crypto

package
v0.6.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 30, 2020 License: Apache-2.0, MIT, Apache-2.0, + 1 more Imports: 25 Imported by: 1,177

Documentation

Overview

Package crypto implements various cryptographic utilities used by libp2p. This includes a Public and Private key interface and key implementations for supported key algorithms.

Index

Constants

View Source
const (
	// RSA is an enum for the supported RSA key type
	RSA = iota
	// Ed25519 is an enum for the supported Ed25519 key type
	Ed25519
	// Secp256k1 is an enum for the supported Secp256k1 key type
	Secp256k1
	// ECDSA is an enum for the supported ECDSA key type
	ECDSA
)
View Source
const WeakRsaKeyEnv = "LIBP2P_ALLOW_WEAK_RSA_KEYS"

WeakRsaKeyEnv is an environment variable which, when set, lowers the minimum required bits of RSA keys to 512. This should be used exclusively in test situations.

Variables

View Source
var (
	// ErrNotECDSAPubKey is returned when the public key passed is not an ecdsa public key
	ErrNotECDSAPubKey = errors.New("not an ecdsa public key")
	// ErrNilSig is returned when the signature is nil
	ErrNilSig = errors.New("sig is nil")
	// ErrNilPrivateKey is returned when a nil private key is provided
	ErrNilPrivateKey = errors.New("private key is nil")
	// ErrNilPublicKey is returned when a nil public key is provided
	ErrNilPublicKey = errors.New("public key is nil")
	// ECDSACurve is the default ecdsa curve used
	ECDSACurve = elliptic.P256()
)
View Source
var (
	// ErrBadKeyType is returned when a key is not supported
	ErrBadKeyType = errors.New("invalid or unsupported key type")
	// KeyTypes is a list of supported keys
	KeyTypes = []int{
		RSA,
		Ed25519,
		Secp256k1,
		ECDSA,
	}
)
View Source
var ErrRsaKeyTooSmall error

ErrRsaKeyTooSmall is returned when trying to generate or parse an RSA key that's smaller than MinRsaKeyBits bits. In test

View Source
var MinRsaKeyBits = 2048

PrivKeyUnmarshallers is a map of unmarshallers by key type

PubKeyUnmarshallers is a map of unmarshallers by key type

Functions

func ConfigDecodeKey

func ConfigDecodeKey(b string) ([]byte, error)

ConfigDecodeKey decodes from b64 (for config file) to a byte array that can be unmarshalled.

func ConfigEncodeKey

func ConfigEncodeKey(b []byte) string

ConfigEncodeKey encodes a marshalled key to b64 (for config file).

func ECDSAKeyPairFromKey

func ECDSAKeyPairFromKey(priv *ecdsa.PrivateKey) (PrivKey, PubKey, error)

ECDSAKeyPairFromKey generates a new ecdsa private and public key from an input private key

func GenerateECDSAKeyPair

func GenerateECDSAKeyPair(src io.Reader) (PrivKey, PubKey, error)

GenerateECDSAKeyPair generates a new ecdsa private and public key

func GenerateECDSAKeyPairWithCurve

func GenerateECDSAKeyPairWithCurve(curve elliptic.Curve, src io.Reader) (PrivKey, PubKey, error)

GenerateECDSAKeyPairWithCurve generates a new ecdsa private and public key with a speicified curve

func GenerateEd25519Key

func GenerateEd25519Key(src io.Reader) (PrivKey, PubKey, error)

GenerateEd25519Key generates a new ed25519 private and public key pair.

func GenerateKeyPair

func GenerateKeyPair(typ, bits int) (PrivKey, PubKey, error)

GenerateKeyPair generates a private and public key

func GenerateKeyPairWithReader

func GenerateKeyPairWithReader(typ, bits int, src io.Reader) (PrivKey, PubKey, error)

GenerateKeyPairWithReader returns a keypair of the given type and bitsize

func GenerateRSAKeyPair

func GenerateRSAKeyPair(bits int, src io.Reader) (PrivKey, PubKey, error)

GenerateRSAKeyPair generates a new rsa private and public key

func GenerateSecp256k1Key

func GenerateSecp256k1Key(src io.Reader) (PrivKey, PubKey, error)

GenerateSecp256k1Key generates a new Secp256k1 private and public key pair

func KeyEqual

func KeyEqual(k1, k2 Key) bool

KeyEqual checks whether two Keys are equivalent (have identical byte representations).

func KeyPairFromStdKey added in v0.2.4

func KeyPairFromStdKey(priv crypto.PrivateKey) (PrivKey, PubKey, error)

KeyPairFromStdKey wraps standard library (and secp256k1) private keys in libp2p/go-libp2p-core/crypto keys

func KeyStretcher

func KeyStretcher(cipherType string, hashType string, secret []byte) (StretchedKeys, StretchedKeys)

