ecdh

package
v0.9.1-rc1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 27, 2023 License: Apache-2.0 Imports: 5 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrInvalidPeerType = errors.New("invalid peer type")
)

Functions

func DeriveSharedSecret

func DeriveSharedSecret(ours EphemeralKeyPair, theirs PeerPublicKey) ([]byte, error)

Derives a 64-byte shared secret given one party's ephemeral keypair and another party's ephemeral public key obtained from ECDH.

The secret is computed using the following KDF (similar to libsodium):

blake2b-512(q || client-pub || server-pub).

where q is the 32-byte x25519 shared secret.

The client and server's public keys must be ordered the same way on both sides, so the peer's type (client or server) must be provided along with the peer's public key.

Types

type EphemeralKeyPair

type EphemeralKeyPair struct {
	PrivateKey *ecdh.PrivateKey
	PublicKey  *ecdh.PublicKey
}

func NewEphemeralKeyPair

func NewEphemeralKeyPair() EphemeralKeyPair

Creates a new x25519 keypair for use in ECDH key exchange.

type PeerPublicKey

type PeerPublicKey struct {
	PublicKey *ecdh.PublicKey
	PeerType  PeerType
}

func ClientPubKey added in v0.9.0

func ClientPubKey[T clientGetter](t T) (PeerPublicKey, error)

func ServerPubKey added in v0.9.0

func ServerPubKey[T serverGetter](t T) (PeerPublicKey, error)

type PeerType

type PeerType int
const (
	PeerTypeClient PeerType = iota
	PeerTypeServer
)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL