crypto

package module
v0.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 2, 2018 License: Apache-2.0 Imports: 21 Imported by: 0

README

go-crypto GoDoc

go-crypto is the cryptographic package adapted for Tendermint's uses

Importing it

import "github.com/tendermint/go-crypto"

Documentation

Overview

go-crypto is a customized/convenience cryptography package for supporting Tendermint.

It wraps select functionality of equivalent functions in the Go standard library, for easy usage with our libraries.

Keys:

All key generation functions return an instance of the PrivKey interface which implements methods 

AssertIsPrivKeyInner()
Bytes() []byte
Sign(msg []byte) Signature
PubKey() PubKey
Equals(PrivKey) bool
Wrap() PrivKey

From the above method we can: a) Retrieve the public key if needed 

pubKey := key.PubKey()

For example: 

    privKey, err := crypto.GenPrivKeyEd25519()
    if err != nil {
	...
    }
    pubKey := privKey.PubKey()
    ...
    // And then you can use the private and public key
    doSomething(privKey, pubKey)

We also provide hashing wrappers around algorithms:

Sha256 

sum := crypto.Sha256([]byte("This is Tendermint"))
fmt.Printf("%x\n", sum)

Ripemd160 

sum := crypto.Ripemd160([]byte("This is consensus"))
fmt.Printf("%x\n", sum)

Index

Examples

Constants

View Source 
const (
	TypeEd25519   = byte(0x01)
	TypeSecp256k1 = byte(0x02)
	NameEd25519   = "ed25519"
	NameSecp256k1 = "secp256k1"
)

Types of implementations

View Source 
const Version = "0.5.0"

Variables

View Source 
var PrivKeyMapper = data.NewMapper(PrivKey{})
View Source 
var PubKeyMapper = data.NewMapper(PubKey{})
View Source 
var SignatureMapper = data.NewMapper(Signature{})

Functions

func CRandBytes 

func CRandBytes(numBytes int) []byte

This uses the OS and the Seed(s).

func CRandHex 

func CRandHex(numDigits int) string

CRandHex returns a hex encoded string that's floor(numDigits/2) * 2 long.

Note: CRandHex(24) gives 96 bits of randomness that are usually strong enough for most purposes.

func CReader 

func CReader() io.Reader

Returns a crand.Reader mixed with user-supplied entropy

func DecodeArmor 

func DecodeArmor(armorStr string) (blockType string, headers map[string]string, data []byte, err error)

func DecryptSymmetric 

func DecryptSymmetric(ciphertext []byte, secret []byte) (plaintext []byte, err error)

secret must be 32 bytes long. Use something like Sha256(Bcrypt(passphrase)) The ciphertext is (secretbox.Overhead + 24) bytes longer than the plaintext.

func EncodeArmor 

func EncodeArmor(blockType string, headers map[string]string, data []byte) string

func EncryptSymmetric 

func EncryptSymmetric(plaintext []byte, secret []byte) (ciphertext []byte)

secret must be 32 bytes long. Use something like Sha256(Bcrypt(passphrase)) The ciphertext is (secretbox.Overhead + 24) bytes longer than the plaintext. NOTE: call crypto.MixEntropy() first.

func MixEntropy 

func MixEntropy(seedBytes []byte)

Mix additional bytes of randomness, e.g. from hardware, user-input, etc. It is OK to call it multiple times. It does not diminish security.

func Ripemd160 

func Ripemd160(bytes []byte) []byte
Example 
sum := crypto.Ripemd160([]byte("This is Tendermint"))
fmt.Printf("%x\n", sum)

Output:

051e22663e8f0fd2f2302f1210f954adff009005

func Sha256 

func Sha256(bytes []byte) []byte
Example 
sum := crypto.Sha256([]byte("This is Tendermint"))
fmt.Printf("%x\n", sum)

Output:

f91afb642f3d1c87c17eb01aae5cb65c242dfdbe7cf1066cc260f4ce5d33b94e

Types

type Address added in v0.5.0 

type Address = cmn.HexBytes

An address is a []byte, but hex-encoded even in JSON. []byte leaves us the option to change the address length. Use an alias so Unmarshal methods (with ptr receivers) are available too.