PENDING DEPRECATION: KeyStretcher() will be deprecated with secio; for new code, please use PBKDF2 (golang.org/x/crypto/pbkdf2) instead. KeyStretcher returns a set of keys for each party by stretching the shared key. (myIV, theirIV, myCipherKey, theirCipherKey, myMACKey, theirMACKey). This function accepts the following cipher types: - AES-128 - AES-256 The function will panic upon receiving an unknown cipherType

func MarshalECDSAPrivateKey

func MarshalECDSAPrivateKey(ePriv ECDSAPrivateKey) ([]byte, error)

MarshalECDSAPrivateKey returns x509 bytes from a private key

func MarshalECDSAPublicKey

func MarshalECDSAPublicKey(ePub ECDSAPublicKey) ([]byte, error)

MarshalECDSAPublicKey returns x509 bytes from a public key

func MarshalPrivateKey

func MarshalPrivateKey(k PrivKey) ([]byte, error)

MarshalPrivateKey converts a key object into its protobuf serialized form.

func MarshalPublicKey

func MarshalPublicKey(k PubKey) ([]byte, error)

MarshalPublicKey converts a public key object into a protobuf serialized public key

func PrivKeyToStdKey added in v0.4.0

func PrivKeyToStdKey(priv PrivKey) (crypto.PrivateKey, error)

PrivKeyToStdKey converts libp2p/go-libp2p-core/crypto private keys to standard library (and secp256k1) private keys

func PubKeyToStdKey added in v0.4.0

func PubKeyToStdKey(pub PubKey) (crypto.PublicKey, error)

PubKeyToStdKey converts libp2p/go-libp2p-core/crypto private keys to standard library (and secp256k1) public keys

func PublicKeyToProto

func PublicKeyToProto(k PubKey) (*pb.PublicKey, error)

PublicKeyToProto converts a public key object into an unserialized protobuf PublicKey message.

Types

type ECDSAPrivateKey

type ECDSAPrivateKey struct {
	// contains filtered or unexported fields
}

ECDSAPrivateKey is an implementation of an ECDSA private key

func (*ECDSAPrivateKey) Bytes

func (ePriv *ECDSAPrivateKey) Bytes() ([]byte, error)

Bytes returns the private key as protobuf bytes

func (*ECDSAPrivateKey) Equals

func (ePriv *ECDSAPrivateKey) Equals(o Key) bool

Equals compares two private keys

func (*ECDSAPrivateKey) GetPublic

func (ePriv *ECDSAPrivateKey) GetPublic() PubKey

GetPublic returns a public key

func (*ECDSAPrivateKey) Raw

func (ePriv *ECDSAPrivateKey) Raw() ([]byte, error)

Raw returns x509 bytes from a private key

func (*ECDSAPrivateKey) Sign

func (ePriv *ECDSAPrivateKey) Sign(data []byte) ([]byte, error)

Sign returns the signature of the input data

func (*ECDSAPrivateKey) Type

func (ePriv *ECDSAPrivateKey) Type() pb.KeyType

Type returns the key type

type ECDSAPublicKey

type ECDSAPublicKey struct {
	// contains filtered or unexported fields
}

ECDSAPublicKey is an implementation of an ECDSA public key

func (*ECDSAPublicKey) Bytes

func (ePub *ECDSAPublicKey) Bytes() ([]byte, error)

Bytes returns the public key as protobuf bytes

func (*ECDSAPublicKey) Equals

func (ePub *ECDSAPublicKey) Equals(o Key) bool

Equals compares to public keys

func (*ECDSAPublicKey) Raw

func (ePub *ECDSAPublicKey) Raw() ([]byte, error)

Raw returns x509 bytes from a public key

func (*ECDSAPublicKey) Type

func (ePub *ECDSAPublicKey) Type() pb.KeyType

Type returns the key type

func (*ECDSAPublicKey) Verify

func (ePub *ECDSAPublicKey) Verify(data, sigBytes []byte) (bool, error)

Verify compares data to a signature

type ECDSASig

type ECDSASig struct {
	R, S *big.Int
}

ECDSASig holds the r and s values of an ECDSA signature

type Ed25519PrivateKey

type Ed25519PrivateKey struct {
	// contains filtered or unexported fields
}

Ed25519PrivateKey is an ed25519 private key.

func (*Ed25519PrivateKey) Bytes

func (k *Ed25519PrivateKey) Bytes() ([]byte, error)

Bytes marshals an ed25519 private key to protobuf bytes.

func (*Ed25519PrivateKey) Equals

func (k *Ed25519PrivateKey) Equals(o Key) bool

Equals compares two ed25519 private keys.

func (*Ed25519PrivateKey) GetPublic

func (k *Ed25519PrivateKey) GetPublic() PubKey

GetPublic returns an ed25519 public key from a private key.

func (*Ed25519PrivateKey) Raw

func (k *Ed25519PrivateKey) Raw() ([]byte, error)

Raw private key bytes.

func (*Ed25519PrivateKey) Sign

func (k *Ed25519PrivateKey) Sign(msg []byte) ([]byte, error)

Sign returns a signature from an input message.

func (*Ed25519PrivateKey) Type

func (k *Ed25519PrivateKey) Type() pb.KeyType

Type of the private key (Ed25519).

type Ed25519PublicKey

type Ed25519PublicKey struct {
	// contains filtered or unexported fields
}

Ed25519PublicKey is an ed25519 public key.

func (*Ed25519PublicKey) Bytes

func (k *Ed25519PublicKey) Bytes() ([]byte, error)

Bytes returns a ed25519 public key as protobuf bytes.

func (*Ed25519PublicKey) Equals

func (k *Ed25519PublicKey) Equals(o Key) bool

Equals compares two ed25519 public keys.

func (*Ed25519PublicKey) Raw

func (k *Ed25519PublicKey) Raw() ([]byte, error)

Raw public key bytes.

func (*Ed25519PublicKey) Type

func (k *Ed25519PublicKey) Type() pb.KeyType

Type of the public key (Ed25519).

func (*Ed25519PublicKey) Verify

func (k *Ed25519PublicKey) Verify(data []byte, sig []byte) (bool, error)

Verify checks a signature agains the input data.

type GenSharedKey

type GenSharedKey func([]byte) ([]byte, error)

GenSharedKey generates the shared key from a given private key

func GenerateEKeyPair

func GenerateEKeyPair(curveName string) ([]byte, GenSharedKey, error)

GenerateEKeyPair returns an ephemeral public key and returns a function that will compute the shared secret key. Used in the identify module.

Focuses only on ECDH now, but can be made more general in the future.

type Key

type Key interface {
	// Bytes returns a serialized, storeable representation of this key
	// DEPRECATED in favor of Marshal / Unmarshal
	Bytes() ([]byte, error)

	// Equals checks whether two PubKeys are the same
	Equals(Key) bool

	// Raw returns the raw bytes of the key (not wrapped in the
	// libp2p-crypto protobuf).
	//
	// This function is the inverse of {Priv,Pub}KeyUnmarshaler.
	Raw() ([]byte, error)

	// Type returns the protobof key type.
	Type() pb.KeyType
}

Key represents a crypto key that can be compared to another key

type PrivKey

type PrivKey interface {
	Key

	// Cryptographically sign the given bytes
	Sign([]byte) ([]byte, error)

	// Return a public key paired with this private key
	GetPublic() PubKey
}

PrivKey represents a private key that can be used to generate a public key and sign data

func UnmarshalECDSAPrivateKey

func UnmarshalECDSAPrivateKey(data []byte) (PrivKey, error)

UnmarshalECDSAPrivateKey returns a private key from x509 bytes

func UnmarshalEd25519PrivateKey

func UnmarshalEd25519PrivateKey(data []byte) (PrivKey, error)

UnmarshalEd25519PrivateKey returns a private key from input bytes.

func UnmarshalPrivateKey

func UnmarshalPrivateKey(data []byte) (PrivKey, error)

UnmarshalPrivateKey converts a protobuf serialized private key into its representative object

func UnmarshalRsaPrivateKey

func UnmarshalRsaPrivateKey(b []byte) (PrivKey, error)

UnmarshalRsaPrivateKey returns a private key from the input x509 bytes

func UnmarshalSecp256k1PrivateKey

func UnmarshalSecp256k1PrivateKey(data []byte) (PrivKey, error)

UnmarshalSecp256k1PrivateKey returns a private key from bytes

type PrivKeyUnmarshaller

type PrivKeyUnmarshaller func(data []byte) (PrivKey, error)

PrivKeyUnmarshaller is a func that creates a PrivKey from a given slice of bytes

type PubKey

type PubKey interface {
	Key

	// Verify that 'sig' is the signed hash of 'data'
	Verify(data []byte, sig []byte) (bool, error)
}

PubKey is a public key that can be used to verifiy data signed with the corresponding private key

func PublicKeyFromProto

func PublicKeyFromProto(pmes *pb.PublicKey) (PubKey, error)

PublicKeyFromProto converts an unserialized protobuf PublicKey message into its representative object.

func UnmarshalECDSAPublicKey

func UnmarshalECDSAPublicKey(data []byte) (PubKey, error)

UnmarshalECDSAPublicKey returns the public key from x509 bytes

func UnmarshalEd25519PublicKey

func UnmarshalEd25519PublicKey(data []byte) (PubKey, error)

