delphi

package module
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 4, 2024 License: MIT Imports: 15 Imported by: 2

README

Go Delphi

Delphi is a package that provides secure, efficient cryptographic operations with a few nice features:

  • perfect forward secrecy is provided using X25519 key exchange and ephemeral keys
  • all keys are the same length (public, private, encryption, decryption) (32 bytes)
  • ed25519 for signatures and verification
  • a nice sensible API

Getting Started

$ go get github.com/sean9999/go-delphi@latest

import (
	"crypto/rand"
	"testing"

	"github.com/sean9999/go-delphi"
	"github.com/stretchr/testify/assert"
)

func TestExample(t *testing.T) {

	//	some plain text
	sentence := []byte("hello world")

	//	create two principals
	alice := delphi.NewPrincipal(rand.Reader)
	bob := delphi.NewPrincipal(rand.Reader)

	//	create a message for bob, from alice
	msg := delphi.NewMessage(rand.Reader, sentence)
	msg.Sender = alice.PublicKey()
	msg.Recipient = bob.PublicKey()

	//	add some metadata (this becomes AAD)
	msg.Headers.Set("foo", []byte("bar"))
	msg.Headers.Set("bing", []byte("bat"))

	//	encrypt message
	err := msg.Encrypt(rand.Reader, alice, nil)
	assert.NoError(t, err)

	//	decrpyt message
	err = bob.Decrypt(msg, nil)
	assert.NoError(t, err)

	//	is decrypted text same as plain text?
	assert.Equal(t, sentence, msg.PlainText)

	//	has the metadata survived?
	foo, ok := msg.Headers.Get("foo")
	assert.True(t, ok)
	assert.Equal(t, []byte("bar"), foo)

}

Documentation

Index

Constants

View Source 
const ByteSize = 128
View Source 
const GLOBAL_SALT = "oracle/v1"
View Source 
const NonceSize = chacha20poly1305.NonceSize

Variables

View Source 
var ErrBadKey = errors.New("bad key")
View Source 
var ErrDecryptionFailed = errors.New("decryption failed")
View Source 
var ErrDelphi = errors.New("delphi")
View Source 
var ErrEncryptionFailed = errors.New("encryption failed")
View Source 
var ErrNoEphemeralKey = errors.New("no ephemeral key")
View Source 
var ErrNotImplemented = errors.New("not implemented")
View Source 
var UniversalNonce []byte = make([]byte, chacha20poly1305.NonceSize)

Functions

func NewSubKey added in v0.0.4 

func NewSubKey(randy io.Reader) subKey

Types

type Certifier 

type Certifier interface {
	crypto.PrivateKey
	crypto.Signer
	Verifier
}

a Certifier can produce and verify signatures

type Cipherer 

type Cipherer interface {
	crypto.PrivateKey
	Encrypter
	Decrypter
}

a Cipherer can encrypt and decrypt a Message

type CryptOpts 

type CryptOpts struct {
	Nonce []byte
	AAED  []byte
}

type Decrypter added in v0.0.4 

type Decrypter interface {
	Decrypt(*Message, crypto.DecrypterOpts) error
}

type Encrypter 

type Encrypter interface {
	Encrypt(io.Reader, *Message, EncrypterOpts) error
}

type EncrypterOpts added in v0.0.4 

type EncrypterOpts = any

type Key added in v0.0.5 

type Key [2]subKey

a Key is two (specifically one encryption and one signing) subKeys

func KeyFromBytes added in v0.0.3 

func KeyFromBytes(b []byte) Key

func KeyFromHex added in v0.0.5 

func KeyFromHex(str string) Key

func NewKey added in v0.0.4 

func NewKey(randy io.Reader) Key

func (Key) Bytes added in v0.0.5 

func (k Key) Bytes() []byte

func (Key) Encryption added in v0.0.5 

func (k Key) Encryption() subKey

func (Key) Equal added in v0.0.5 

func (k Key) Equal(j Key) bool

func (Key) From added in v0.0.5 

func (k Key) From(b []byte) Key

func (Key) IsZero added in v0.0.5 

func (k Key) IsZero() bool

a Key is zero if all it's subKeys are zero

func (Key) Signing added in v0.0.5 

func (k Key) Signing() subKey

type KeyPair added in v0.0.5 

type KeyPair [2]Key

a KeyPair is two [Key]s. One public, one private

func NewKeyPair added in v0.0.4 

func NewKeyPair(randy io.Reader) KeyPair

NewKeyPair generates valid ed25519 and X25519 keys

func (KeyPair) Bytes added in v0.0.5 

func (k KeyPair) Bytes() []byte

func (KeyPair) IsZero added in v0.0.5 

func (kp KeyPair) IsZero() bool

a KeyPair is zero if all it's keys are zero

type Message 

type Message struct {
	Recipient Key                                  `msgpack:"to"`
	Sender    Key                                  `msgpack:"from"`
	Headers   *stablemap.StableMap[string, []byte] `msgpack:"hdrs"` // additional authenticated data (AAD)

