tinkcrypto

package
v1.2.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 16, 2024 License: Apache-2.0 Imports: 32 Imported by: 1

Documentation

Overview

Package tinkcrypto provides the default implementation of the common pkg/common/api/crypto.Crypto interface and the SPI pkg/framework/aries.crypto interface

It uses github.com/tink/go crypto primitives

Index

Constants

View Source
const (
	// ECDHESA256KWAlg is the ECDH-ES with AES-GCM 256 key wrapping algorithm.
	ECDHESA256KWAlg = "ECDH-ES+A256KW"
	// ECDH1PUA128KWAlg is the ECDH-1PU with AES-CBC 128+HMAC-SHA 256 key wrapping algorithm.
	ECDH1PUA128KWAlg = "ECDH-1PU+A128KW"
	// ECDH1PUA192KWAlg is the ECDH-1PU with AES-CBC 192+HMAC-SHA 384 key wrapping algorithm.
	ECDH1PUA192KWAlg = "ECDH-1PU+A192KW"
	// ECDH1PUA256KWAlg is the ECDH-1PU with AES-CBC 256+HMAC-SHA 512 key wrapping algorithm.
	ECDH1PUA256KWAlg = "ECDH-1PU+A256KW"
	// ECDHESXC20PKWAlg is the ECDH-ES with XChacha20Poly1305 key wrapping algorithm.
	ECDHESXC20PKWAlg = "ECDH-ES+XC20PKW"
	// ECDH1PUXC20PKWAlg is the ECDH-1PU with XChacha20Poly1305 key wrapping algorithm.
	ECDH1PUXC20PKWAlg = "ECDH-1PU+XC20PKW"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Crypto

type Crypto struct {
	// contains filtered or unexported fields
}

Crypto is the default Crypto SPI implementation using Tink.

func New

func New() (*Crypto, error)

New creates a new Crypto instance.

func (*Crypto) ComputeMAC

func (t *Crypto) ComputeMAC(data []byte, kh interface{}) ([]byte, error)

ComputeMAC computes message authentication code (MAC) for code data using a matching MAC primitive in kh key handle.

func (*Crypto) Decrypt

func (t *Crypto) Decrypt(cipher, aad, nonce []byte, kh interface{}) ([]byte, error)

Decrypt will decrypt cipher using the implementation's corresponding encryption key referenced by kh of a private key.

func (*Crypto) DeriveProof

func (t *Crypto) DeriveProof(messages [][]byte, bbsSignature, nonce []byte, revealedIndexes []int,
	signerPubKH interface{}) ([]byte, error)

DeriveProof will create a BBS+ signature proof for a list of revealed messages using BBS signature (can be built using a Signer's SignMulti() call) and the signer's public key in signerPubKH handle. returns:

signature proof in []byte
error in case of errors

func (*Crypto) Encrypt

func (t *Crypto) Encrypt(msg, aad []byte, kh interface{}) ([]byte, []byte, error)

Encrypt will encrypt msg using the implementation's corresponding encryption key and primitive in kh of a public key.

func (*Crypto) Sign

func (t *Crypto) Sign(msg []byte, kh interface{}) ([]byte, error)

Sign will sign msg using the implementation's corresponding signing key referenced by kh of a private key.

func (*Crypto) SignMulti

func (t *Crypto) SignMulti(messages [][]byte, signerKH interface{}) ([]byte, error)

SignMulti will create a BBS+ signature of messages using the signer's private key in signerKH handle. returns:

signature in []byte
error in case of errors

func (*Crypto) UnwrapKey

func (t *Crypto) UnwrapKey(recWK *crypto.RecipientWrappedKey, recipientKH interface{},
	wrapKeyOpts ...crypto.WrapKeyOpts) ([]byte, error)

UnwrapKey unwraps a key in recWK using ECDH (ES or 1PU) with recipient private key kh. This function is used with the following parameters:

  • Key Unwrapping: `ECDH-ES` (no options) or `ECDH-1PU` (using crypto.WithSender() option in wrapKeyOpts) over either
  • `ECDH-ES+A256KW` alg (AES256-GCM, default anoncrypt KW with no options) as per https://tools.ietf.org/html/rfc7518#appendix-A.2
  • `ECDH-ES+XC20PKW` alg (XChacha20Poly1305, anoncrypt using crypto.WithXC20PKW() option in wrapKeyOpts). The following ECDH-1PU algs are triggered using the crypto.WithSender() and crypto.WithTag() options in wrapKeyOpts:
  • `ECDH-1PU+A128KW` alg (AES128-GCM, authcrypt KW using cek size=32).
  • `ECDH-1PU+A192KW` alg (AES192-GCM, authcrypt KW using cek size=48).
  • `ECDH-1PU+A256KW` alg (AES256-GCM, authcrypt KW using cek size=64).
  • `ECDH-1PU+XC20PKW` alg (XChacha20Poly1305, authcrypt using crypto.WithXC20PKW() with cek size=32).
  • KDF (based on recWk.EPK.KeyType): `Concat KDF` as per https://tools.ietf.org/html/rfc7518#section-4.6 (for type value as EC) or `Curve25519`+`Concat KDF` as per https://tools.ietf.org/html/rfc7748#section-6.1 (for type value as OKP, ie X25519 key).

returns the resulting unwrapping key or error in case of unwrapping failure.