type PrivKey 

type PrivKey struct {
	PrivKeyInner "json:\"unwrap\""
}

func PrivKeyFromBytes 

func PrivKeyFromBytes(privKeyBytes []byte) (privKey PrivKey, err error)

func (PrivKey) Empty added in v0.2.0 

func (h PrivKey) Empty() bool

func (PrivKey) MarshalJSON added in v0.2.0 

func (h PrivKey) MarshalJSON() ([]byte, error)

func (*PrivKey) UnmarshalJSON added in v0.2.0 

func (h *PrivKey) UnmarshalJSON(data []byte) (err error)

func (PrivKey) Unwrap added in v0.2.0 

func (h PrivKey) Unwrap() PrivKeyInner

Unwrap recovers the concrete interface safely (regardless of levels of embeds)

type PrivKeyEd25519 

type PrivKeyEd25519 [64]byte

Implements PrivKey

func GenPrivKeyEd25519 

func GenPrivKeyEd25519() PrivKeyEd25519

func GenPrivKeyEd25519FromSecret 

func GenPrivKeyEd25519FromSecret(secret []byte) PrivKeyEd25519

NOTE: secret should be the output of a KDF like bcrypt, if it's derived from user input.

func (PrivKeyEd25519) AssertIsPrivKeyInner added in v0.2.0 

func (privKey PrivKeyEd25519) AssertIsPrivKeyInner()

func (PrivKeyEd25519) Bytes 

func (privKey PrivKeyEd25519) Bytes() []byte

func (PrivKeyEd25519) Equals 

func (privKey PrivKeyEd25519) Equals(other PrivKey) bool

Equals - you probably don't need to use this. Runs in constant time based on length of the keys.

func (PrivKeyEd25519) Generate 

func (privKey PrivKeyEd25519) Generate(index int) PrivKeyEd25519

Deterministically generates new priv-key bytes from key.

func (PrivKeyEd25519) MarshalJSON 

func (p PrivKeyEd25519) MarshalJSON() ([]byte, error)

func (PrivKeyEd25519) PubKey 

func (privKey PrivKeyEd25519) PubKey() PubKey

func (PrivKeyEd25519) Sign 

func (privKey PrivKeyEd25519) Sign(msg []byte) Signature

func (PrivKeyEd25519) String 

func (privKey PrivKeyEd25519) String() string

func (PrivKeyEd25519) ToCurve25519 

func (privKey PrivKeyEd25519) ToCurve25519() *[32]byte

func (*PrivKeyEd25519) UnmarshalJSON 

func (p *PrivKeyEd25519) UnmarshalJSON(enc []byte) error

func (PrivKeyEd25519) Wrap added in v0.2.0 

func (hi PrivKeyEd25519) Wrap() PrivKey

type PrivKeyInner added in v0.2.0 

type PrivKeyInner interface {
	AssertIsPrivKeyInner()
	Bytes() []byte
	Sign(msg []byte) Signature
	PubKey() PubKey
	Equals(PrivKey) bool
	Wrap() PrivKey
}

DO NOT USE THIS INTERFACE. You probably want to use PrivKey +gen wrapper:"PrivKey,Impl[PrivKeyEd25519,PrivKeySecp256k1],ed25519,secp256k1"

type PrivKeySecp256k1 

type PrivKeySecp256k1 [32]byte

Implements PrivKey

func GenPrivKeySecp256k1 

func GenPrivKeySecp256k1() PrivKeySecp256k1

func GenPrivKeySecp256k1FromSecret 

func GenPrivKeySecp256k1FromSecret(secret []byte) PrivKeySecp256k1

NOTE: secret should be the output of a KDF like bcrypt, if it's derived from user input.

func (PrivKeySecp256k1) AssertIsPrivKeyInner added in v0.2.0 

func (privKey PrivKeySecp256k1) AssertIsPrivKeyInner()

func (PrivKeySecp256k1) Bytes 

func (privKey PrivKeySecp256k1) Bytes() []byte

func (PrivKeySecp256k1) Equals 

func (privKey PrivKeySecp256k1) Equals(other PrivKey) bool

Equals - you probably don't need to use this. Runs in constant time based on length of the keys.

