Documentation
¶
Index ¶
- Variables
- func CheckDH(g, p *big.Int) error
- func CheckDHParams(dhPrime, g, gA, gB *big.Int) error
- func CheckGP(g, p *big.Int) error
- func DataWithHash(data []byte, rand io.Reader) []byte
- func DecodeRSAPad(data []byte, key *rsa.PrivateKey) ([]byte, error)
- func DecomposePQ(pq uint64, rand io.Reader) (p, q uint64)
- func FillBytes(b *big.Int, to []byte) bool
- func GuessDataWithHash(dataWithHash []byte) []byte
- func InRange(x, min, max *big.Int) bool
- func MakeGAB(rand io.Reader, g, gA, dh *big.Int) (gB, b *big.Int, err error)
- func NewRegistry() *tl.ObjectRegistry
- func Perform(ctx context.Context, conn mode.Mode, keys []*rsa.PublicKey, dc int, ...) ([256]byte, uint64, error)
- func Prime(p *big.Int) bool
- func RSAPad(data []byte, key *rsa.PublicKey, randomSource io.Reader) ([]byte, error)
- func ServerSalt(newNonce Int256, serverNonce Int128) (salt uint64)
- type ClientDHInnerData
- type DHGenFail
- type DHGenOk
- type DHGenRetry
- type Int128
- type Int256
- type PQInnerData
- type PQInnerDataDC
- type PQInnerDataObj
- type PQInnerDataTempDC
- type ReqDHParamsParams
- type ReqPQMultiParams
- type ResPQ
- type ServerDHInnerData
- type ServerDHParamsOk
- type SetClientDHParamsAnswer
- type SetClientDHParamsParams
Constants ¶
This section is empty.
Variables ¶
var Registry = NewRegistry()
Functions ¶
func CheckDH ¶
CheckDH performs DH parameters check described in Telegram docs.
Client is expected to check whether p is a safe 2048-bit prime (meaning that both p and (p-1)/2 are prime, and that 2^2047 < p < 2^2048), and that g generates a cyclic subgroup of prime order (p-1)/2, i.e. is a quadratic residue mod p. Since g is always equal to 2, 3, 4, 5, 6 or 7, this is easily done using quadratic reciprocity law, yielding a simple condition on p mod 4g — namely, p mod 8 = 7 for g = 2; p mod 3 = 2 for g = 3; no extra condition for g = 4; p mod 5 = 1 or 4 for g = 5; p mod 24 = 19 or 23 for g = 6; and p mod 7 = 3, 5 or 6 for g = 7.
See https://core.telegram.org/mtproto/auth_key#presenting-proof-of-work-server-authentication.
See https://core.telegram.org/api/srp#checking-the-password-with-srp.
See https://core.telegram.org/api/end-to-end#sending-a-request.
func CheckDHParams ¶
CheckDHParams checks that g_a, g_b and g params meet key exchange conditions.
https://core.telegram.org/mtproto/auth_key#dh-key-exchange-complete
func CheckGP ¶
CheckGP checks whether g generates a cyclic subgroup of prime order (p-1)/2, i.e. is a quadratic residue mod p. Also check that g is 2, 3, 4, 5, 6 or 7.
This function is needed by some Telegram algorithms(Key generation, SRP 2FA).
func DecodeRSAPad ¶
func DecodeRSAPad(data []byte, key *rsa.PrivateKey) ([]byte, error)
DecodeRSAPad implements server-side decoder of RSAPad.
func DecomposePQ ¶
DecomposePQ decomposes pq into prime factors such that p < q.
func FillBytes ¶
FillBytes is safe version of (*big.Int).FillBytes. Returns false if to length is not exact equal to big.Int's. Otherwise fills to using b and returns true.
func GuessDataWithHash ¶
guessDataWithHash guesses data from data_with_hash.
func NewRegistry ¶
func NewRegistry() *tl.ObjectRegistry
func Perform ¶
func Perform(ctx context.Context, conn mode.Mode, keys []*rsa.PublicKey, dc int, expiration time.Duration) ([256]byte, uint64, error)
`expiration` param defines how long session will be stored on server side. This value guarantees *at most** this duration, but not exactly. or even more. According to the documentation, "The server is free to discard its copy earlier". Zero value means permanent session, so if keys will leak, someone might use them to use authorized session.
func RSAPad ¶
RSAPad encrypts given data with RSA, prefixing with a hash.
See https://core.telegram.org/mtproto/auth_key#presenting-proof-of-work-server-authentication.
func ServerSalt ¶
Types ¶
type ClientDHInnerData ¶
func (*ClientDHInnerData) CRC ¶
func (*ClientDHInnerData) CRC() uint32
type DHGenRetry ¶
func (*DHGenRetry) CRC ¶
func (*DHGenRetry) CRC() uint32
type Int256 ¶
type Int256 = [32]byte
func TempAESKeys ¶
tempAESKeys returns tmp_aes_key and tmp_aes_iv based on new_nonce and server_nonce as defined in "Creating an Authorization Key".
See https://core.telegram.org/mtproto/auth_key#6-server-responds-with
tmp_aes_key := SHA1(new_nonce + server_nonce) + substr (SHA1(server_nonce + new_nonce), 0, 12);
type PQInnerData ¶
type PQInnerDataDC ¶
type PQInnerDataDC struct { Pq []byte P []byte Q []byte Nonce Int128 ServerNonce Int128 NewNonce Int256 DC int32 }
func (*PQInnerDataDC) CRC ¶
func (*PQInnerDataDC) CRC() uint32
type PQInnerDataObj ¶
type PQInnerDataObj struct { Pq []byte P []byte Q []byte Nonce Int128 ServerNonce Int128 NewNonce Int256 }
func (*PQInnerDataObj) CRC ¶
func (*PQInnerDataObj) CRC() uint32
type PQInnerDataTempDC ¶
type PQInnerDataTempDC struct { Pq []byte P []byte Q []byte Nonce Int128 ServerNonce Int128 NewNonce Int256 DC int32 ExpiresIn int32 }
func (*PQInnerDataTempDC) CRC ¶
func (*PQInnerDataTempDC) CRC() uint32
type ReqDHParamsParams ¶
type ReqDHParamsParams struct { Nonce Int128 ServerNonce Int128 P []byte Q []byte PublicKeyFingerprint uint64 EncryptedData []byte }
func (*ReqDHParamsParams) CRC ¶
func (*ReqDHParamsParams) CRC() uint32
type ReqPQMultiParams ¶
type ReqPQMultiParams struct {
Nonce Int128
}
func (*ReqPQMultiParams) CRC ¶
func (*ReqPQMultiParams) CRC() uint32
type ServerDHInnerData ¶
type ServerDHInnerData struct { Nonce Int128 ServerNonce Int128 G int32 DhPrime []byte GA []byte ServerTime int32 }
func (*ServerDHInnerData) CRC ¶
func (*ServerDHInnerData) CRC() uint32
type ServerDHParamsOk ¶
func (*ServerDHParamsOk) CRC ¶
func (*ServerDHParamsOk) CRC() uint32
type SetClientDHParamsAnswer ¶
type SetClientDHParamsParams ¶
func (*SetClientDHParamsParams) CRC ¶
func (*SetClientDHParamsParams) CRC() uint32