	PlainText []byte `msgpack:"ptxt"`
	// contains filtered or unexported fields
}

a Message is a message that represents either plain text or cipher text, encapsulating all data and metadata necessary to perform cryptographic operations.

func NewMessage 

func NewMessage(randy io.Reader, plainTxt []byte) *Message

NewMessage() creates a new Message

func (*Message) Digest added in v0.0.3 

func (msg *Message) Digest() ([]byte, error)

Digest() returns that portion of a Message which should be hashed and signed

func (*Message) Encrypt 

func (msg *Message) Encrypt(randy io.Reader, encrypter Encrypter, opts EncrypterOpts) error

msg.Encrypt(Encrypter) is another way of doing encrypter.Encrypt(*Message)

func (*Message) Encrypted added in v0.0.4 

func (msg *Message) Encrypted() bool

func (*Message) Ephemeral added in v0.0.4 

func (m *Message) Ephemeral() crypto.PublicKey

Ephemeral() returns the value of the ephemeral X25519 key attached to an encrypted Message

func (*Message) From 

func (m *Message) From() crypto.PublicKey

From() returns the sender as a public encryption key

func (*Message) MarshalBinary added in v0.0.4 

func (m *Message) MarshalBinary() ([]byte, error)

func (*Message) Plain added in v0.0.4 

func (msg *Message) Plain() bool

func (*Message) Sign added in v0.0.3 

func (msg *Message) Sign(randy io.Reader, signer crypto.Signer) error

msg.Sign(Signer) is another way of doing signer.Sign(*Message)

func (*Message) Signatory added in v0.0.4 

func (m *Message) Signatory() crypto.PublicKey

Signatory() returns the public signing key of the sender

func (*Message) Signature 

func (m *Message) Signature() []byte

func (*Message) To 

func (m *Message) To() crypto.PublicKey

To() returns the recipient as a public encryption key

func (*Message) UnmarshalBinary 

func (m *Message) UnmarshalBinary(p []byte) error

func (*Message) Valid added in v0.0.4 

func (msg *Message) Valid() bool

type Nonce added in v0.0.3 

type Nonce [NonceSize]byte

A Nonce is a random value with a reasonably high chance of being globally unqiue.

func NewNonce added in v0.0.4 

func NewNonce(randy io.Reader) Nonce

func (Nonce) Bytes added in v0.0.4 

func (nonce Nonce) Bytes() []byte

func (Nonce) IsZero added in v0.0.3 

func (nonce Nonce) IsZero() bool

type Principal 

type Principal = KeyPair

a Principal contains cryptographic key material and can sign, verify, encrypt, and decrypt [Message]s.

func NewPrincipal 

func NewPrincipal(randy io.Reader) *Principal

NewPrincipal() creates a new Principal

func (*Principal) Decrypt added in v0.0.5 

func (p *Principal) Decrypt(msg *Message, opts crypto.DecrypterOpts) error

Decrypt() decrypts a Message

func (*Principal) Encrypt added in v0.0.5 

func (p *Principal) Encrypt(randy io.Reader, msg *Message, opts any) error

Encrypt() encrypts a Message

func (*Principal) Equal added in v0.0.5 

func (p *Principal) Equal(p2 crypto.PublicKey) bool

func (Principal) From added in v0.0.5 

func (Principal) From(b []byte) Principal

From() re-hydrates a Principal from a byte slice

func (*Principal) MarshalBinary added in v0.0.5 

func (p *Principal) MarshalBinary() ([]byte, error)

func (*Principal) PrivateKey added in v0.0.5 

func (p *Principal) PrivateKey() Key

func (*Principal) Public added in v0.0.5 

func (p *Principal) Public() crypto.PublicKey

func (*Principal) PublicKey added in v0.0.5 

func (p *Principal) PublicKey() Key

func (*Principal) Sign added in v0.0.5 

func (p *Principal) Sign(_ io.Reader, digest []byte, opts crypto.SignerOpts) ([]byte, error)

Sign() signs a digest

func (*Principal) UnmarshalBinary added in v0.0.5 

func (p *Principal) UnmarshalBinary(b []byte) error

func (*Principal) Verify added in v0.0.5 

func (p *Principal) Verify(delphiPubKey crypto.PublicKey, digest []byte, sig []byte) bool

Verify() verifies a signature

type Verifier 

type Verifier interface {
	Verify(pub crypto.PublicKey, digest []byte, sig []byte) bool
}

a Verifier can verify that a signature is valid

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.