func (PrivKeySecp256k1) MarshalJSON 

func (p PrivKeySecp256k1) MarshalJSON() ([]byte, error)

func (PrivKeySecp256k1) PubKey 

func (privKey PrivKeySecp256k1) PubKey() PubKey

func (PrivKeySecp256k1) Sign 

func (privKey PrivKeySecp256k1) Sign(msg []byte) Signature

func (PrivKeySecp256k1) String 

func (privKey PrivKeySecp256k1) String() string

func (*PrivKeySecp256k1) UnmarshalJSON 

func (p *PrivKeySecp256k1) UnmarshalJSON(enc []byte) error

func (PrivKeySecp256k1) Wrap added in v0.2.0 

func (hi PrivKeySecp256k1) Wrap() PrivKey

type PubKey 

type PubKey struct {
	PubKeyInner "json:\"unwrap\""
}

func PubKeyFromBytes 

func PubKeyFromBytes(pubKeyBytes []byte) (pubKey PubKey, err error)

func (PubKey) Empty added in v0.2.0 

func (h PubKey) Empty() bool

func (PubKey) MarshalJSON added in v0.2.0 

func (h PubKey) MarshalJSON() ([]byte, error)

func (*PubKey) UnmarshalJSON added in v0.2.0 

func (h *PubKey) UnmarshalJSON(data []byte) (err error)

func (PubKey) Unwrap added in v0.2.0 

func (h PubKey) Unwrap() PubKeyInner

Unwrap recovers the concrete interface safely (regardless of levels of embeds)

type PubKeyEd25519 

type PubKeyEd25519 [32]byte

Implements PubKeyInner

func (PubKeyEd25519) Address 

func (pubKey PubKeyEd25519) Address() Address

func (PubKeyEd25519) AssertIsPubKeyInner added in v0.2.0 

func (pubKey PubKeyEd25519) AssertIsPubKeyInner()

func (PubKeyEd25519) Bytes 

func (pubKey PubKeyEd25519) Bytes() []byte

func (PubKeyEd25519) Equals 

func (pubKey PubKeyEd25519) Equals(other PubKey) bool

func (PubKeyEd25519) KeyString 

func (pubKey PubKeyEd25519) KeyString() string

Must return the full bytes in hex. Used for map keying, etc.

func (PubKeyEd25519) MarshalJSON 

func (p PubKeyEd25519) MarshalJSON() ([]byte, error)

func (PubKeyEd25519) String 

func (pubKey PubKeyEd25519) String() string

func (PubKeyEd25519) ToCurve25519 

func (pubKey PubKeyEd25519) ToCurve25519() *[32]byte

For use with golang/crypto/nacl/box If error, returns nil.

func (*PubKeyEd25519) UnmarshalJSON 

func (p *PubKeyEd25519) UnmarshalJSON(enc []byte) error

func (PubKeyEd25519) VerifyBytes 

func (pubKey PubKeyEd25519) VerifyBytes(msg []byte, sig_ Signature) bool

func (PubKeyEd25519) Wrap added in v0.2.0 

func (hi PubKeyEd25519) Wrap() PubKey

type PubKeyInner added in v0.2.0 

type PubKeyInner interface {
	AssertIsPubKeyInner()
	Address() Address
	Bytes() []byte
	KeyString() string
	VerifyBytes(msg []byte, sig Signature) bool
	Equals(PubKey) bool
	Wrap() PubKey
}

DO NOT USE THIS INTERFACE. You probably want to use PubKey +gen wrapper:"PubKey,Impl[PubKeyEd25519,PubKeySecp256k1],ed25519,secp256k1"

type PubKeySecp256k1 

type PubKeySecp256k1 [33]byte

Implements PubKey. Compressed pubkey (just the x-cord), prefixed with 0x02 or 0x03, depending on the y-cord.

func (PubKeySecp256k1) Address 

func (pubKey PubKeySecp256k1) Address() Address

Implements Bitcoin style addresses: RIPEMD160(SHA256(pubkey))

func (PubKeySecp256k1) AssertIsPubKeyInner added in v0.2.0 

func (pubKey PubKeySecp256k1) AssertIsPubKeyInner()

func (PubKeySecp256k1) Bytes 

func (pubKey PubKeySecp256k1) Bytes() []byte

func (PubKeySecp256k1) Equals 

func (pubKey PubKeySecp256k1) Equals(other PubKey) bool

func (PubKeySecp256k1) KeyString 

func (pubKey PubKeySecp256k1) KeyString() string

Must return the full bytes in hex. Used for map keying, etc.

