cryptography

package
v1.5.34 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 5, 2023 License: GPL-3.0 Imports: 17 Imported by: 0

README

Cryptography

Wrappers around Go cryptographic functions, you should avoid using any cryptographic primitives that are not from this package.

Documentation

Index

Constants

View Source
const (
	// TOTPDigits - Number of digits in the TOTP
	TOTPDigits          = 8
	TOTPPeriod          = uint(30)
	TOTPSecretKey       = "server.totp"
	ServerECCKeyPairKey = "server.ecc"
)

Variables

View Source
var (
	// ErrInvalidKeyLength - Invalid key length
	ErrInvalidKeyLength = errors.New("invalid length")

	// ErrReplayAttack - Replay attack
	ErrReplayAttack = errors.New("replay attack detected")

	// ErrDecryptFailed
	ErrDecryptFailed = errors.New("decryption failed")
)

Functions

func Decrypt

func Decrypt(key [chacha20poly1305.KeySize]byte, ciphertext []byte) ([]byte, error)

Decrypt - Decrypt using chacha20poly1305 https://pkg.go.dev/golang.org/x/crypto/chacha20poly1305

func ECCDecrypt

func ECCDecrypt(senderPublicKey *[32]byte, recipientPrivateKey *[32]byte, ciphertext []byte) ([]byte, error)

ECCDecrypt - Decrypt using Curve 25519 + ChaCha20Poly1305

func ECCEncrypt

func ECCEncrypt(recipientPublicKey *[32]byte, senderPrivateKey *[32]byte, plaintext []byte) ([]byte, error)

ECCEncrypt - Encrypt using Nacl Box

func Encrypt

func Encrypt(key [chacha20poly1305.KeySize]byte, plaintext []byte) ([]byte, error)

Encrypt - Encrypt using chacha20poly1305 https://pkg.go.dev/golang.org/x/crypto/chacha20poly1305

func KeyFromBytes

func KeyFromBytes(data []byte) ([chacha20poly1305.KeySize]byte, error)

KeyFromBytes - Convert to fixed length buffer

func MinisignServerPrivateKey

func MinisignServerPrivateKey() *minisign.PrivateKey

MinisignServerPrivateKey - Get the server's minisign key pair

func MinisignServerPublicKey

func MinisignServerPublicKey() string

MinisignServerPublicKey - Get the server's minisign public key string

func MinisignServerSign

func MinisignServerSign(message []byte) string

MinisignServerSign - Sign a message with the server's minisign private key

func RandomKey

func RandomKey() [chacha20poly1305.KeySize]byte

RandomKey - Generate random ID of randomIDSize bytes

func TOTPOptions

func TOTPOptions() totp.ValidateOpts

TOTPOptions - Customized totp validation options

func TOTPServerSecret

func TOTPServerSecret() (string, error)

TOTPServerSecret - Get the server-wide totp secret value, the goal of the totp is for the implant to prove it was generated by this server. To that end we simply use a server-wide secret and ignore issuers/accounts. In order to bypass this check you'd have to extract the totp secret from a binary generated by the server.

func ValidateTOTP

func ValidateTOTP(code string) (bool, error)

ValidateTOTP - Validate a TOTP code

Types

type CipherContext

type CipherContext struct {
	Key [chacha20poly1305.KeySize]byte
	// contains filtered or unexported fields
}

CipherContext - Tracks a series of messages encrypted under the same key and detects/prevents replay attacks.

func NewCipherContext

func NewCipherContext(key [chacha20poly1305.KeySize]byte) *CipherContext

NewCipherContext - Wrapper around creating a cipher context from a key

func (*CipherContext) Decrypt

func (c *CipherContext) Decrypt(ciphertext []byte) ([]byte, error)

Decrypt - Decrypt a message with the contextual key and check for replay attacks

func (*CipherContext) Encrypt

func (c *CipherContext) Encrypt(plaintext []byte) ([]byte, error)

Encrypt - Encrypt a message with the contextual key

type ECCKeyPair

type ECCKeyPair struct {
	Public  *[32]byte `json:"public"`
	Private *[32]byte `json:"private"`
}

ECCKeyPair - Holds the public/private key pair

func ECCServerKeyPair

func ECCServerKeyPair() *ECCKeyPair

ECCServerKeyPair - Get teh server's ECC key pair

func RandomECCKeyPair

func RandomECCKeyPair() (*ECCKeyPair, error)

RandomECCKeyPair - Generate a random Curve 25519 key pair

func (*ECCKeyPair) PrivateBase64

func (e *ECCKeyPair) PrivateBase64() string

PrivateBase64 - Base64 encoded private key

func (*ECCKeyPair) PublicBase64

func (e *ECCKeyPair) PublicBase64() string

PublicBase64 - Base64 encoded public key

Directories

Path Synopsis
Package minisign implements the minisign signature scheme.
Package minisign implements the minisign signature scheme.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL