ¶
func (sig SignatureSecp256k1) String() string