func (PubKeySecp256k1) MarshalJSON 

func (p PubKeySecp256k1) MarshalJSON() ([]byte, error)

func (PubKeySecp256k1) String 

func (pubKey PubKeySecp256k1) String() string

func (*PubKeySecp256k1) UnmarshalJSON 

func (p *PubKeySecp256k1) UnmarshalJSON(enc []byte) error

func (PubKeySecp256k1) VerifyBytes 

func (pubKey PubKeySecp256k1) VerifyBytes(msg []byte, sig_ Signature) bool

func (PubKeySecp256k1) Wrap added in v0.2.0 

func (hi PubKeySecp256k1) Wrap() PubKey

type Signature 

type Signature struct {
	SignatureInner "json:\"unwrap\""
}

func SignatureEd25519FromBytes added in v0.4.0 

func SignatureEd25519FromBytes(data []byte) Signature

func SignatureFromBytes 

func SignatureFromBytes(sigBytes []byte) (sig Signature, err error)

func (Signature) Empty added in v0.2.0 

func (h Signature) Empty() bool

func (Signature) MarshalJSON added in v0.2.0 

func (h Signature) MarshalJSON() ([]byte, error)

func (*Signature) UnmarshalJSON added in v0.2.0 

func (h *Signature) UnmarshalJSON(data []byte) (err error)

func (Signature) Unwrap added in v0.2.0 

func (h Signature) Unwrap() SignatureInner

Unwrap recovers the concrete interface safely (regardless of levels of embeds)

type SignatureEd25519 

type SignatureEd25519 [64]byte

Implements Signature

func (SignatureEd25519) AssertIsSignatureInner added in v0.2.0 

func (sig SignatureEd25519) AssertIsSignatureInner()

func (SignatureEd25519) Bytes 

func (sig SignatureEd25519) Bytes() []byte

func (SignatureEd25519) Equals 

func (sig SignatureEd25519) Equals(other Signature) bool

func (SignatureEd25519) IsZero 

func (sig SignatureEd25519) IsZero() bool

func (SignatureEd25519) MarshalJSON 

func (sig SignatureEd25519) MarshalJSON() ([]byte, error)

func (SignatureEd25519) String 

func (sig SignatureEd25519) String() string

func (*SignatureEd25519) UnmarshalJSON 

func (sig *SignatureEd25519) UnmarshalJSON(enc []byte) error

func (SignatureEd25519) Wrap added in v0.2.0 

func (hi SignatureEd25519) Wrap() Signature

type SignatureInner added in v0.2.0 

type SignatureInner interface {
	AssertIsSignatureInner()
	Bytes() []byte
	IsZero() bool
	Equals(Signature) bool
	Wrap() Signature
}

DO NOT USE THIS INTERFACE. You probably want to use Signature. +gen wrapper:"Signature,Impl[SignatureEd25519,SignatureSecp256k1],ed25519,secp256k1"

type SignatureSecp256k1 

type SignatureSecp256k1 []byte

Implements Signature

func (SignatureSecp256k1) AssertIsSignatureInner added in v0.2.0 

func (sig SignatureSecp256k1) AssertIsSignatureInner()

func (SignatureSecp256k1) Bytes 

func (sig SignatureSecp256k1) Bytes() []byte

func (SignatureSecp256k1) Equals 

func (sig SignatureSecp256k1) Equals(other Signature) bool

func (SignatureSecp256k1) IsZero 

func (sig SignatureSecp256k1) IsZero() bool

func (SignatureSecp256k1) MarshalJSON 

func (sig SignatureSecp256k1) MarshalJSON() ([]byte, error)

func (SignatureSecp256k1) String 

func (sig SignatureSecp256k1) String() string

func (*SignatureSecp256k1) UnmarshalJSON 

func (sig *SignatureSecp256k1) UnmarshalJSON(enc []byte) error

func (SignatureSecp256k1) Wrap added in v0.2.0 

func (hi SignatureSecp256k1) Wrap() Signature

Source Files

View all Source files

Directories

Path Synopsis
bcrypt
hd
words
words/wordlist

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.