UnmarshalEd25519PublicKey returns a public key from input bytes.

func UnmarshalPublicKey

func UnmarshalPublicKey(data []byte) (PubKey, error)

UnmarshalPublicKey converts a protobuf serialized public key into its representative object

func UnmarshalRsaPublicKey

func UnmarshalRsaPublicKey(b []byte) (PubKey, error)

UnmarshalRsaPublicKey returns a public key from the input x509 bytes

func UnmarshalSecp256k1PublicKey

func UnmarshalSecp256k1PublicKey(data []byte) (PubKey, error)

UnmarshalSecp256k1PublicKey returns a public key from bytes

type PubKeyUnmarshaller

type PubKeyUnmarshaller func(data []byte) (PubKey, error)

PubKeyUnmarshaller is a func that creates a PubKey from a given slice of bytes

type RsaPrivateKey

type RsaPrivateKey struct {
	// contains filtered or unexported fields
}

RsaPrivateKey is an rsa private key

func (*RsaPrivateKey) Bytes

func (sk *RsaPrivateKey) Bytes() ([]byte, error)

Bytes returns protobuf bytes from a private key

func (*RsaPrivateKey) Equals

func (sk *RsaPrivateKey) Equals(k Key) bool

Equals checks whether this key is equal to another

func (*RsaPrivateKey) GetPublic

func (sk *RsaPrivateKey) GetPublic() PubKey

GetPublic returns a public key

func (*RsaPrivateKey) Raw

func (sk *RsaPrivateKey) Raw() ([]byte, error)

func (*RsaPrivateKey) Sign

func (sk *RsaPrivateKey) Sign(message []byte) ([]byte, error)

Sign returns a signature of the input data

func (*RsaPrivateKey) Type

func (sk *RsaPrivateKey) Type() pb.KeyType

type RsaPublicKey

type RsaPublicKey struct {
	// contains filtered or unexported fields
}

RsaPublicKey is an rsa public key

func (*RsaPublicKey) Bytes

func (pk *RsaPublicKey) Bytes() ([]byte, error)

Bytes returns protobuf bytes of a public key

func (*RsaPublicKey) Equals

func (pk *RsaPublicKey) Equals(k Key) bool

Equals checks whether this key is equal to another

func (*RsaPublicKey) Raw

func (pk *RsaPublicKey) Raw() ([]byte, error)

func (*RsaPublicKey) Type

func (pk *RsaPublicKey) Type() pb.KeyType

func (*RsaPublicKey) Verify

func (pk *RsaPublicKey) Verify(data, sig []byte) (bool, error)

Verify compares a signature against input data

type Secp256k1PrivateKey

type Secp256k1PrivateKey btcec.PrivateKey

Secp256k1PrivateKey is an Secp256k1 private key

func (*Secp256k1PrivateKey) Bytes

func (k *Secp256k1PrivateKey) Bytes() ([]byte, error)

Bytes returns protobuf bytes from a private key

func (*Secp256k1PrivateKey) Equals

func (k *Secp256k1PrivateKey) Equals(o Key) bool

Equals compares two private keys

func (*Secp256k1PrivateKey) GetPublic

func (k *Secp256k1PrivateKey) GetPublic() PubKey

GetPublic returns a public key

func (*Secp256k1PrivateKey) Raw

func (k *Secp256k1PrivateKey) Raw() ([]byte, error)

Raw returns the bytes of the key

func (*Secp256k1PrivateKey) Sign

func (k *Secp256k1PrivateKey) Sign(data []byte) ([]byte, error)

Sign returns a signature from input data

func (*Secp256k1PrivateKey) Type

func (k *Secp256k1PrivateKey) Type() pb.KeyType

Type returns the private key type

type Secp256k1PublicKey

type Secp256k1PublicKey btcec.PublicKey

Secp256k1PublicKey is an Secp256k1 public key

func (*Secp256k1PublicKey) Bytes

func (k *Secp256k1PublicKey) Bytes() ([]byte, error)

Bytes returns protobuf bytes from a public key

func (*Secp256k1PublicKey) Equals

func (k *Secp256k1PublicKey) Equals(o Key) bool

Equals compares two public keys

func (*Secp256k1PublicKey) Raw

func (k *Secp256k1PublicKey) Raw() ([]byte, error)

Raw returns the bytes of the key

func (*Secp256k1PublicKey) Type

func (k *Secp256k1PublicKey) Type() pb.KeyType

Type returns the public key type

func (*Secp256k1PublicKey) Verify

func (k *Secp256k1PublicKey) Verify(data []byte, sigStr []byte) (bool, error)

Verify compares a signature against the input data

type StretchedKeys

type StretchedKeys struct {
	IV        []byte
	MacKey    []byte
	CipherKey []byte
}

StretchedKeys ...

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL