torcrypto

package
v0.0.0-...-15325b8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 1, 2020 License: MIT Imports: 19 Imported by: 0

Documentation

Overview

Package torcrypto provides cryptographic functions useful in tor.

Index

Constants

View Source 
const (
	StreamCipherKeySize     = 16
	DiffieHellmanPublicSize = 128
	DiffieHellmanSecretSize = 40
	PublicKeyMessageSize    = 128
	PublicKeyPaddingSize    = 42
	HashSize                = 20
)

Security parameters.

Reference: https://github.com/torproject/torspec/blob/f9eeae509344dcfd1f185d0130a0055b00131cea/tor-spec.txt#L109-L112 

KEY_LEN=16.
DH_LEN=128; DH_SEC_LEN=40.
PK_ENC_LEN=128; PK_PAD_LEN=42.
HASH_LEN=20.

Variables

This section is empty.

Functions

func CheckPrivateKeyPermissions 

func CheckPrivateKeyPermissions(filename string) error

CheckPrivateKeyPermissions checks whether the given file has appropriate permissions for a private key.

func ExtractRSAPublicKeyFromCertificate 

func ExtractRSAPublicKeyFromCertificate(cert *x509.Certificate) (*rsa.PublicKey, error)

func Fingerprint 

func Fingerprint(k *rsa.PublicKey) ([]byte, error)

Fingerprint computes the SHA-1 hash of a public key referred to as a fingerprint.

func Fingerprint256 

func Fingerprint256(k *rsa.PublicKey) ([]byte, error)

Fingerprint256 computes the SHA-256 hash of a public key.

func GenerateRSA 

func GenerateRSA() (*rsa.PrivateKey, error)

GenerateRSA generates an RSA key pair according to the Tor requirements.

Reference: https://github.com/torproject/torspec/blob/master/tor-spec.txt#L77-L80 

For a public-key cipher, we use RSA with 1024-bit keys and a fixed
exponent of 65537.  We use OAEP-MGF1 padding, with SHA-1 as its digest
function.  We leave the optional "Label" parameter unset. (For OAEP
padding, see ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf)

func GenerateRSAWithBits 

func GenerateRSAWithBits(bits int) (*rsa.PrivateKey, error)

GenerateRSAWithBits generates an RSA private key of the given size.

func HashWrite 

func HashWrite(h hash.Hash, b []byte)

HashWrite provides a convenience for writing to a hash without tripping error checking linters. The hash.Hash interface satisfies io.Writer but promises to never return an error.

func HybridDecrypt 

func HybridDecrypt(pk *rsa.PrivateKey, z []byte) ([]byte, error)

HybridDecrypt decrypts ciphertext z with private key pk accoriding to "legacy hybrid encryption".

func KDFTOR 

func KDFTOR(k []byte, n int) ([]byte, error)

KDFTOR generates n bytes of key using the KDF-TOR algorithm.

func LoadRSAPrivateKeyFromPEMFile 

func LoadRSAPrivateKeyFromPEMFile(filename string) (*rsa.PrivateKey, error)

func LoadRSAPublicKeyFromPEMFile 

func LoadRSAPublicKeyFromPEMFile(filename string) (*rsa.PublicKey, error)

func MarshalRSAPrivateKeyPKCS1DER 

func MarshalRSAPrivateKeyPKCS1DER(k *rsa.PrivateKey) []byte

MarshalRSAPrivateKeyPKCS1DER encodes k as PKCS#1 DER.

func MarshalRSAPrivateKeyPKCS1PEM 

func MarshalRSAPrivateKeyPKCS1PEM(k *rsa.PrivateKey) []byte

MarshalRSAPrivateKeyPKCS1PEM encodes k as PKCS#1 PEM.

func MarshalRSAPublicKeyPKCS1DER 

func MarshalRSAPublicKeyPKCS1DER(k *rsa.PublicKey) ([]byte, error)

MarshalRSAPublicKeyPKCS1DER encodes k as PKCS#1 DER.

func MarshalRSAPublicKeyPKCS1PEM 

func MarshalRSAPublicKeyPKCS1PEM(k *rsa.PublicKey) ([]byte, error)

MarshalRSAPublicKeyPKCS1PEM encodes k as PKCS#1 PEM.

func MustRSAPrivateKey 

func MustRSAPrivateKey(k *rsa.PrivateKey, err error) *rsa.PrivateKey

func MustRSAPublicKey 

func MustRSAPublicKey(k *rsa.PublicKey, err error) *rsa.PublicKey

func NewStream 

func NewStream(key []byte) cipher.Stream

NewStream constructs a new stream cipher.

