crypto

Documentation

Index

• Constants
• Variables
• func Rand(n int) []byte
• type Keyring
  • func (k *Keyring) ClearSessionKeys()
  • func (k *Keyring) DecryptOFB(ciphertext []byte) (plaintext []byte, err error)
  • func (k *Keyring) EncryptOFB(plaintext []byte) (ciphertext []byte, err error)
  • func (k *Keyring) Export(index int, private bool) ([]byte, error)
  • func (k *Keyring) Import(index int, private bool, der []byte) (err error)
  • func (k *Keyring) Init(overwrite bool) (err error)
  • func (k *Keyring) Load() (err error)
  • func (k *Keyring) NewLongtermKey() (err error)
  • func (k *Keyring) NewSessionKeys(nonce []byte) (err error)
  • func (k *Keyring) Save() (err error)
  • func (k *Keyring) SetCipher(kind api.Cipher, diversifier []byte) (err error)
  • func (k *Keyring) SignECDSA(data []byte, ephemeral bool) (sig *api.Signature, err error)
  • func (k *Keyring) VerifyECDSA(data []byte, sig *api.Signature, ephemeral bool) (err error)
• type PersistentConfiguration

Constants

const (
	// flag to select DCP for on supported block ciphers
	DCP = true
	// flag to allow DCP, when flagged, for XTS computation
	DCPXTS = false
	// flag to select DCP for ESSIV computation
	DCPIV = false

	// key derivation iteration count
	PBKDF2_ITER = 4096

	// DEK key derivation diversifier
	DEK_DIV = "floppyDEK"
	// ESSIV key derivation diversifier
	ESSIV_DIV = "floppyESSIV"
	// SNVS key derivation diversifier
	SNVS_DIV = "floppySNVS"
)

const (
	MMC_CONF_BLOCK = 2097152
	CONF_BLOCKS_V1 = 2
	CONF_BLOCKS_V2 = 2048
)

const (
	BLOCK_KEY = iota
	ESSIV_KEY
	SNVS_KEY
)

DCP key RAM indices

const (
	UA_LONGTERM_KEY = iota
	UA_EPHEMERAL_KEY
	MD_LONGTERM_KEY
	MD_EPHEMERAL_KEY
)

BLE key indices

Variables

var ESSIV = false

flag to select ESSIV on AES-128 CBC ciphers

Functions

func Rand

func Rand(n int) []byte

Types

type Keyring

type Keyring struct {
	// FDE function
	Cipher func(buf []byte, lba int, blocks int, blockSize int, enc bool, wg *sync.WaitGroup)

	// Configuration instance
	Conf *PersistentConfiguration

	// long term BLE peer authentication keys
	ArmoryLongterm *ecdsa.PrivateKey
	MobileLongterm *ecdsa.PublicKey
	// contains filtered or unexported fields
}

func (*Keyring) ClearSessionKeys

func (k *Keyring) ClearSessionKeys()

func (*Keyring) DecryptOFB

func (k *Keyring) DecryptOFB(ciphertext []byte) (plaintext []byte, err error)

func (*Keyring) EncryptOFB

func (k *Keyring) EncryptOFB(plaintext []byte) (ciphertext []byte, err error)

func (*Keyring) Export

func (k *Keyring) Export(index int, private bool) ([]byte, error)

func (*Keyring) Import

func (k *Keyring) Import(index int, private bool, der []byte) (err error)

func (*Keyring) Init

func (k *Keyring) Init(overwrite bool) (err error)

func (*Keyring) Load

func (k *Keyring) Load() (err error)

func (*Keyring) NewLongtermKey

func (k *Keyring) NewLongtermKey() (err error)

func (*Keyring) NewSessionKeys

func (k *Keyring) NewSessionKeys(nonce []byte) (err error)

func (*Keyring) Save

func (k *Keyring) Save() (err error)

func (*Keyring) SetCipher

func (k *Keyring) SetCipher(kind api.Cipher, diversifier []byte) (err error)

func (*Keyring) SignECDSA

func (k *Keyring) SignECDSA(data []byte, ephemeral bool) (sig *api.Signature, err error)

func (*Keyring) VerifyECDSA

func (k *Keyring) VerifyECDSA(data []byte, sig *api.Signature, ephemeral bool) (err error)

type PersistentConfiguration

type PersistentConfiguration struct {
	// serialized long term BLE peer authentication keys
	ArmoryLongterm []byte
	MobileLongterm []byte

	// BLE API Configuration
	Settings *api.Configuration

	// Transparency Log Checkpoint
	ProofBundle *logapi.ProofBundle
}