Notes: 1- if the crypto.WithSender() option was used in WrapKey(), then it must be set here as well for successful key

unwrapping.

2- unwrapping a key with recWK.alg value set as either `ECDH-1PU+A128KW`, `ECDH-1PU+A192KW`, `ECDH-1PU+A256KW` or

`ECDH-1PU+XC20PKW` requires the use of crypto.WithSender() option (containing the sender public key) in order to
execute ECDH-1PU derivation.

3- the ephemeral key in recWK.EPK must have the same KeyType as the recipientKH and the same Curve for NIST P

curved keys. Unwrapping a key with non matching types/curves will result in unwrapping failure.

4- recipientKH must contain the private key since unwrapping is usually done on the recipient side.

func (*Crypto) Verify

func (t *Crypto) Verify(sig, msg []byte, kh interface{}) error

Verify will verify sig signature of msg using the implementation's corresponding signing key referenced by kh of a public key.

func (*Crypto) VerifyMAC

func (t *Crypto) VerifyMAC(macBytes, data []byte, kh interface{}) error

VerifyMAC determines if mac is a correct authentication code (MAC) for data using a matching MAC primitive in kh key handle and returns nil if so, otherwise it returns an error.

func (*Crypto) VerifyMulti

func (t *Crypto) VerifyMulti(messages [][]byte, bbsSignature []byte, signerPubKH interface{}) error

VerifyMulti will BBS+ verify a signature of messages against the signer's public key in signerPubKH handle. returns:

error in case of errors or nil if signature verification was successful

func (*Crypto) VerifyProof

func (t *Crypto) VerifyProof(revealedMessages [][]byte, proof, nonce []byte, signerPubKH interface{}) error

VerifyProof will verify a BBS+ signature proof (generated e.g. by Verifier's DeriveProof() call) for revealedMessages with the signer's public key in signerPubKH handle. returns:

error in case of errors or nil if signature proof verification was successful

func (*Crypto) WrapKey

func (t *Crypto) WrapKey(cek, apu, apv []byte, recPubKey *crypto.PublicKey,
	wrapKeyOpts ...crypto.WrapKeyOpts) (*crypto.RecipientWrappedKey, error)

WrapKey will do ECDH (ES or 1PU) key wrapping of cek using apu, apv and recipient public key 'recPubKey'. This function is used with the following parameters:

  • Key Wrapping: `ECDH-ES` (no options) or `ECDH-1PU` (using crypto.WithSender() option in wrapKeyOpts) over either:
  • `ECDH-ES+A256KW` alg (AES256-GCM, default anoncrypt KW with no options) as per https://tools.ietf.org/html/rfc7518#appendix-A.2
  • `ECDH-ES+XC20PKW` alg (XChacha20Poly1305, anoncrypt using crypto.WithXC20PKW() option in wrapKeyOpts). The following ECDH-1PU algs are triggered using the crypto.WithSender() and crypto.WithTag() options in wrapKeyOpts:
  • `ECDH-1PU+A128KW` alg (AES128-GCM, authcrypt KW using cek size=32).
  • `ECDH-1PU+A192KW` alg (AES192-GCM, authcrypt KW using cek size=48).
  • `ECDH-1PU+A256KW` alg (AES256-GCM, authcrypt KW using cek size=64).
  • `ECDH-1PU+XC20PKW` alg (XChacha20Poly1305, authcrypt using crypto.WithXC20PKW() with cek size=32).
  • KDF (based on recPubKey.Curve): `Concat KDF` as per https://tools.ietf.org/html/rfc7518#section-4.6 (for recPubKey with NIST P curves) or `Curve25519`+`Concat KDF` as per https://tools.ietf.org/html/rfc7748#section-6.1 (for recPubKey with X25519 curve).

returns the resulting key wrapping info as *composite.RecipientWrappedKey or error in case of wrapping failure.

Directories

Path Synopsis
primitive
aead
Package aead provides implementations of the AEAD primitive.
Package aead provides implementations of the AEAD primitive.
aead/subtle
Package subtle provides subtle implementations of the AEAD primitive.
Package subtle provides subtle implementations of the AEAD primitive.
bbs
Package bbs provides implementations of BBS+ key management and primitives.
Package bbs provides implementations of BBS+ key management and primitives.
composite/ecdh
Package ecdh provides implementations of payload encryption using ECDH-ES/1PU KW key wrapping with AEAD primitives.
Package ecdh provides implementations of payload encryption using ECDH-ES/1PU KW key wrapping with AEAD primitives.
secp256k1/subtle
Package subtle provides subtle implementations of the digital signature primitive.
Package subtle provides subtle implementations of the digital signature primitive.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL