Documentation ¶
Overview ¶
Package tinkcrypto provides the default implementation of the common pkg/common/api/crypto.Crypto interface and the SPI pkg/framework/aries.crypto interface
It uses github.com/tink/go crypto primitives
Index ¶
- Constants
- type Crypto
- func (t *Crypto) ComputeMAC(data []byte, kh interface{}) ([]byte, error)
- func (t *Crypto) Decrypt(cipher, aad, nonce []byte, kh interface{}) ([]byte, error)
- func (t *Crypto) DeriveProof(messages [][]byte, bbsSignature, nonce []byte, revealedIndexes []int, ...) ([]byte, error)
- func (t *Crypto) Encrypt(msg, aad []byte, kh interface{}) ([]byte, []byte, error)
- func (t *Crypto) Sign(msg []byte, kh interface{}) ([]byte, error)
- func (t *Crypto) SignMulti(messages [][]byte, signerKH interface{}) ([]byte, error)
- func (t *Crypto) UnwrapKey(recWK *crypto.RecipientWrappedKey, recipientKH interface{}, ...) ([]byte, error)
- func (t *Crypto) Verify(sig, msg []byte, kh interface{}) error
- func (t *Crypto) VerifyMAC(macBytes, data []byte, kh interface{}) error
- func (t *Crypto) VerifyMulti(messages [][]byte, bbsSignature []byte, signerPubKH interface{}) error
- func (t *Crypto) VerifyProof(revealedMessages [][]byte, proof, nonce []byte, signerPubKH interface{}) error
- func (t *Crypto) WrapKey(cek, apu, apv []byte, recPubKey *crypto.PublicKey, ...) (*crypto.RecipientWrappedKey, error)
Constants ¶
const ( // ECDHESA256KWAlg is the ECDH-ES with AES-GCM 256 key wrapping algorithm. ECDHESA256KWAlg = "ECDH-ES+A256KW" // ECDH1PUA128KWAlg is the ECDH-1PU with AES-CBC 128+HMAC-SHA 256 key wrapping algorithm. ECDH1PUA128KWAlg = "ECDH-1PU+A128KW" // ECDH1PUA192KWAlg is the ECDH-1PU with AES-CBC 192+HMAC-SHA 384 key wrapping algorithm. ECDH1PUA192KWAlg = "ECDH-1PU+A192KW" // ECDH1PUA256KWAlg is the ECDH-1PU with AES-CBC 256+HMAC-SHA 512 key wrapping algorithm. ECDH1PUA256KWAlg = "ECDH-1PU+A256KW" // ECDHESXC20PKWAlg is the ECDH-ES with XChacha20Poly1305 key wrapping algorithm. ECDHESXC20PKWAlg = "ECDH-ES+XC20PKW" // ECDH1PUXC20PKWAlg is the ECDH-1PU with XChacha20Poly1305 key wrapping algorithm. ECDH1PUXC20PKWAlg = "ECDH-1PU+XC20PKW" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Crypto ¶
type Crypto struct {
// contains filtered or unexported fields
}
Crypto is the default Crypto SPI implementation using Tink.
func (*Crypto) ComputeMAC ¶
ComputeMAC computes message authentication code (MAC) for code data using a matching MAC primitive in kh key handle.
func (*Crypto) Decrypt ¶
Decrypt will decrypt cipher using the implementation's corresponding encryption key referenced by kh of a private key.
func (*Crypto) DeriveProof ¶
func (t *Crypto) DeriveProof(messages [][]byte, bbsSignature, nonce []byte, revealedIndexes []int, signerPubKH interface{}) ([]byte, error)
DeriveProof will create a BBS+ signature proof for a list of revealed messages using BBS signature (can be built using a Signer's SignMulti() call) and the signer's public key in signerPubKH handle. returns:
signature proof in []byte error in case of errors
func (*Crypto) Encrypt ¶
Encrypt will encrypt msg using the implementation's corresponding encryption key and primitive in kh of a public key.
func (*Crypto) Sign ¶
Sign will sign msg using the implementation's corresponding signing key referenced by kh of a private key.
func (*Crypto) SignMulti ¶
SignMulti will create a BBS+ signature of messages using the signer's private key in signerKH handle. returns:
signature in []byte error in case of errors
func (*Crypto) UnwrapKey ¶
func (t *Crypto) UnwrapKey(recWK *crypto.RecipientWrappedKey, recipientKH interface{}, wrapKeyOpts ...crypto.WrapKeyOpts) ([]byte, error)
UnwrapKey unwraps a key in recWK using ECDH (ES or 1PU) with recipient private key kh. This function is used with the following parameters:
- Key Unwrapping: `ECDH-ES` (no options) or `ECDH-1PU` (using crypto.WithSender() option in wrapKeyOpts) over either
- `ECDH-ES+A256KW` alg (AES256-GCM, default anoncrypt KW with no options) as per https://tools.ietf.org/html/rfc7518#appendix-A.2
- `ECDH-ES+XC20PKW` alg (XChacha20Poly1305, anoncrypt using crypto.WithXC20PKW() option in wrapKeyOpts). The following ECDH-1PU algs are triggered using the crypto.WithSender() and crypto.WithTag() options in wrapKeyOpts:
- `ECDH-1PU+A128KW` alg (AES128-GCM, authcrypt KW using cek size=32).
- `ECDH-1PU+A192KW` alg (AES192-GCM, authcrypt KW using cek size=48).
- `ECDH-1PU+A256KW` alg (AES256-GCM, authcrypt KW using cek size=64).
- `ECDH-1PU+XC20PKW` alg (XChacha20Poly1305, authcrypt using crypto.WithXC20PKW() with cek size=32).
- KDF (based on recWk.EPK.KeyType): `Concat KDF` as per https://tools.ietf.org/html/rfc7518#section-4.6 (for type value as EC) or `Curve25519`+`Concat KDF` as per https://tools.ietf.org/html/rfc7748#section-6.1 (for type value as OKP, ie X25519 key).
returns the resulting unwrapping key or error in case of unwrapping failure.
Notes: 1- if the crypto.WithSender() option was used in WrapKey(), then it must be set here as well for successful key
unwrapping.
2- unwrapping a key with recWK.alg value set as either `ECDH-1PU+A128KW`, `ECDH-1PU+A192KW`, `ECDH-1PU+A256KW` or
`ECDH-1PU+XC20PKW` requires the use of crypto.WithSender() option (containing the sender public key) in order to execute ECDH-1PU derivation.
3- the ephemeral key in recWK.EPK must have the same KeyType as the recipientKH and the same Curve for NIST P
curved keys. Unwrapping a key with non matching types/curves will result in unwrapping failure.
4- recipientKH must contain the private key since unwrapping is usually done on the recipient side.
func (*Crypto) Verify ¶
Verify will verify sig signature of msg using the implementation's corresponding signing key referenced by kh of a public key.
func (*Crypto) VerifyMAC ¶
VerifyMAC determines if mac is a correct authentication code (MAC) for data using a matching MAC primitive in kh key handle and returns nil if so, otherwise it returns an error.
func (*Crypto) VerifyMulti ¶
VerifyMulti will BBS+ verify a signature of messages against the signer's public key in signerPubKH handle. returns:
error in case of errors or nil if signature verification was successful
func (*Crypto) VerifyProof ¶
func (t *Crypto) VerifyProof(revealedMessages [][]byte, proof, nonce []byte, signerPubKH interface{}) error
VerifyProof will verify a BBS+ signature proof (generated e.g. by Verifier's DeriveProof() call) for revealedMessages with the signer's public key in signerPubKH handle. returns:
error in case of errors or nil if signature proof verification was successful
func (*Crypto) WrapKey ¶
func (t *Crypto) WrapKey(cek, apu, apv []byte, recPubKey *crypto.PublicKey, wrapKeyOpts ...crypto.WrapKeyOpts) (*crypto.RecipientWrappedKey, error)
WrapKey will do ECDH (ES or 1PU) key wrapping of cek using apu, apv and recipient public key 'recPubKey'. This function is used with the following parameters:
- Key Wrapping: `ECDH-ES` (no options) or `ECDH-1PU` (using crypto.WithSender() option in wrapKeyOpts) over either:
- `ECDH-ES+A256KW` alg (AES256-GCM, default anoncrypt KW with no options) as per https://tools.ietf.org/html/rfc7518#appendix-A.2
- `ECDH-ES+XC20PKW` alg (XChacha20Poly1305, anoncrypt using crypto.WithXC20PKW() option in wrapKeyOpts). The following ECDH-1PU algs are triggered using the crypto.WithSender() and crypto.WithTag() options in wrapKeyOpts:
- `ECDH-1PU+A128KW` alg (AES128-GCM, authcrypt KW using cek size=32).
- `ECDH-1PU+A192KW` alg (AES192-GCM, authcrypt KW using cek size=48).
- `ECDH-1PU+A256KW` alg (AES256-GCM, authcrypt KW using cek size=64).
- `ECDH-1PU+XC20PKW` alg (XChacha20Poly1305, authcrypt using crypto.WithXC20PKW() with cek size=32).
- KDF (based on recPubKey.Curve): `Concat KDF` as per https://tools.ietf.org/html/rfc7518#section-4.6 (for recPubKey with NIST P curves) or `Curve25519`+`Concat KDF` as per https://tools.ietf.org/html/rfc7748#section-6.1 (for recPubKey with X25519 curve).
returns the resulting key wrapping info as *composite.RecipientWrappedKey or error in case of wrapping failure.
Directories ¶
Path | Synopsis |
---|---|
primitive
|
|
aead
Package aead provides implementations of the AEAD primitive.
|
Package aead provides implementations of the AEAD primitive. |
aead/subtle
Package subtle provides subtle implementations of the AEAD primitive.
|
Package subtle provides subtle implementations of the AEAD primitive. |
bbs
Package bbs provides implementations of BBS+ key management and primitives.
|
Package bbs provides implementations of BBS+ key management and primitives. |
composite/ecdh
Package ecdh provides implementations of payload encryption using ECDH-ES/1PU KW key wrapping with AEAD primitives.
|
Package ecdh provides implementations of payload encryption using ECDH-ES/1PU KW key wrapping with AEAD primitives. |
secp256k1/subtle
Package subtle provides subtle implementations of the digital signature primitive.
|
Package subtle provides subtle implementations of the digital signature primitive. |