Documentation ¶
Index ¶
- Constants
- Variables
- func Decrypt(key [chacha20poly1305.KeySize]byte, ciphertext []byte) ([]byte, error)
- func ECCDecrypt(senderPublicKey *[32]byte, recipientPrivateKey *[32]byte, ciphertext []byte) ([]byte, error)
- func ECCEncrypt(recipientPublicKey *[32]byte, senderPrivateKey *[32]byte, plaintext []byte) ([]byte, error)
- func Encrypt(key [chacha20poly1305.KeySize]byte, plaintext []byte) ([]byte, error)
- func KeyFromBytes(data []byte) ([chacha20poly1305.KeySize]byte, error)
- func MinisignServerPrivateKey() *minisign.PrivateKey
- func MinisignServerPublicKey() string
- func MinisignServerSign(message []byte) string
- func RandomKey() [chacha20poly1305.KeySize]byte
- func TOTPOptions() totp.ValidateOpts
- func TOTPServerSecret() (string, error)
- func ValidateTOTP(code string) (bool, error)
- type CipherContext
- type ECCKeyPair
Constants ¶
const ( // TOTPDigits - Number of digits in the TOTP TOTPDigits = 8 TOTPPeriod = uint(30) TOTPSecretKey = "server.totp" ServerECCKeyPairKey = "server.ecc" )
Variables ¶
Functions ¶
func Decrypt ¶
Decrypt - Decrypt using chacha20poly1305 https://pkg.go.dev/golang.org/x/crypto/chacha20poly1305
func ECCDecrypt ¶
func ECCDecrypt(senderPublicKey *[32]byte, recipientPrivateKey *[32]byte, ciphertext []byte) ([]byte, error)
ECCDecrypt - Decrypt using Curve 25519 + ChaCha20Poly1305
func ECCEncrypt ¶
func ECCEncrypt(recipientPublicKey *[32]byte, senderPrivateKey *[32]byte, plaintext []byte) ([]byte, error)
ECCEncrypt - Encrypt using Nacl Box
func Encrypt ¶
Encrypt - Encrypt using chacha20poly1305 https://pkg.go.dev/golang.org/x/crypto/chacha20poly1305
func KeyFromBytes ¶
func KeyFromBytes(data []byte) ([chacha20poly1305.KeySize]byte, error)
KeyFromBytes - Convert to fixed length buffer
func MinisignServerPrivateKey ¶
func MinisignServerPrivateKey() *minisign.PrivateKey
MinisignServerPrivateKey - Get the server's minisign key pair
func MinisignServerPublicKey ¶
func MinisignServerPublicKey() string
MinisignServerPublicKey - Get the server's minisign public key string
func MinisignServerSign ¶
MinisignServerSign - Sign a message with the server's minisign private key
func RandomKey ¶
func RandomKey() [chacha20poly1305.KeySize]byte
RandomKey - Generate random ID of randomIDSize bytes
func TOTPOptions ¶
func TOTPOptions() totp.ValidateOpts
TOTPOptions - Customized totp validation options
func TOTPServerSecret ¶
TOTPServerSecret - Get the server-wide totp secret value, the goal of the totp is for the implant to prove it was generated by this server. To that end we simply use a server-wide secret and ignore issuers/accounts. In order to bypass this check you'd have to extract the totp secret from a binary generated by the server.
func ValidateTOTP ¶
ValidateTOTP - Validate a TOTP code
Types ¶
type CipherContext ¶
type CipherContext struct { Key [chacha20poly1305.KeySize]byte // contains filtered or unexported fields }
CipherContext - Tracks a series of messages encrypted under the same key and detects/prevents replay attacks.
func NewCipherContext ¶
func NewCipherContext(key [chacha20poly1305.KeySize]byte) *CipherContext
NewCipherContext - Wrapper around creating a cipher context from a key
type ECCKeyPair ¶
ECCKeyPair - Holds the public/private key pair
func ECCServerKeyPair ¶
func ECCServerKeyPair() *ECCKeyPair
ECCServerKeyPair - Get teh server's ECC key pair
func RandomECCKeyPair ¶
func RandomECCKeyPair() (*ECCKeyPair, error)
RandomECCKeyPair - Generate a random Curve 25519 key pair
func (*ECCKeyPair) PrivateBase64 ¶
func (e *ECCKeyPair) PrivateBase64() string
PrivateBase64 - Base64 encoded private key
func (*ECCKeyPair) PublicBase64 ¶
func (e *ECCKeyPair) PublicBase64() string
PublicBase64 - Base64 encoded public key