Reference: https://github.com/torproject/torspec/blob/8aaa36d1a062b20ca263b6ac613b77a3ba1eb113/tor-spec.txt#L77-L78 

For a stream cipher, unless otherwise specified, we use 128-bit AES in
counter mode, with an IV of all 0 bytes.  (We also require AES256.)

func ParseRSAPrivateKeyPKCS1DER 

func ParseRSAPrivateKeyPKCS1DER(b []byte) (*rsa.PrivateKey, error)

ParseRSAPrivateKeyPKCS1DER decodes PKCS#1 DER encoded private key.

func ParseRSAPrivateKeyPKCS1PEM 

func ParseRSAPrivateKeyPKCS1PEM(b []byte) (*rsa.PrivateKey, error)

ParseRSAPrivateKeyPKCS1PEM decodes PKCS#1 PEM encoded private key.

func ParseRSAPublicKeyFromCertificateDER 

func ParseRSAPublicKeyFromCertificateDER(der []byte) (*rsa.PublicKey, error)

func ParseRSAPublicKeyPKCS1DER 

func ParseRSAPublicKeyPKCS1DER(b []byte) (*rsa.PublicKey, error)

ParseRSAPublicKeyPKCS1DER decodes PKCS#1 DER encoded public key.

func ParseRSAPublicKeyPKCS1PEM 

func ParseRSAPublicKeyPKCS1PEM(b []byte) (*rsa.PublicKey, error)

ParseRSAPublicKeyPKCS1PEM decodes PKCS#1 PEM encoded public key.

func RSAPrivateKeySize 

func RSAPrivateKeySize(k *rsa.PrivateKey) int

RSAPrivateKeySize returns the modulus size of an RSA key. This is provided for convenience only: it is essentially the same as RSAPublicKeySize.

func RSAPublicKeySize 

func RSAPublicKeySize(k *rsa.PublicKey) int

RSAPublicKeySize returns the modulus size of an RSA key.

func RSAPublicKeysEqual 

func RSAPublicKeysEqual(k1, k2 *rsa.PublicKey) bool

RSAPublicKeysEqual returns whether two RSA public keys are equal.

func Rand 

func Rand(n int) []byte

Rand generates n bytes of cryptographic random. Panics if the read fails.

func SaveCurve25519KeyPairPrivateKeyToFile 

func SaveCurve25519KeyPairPrivateKeyToFile(k *Curve25519KeyPair, filename, label string) error

func SaveRSAPrivateKeyToPEMFile 

func SaveRSAPrivateKeyToPEMFile(k *rsa.PrivateKey, filename string) error

func SaveRSAPublicKeyToPEMFile 

func SaveRSAPublicKeyToPEMFile(k *rsa.PublicKey, filename string) error

func SetPrivateKeyPermissions 

func SetPrivateKeyPermissions(filename string) error

SetPrivateKeyPermissions sets permissions on a private key file.

func SignRSASHA1 

func SignRSASHA1(data []byte, k *rsa.PrivateKey) ([]byte, error)

SignRSASHA1 signs data with k. This is the RSA encryption of the SHA-1 hash of data, with PKCS#1 v1.5 padding.

func SignRSASHA256 

func SignRSASHA256(data []byte, k *rsa.PrivateKey) ([]byte, error)

SignRSASHA256 signs data with k. This is the RSA encryption of the SHA-256 hash of data, with PKCS#1 v1.5 padding.

func VerifyRSASHA1 

func VerifyRSASHA1(k *rsa.PublicKey, data, sig []byte) error

VerifyRSASHA1 verifies an RSA signature based on SHA1 hash, as produced by SignRSASHA1.

func VerifyRSASHA256 

func VerifyRSASHA256(k *rsa.PublicKey, data, sig []byte) error

VerifyRSASHA256 verifies an RSA signature based on SHA256 hash, as produced by SignRSASHA256.

Types

type Curve25519KeyPair 

type Curve25519KeyPair struct {
	Private [32]byte
	Public  [32]byte
}

Curve25519KeyPair represents a public/private curve25519 keys.

curve25519 keys are used in the ntor handshake.

Reference: https://github.com/torproject/torspec/blob/master/tor-spec.txt#L82 

For the "ntor" handshake, we also use the Curve25519 elliptic curve group.

Reference: https://github.com/torproject/torspec/blob/master/tor-spec.txt#L157-L163 

This is Curve25519 key:

 - A medium-term ntor "Onion key" used to handle onion key handshakes when
   accepting incoming circuit extend requests.  As with TAP onion keys,
   old ntor keys MUST be accepted for at least one week after they are no
   longer advertised.  Because of this, relays MUST retain old keys for a
   while after they're rotated.

func GenerateCurve25519KeyPair 

func GenerateCurve25519KeyPair() (*Curve25519KeyPair, error)

GenerateCurve25519KeyPair generates a Curve25519KeyPair using crypto/rand as the random source.

func LoadCurve25519KeyPairPrivateKeyFromFile 

func LoadCurve25519KeyPairPrivateKeyFromFile(filename, label string) (*Curve25519KeyPair, error)

type DiffieHellmanKey 

type DiffieHellmanKey struct {
	Private [DiffieHellmanSecretSize]byte
	Public  [DiffieHellmanPublicSize]byte
}

DiffieHellmanKey is a public/private Diffie-Hellman key pair.

func GenerateDiffieHellmanKey 

func GenerateDiffieHellmanKey() (*DiffieHellmanKey, error)

GenerateDiffieHellmanKey generates a Diffie-Hellman key pair..

func (*DiffieHellmanKey) ComputeSharedSecret 

func (k *DiffieHellmanKey) ComputeSharedSecret(pub []byte) ([]byte, error)

ComputeSharedSecret computes the shared secret given their public key.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.