whisper

package
v0.4.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 5, 2024 License: MIT Imports: 23 Imported by: 0

Documentation

Index

Examples

Constants

View Source 
const (
	APIVersion    = "v0.4.1"
	FormatVersion = byte(3)
)

Variables

View Source 
var ErrNoPrivateKey = errors.New("no private key")
View Source 
var ErrPrvKeyNotFound = errors.New("private key not found")
View Source 
var ErrPubKeyNotFound = errors.New("public key not found")
View Source 
var ErrPubPrvNotMatch = errors.New("public and private key not match")
View Source 
var ErrVersionMismatch = errors.New("whisper file format version mismatch")
View Source 
var ErrWrongPublicKey = errors.New("the public key from option -a doesn't belong to the private key")

Functions

func Decode added in v0.0.5 

func Decode(data []byte, conf Config) ([]byte, error)

func DecodeString added in v0.0.5 

func DecodeString(data string, conf Config) (string, error)

func Encode added in v0.0.5 

func Encode(data []byte, conf Config) ([]byte, error)

func EncodeString added in v0.0.5 

func EncodeString(data string, conf Config) (string, error)

func ExtractRemotePublicKey added in v0.4.0 

func ExtractRemotePublicKey(p string) (string, bool)

func IsPassphraseRight added in v0.2.3 

func IsPassphraseRight(prv PrivateKey) (bool, error)

func ReadKey added in v0.4.0 

func ReadKey(unixPath string) ([]byte, error)

func SSHDir added in v0.4.0 

func SSHDir() (string, error)

Types

type AgentClient added in v0.3.13 

type AgentClient interface {
	Whisper(conf Config, in io.Reader, out io.Writer) error
	IsPassphraseRight(prv PrivateKey) (bool, error)
	IsServerRunning(version string) (bool, error)
	ClearCache() error
}

func NewAgentClient added in v0.3.13 

func NewAgentClient(addr string) AgentClient

type AgentReq added in v0.1.0 

type AgentReq struct {
	Version         string
	CheckPassphrase bool
	ClearCache      bool

	Config Config
}

type AgentRes added in v0.1.0 

type AgentRes struct {
	Running         bool
	PassphraseRight bool
	WrongPublicKey  bool
}

type AgentServer added in v0.1.0 

type AgentServer struct {
	Logger *slog.Logger
	// contains filtered or unexported fields
}

AgentServer is a tcp server that can be used to avoid inputting the passphrase every time. It will do the encryption and decryption for you, not the agent client. There's no way to get the passphrase from the tcp client, the only way to get the passphrase is to have root permission and dump the os memory. If the server restarts you have to send it to server again.

func NewAgentServer added in v0.1.0 

func NewAgentServer() *AgentServer

func (*AgentServer) Handle added in v0.1.0 

func (a *AgentServer) Handle(s io.ReadWriteCloser) error

func (*AgentServer) Listen added in v0.1.0 

func (a *AgentServer) Listen(l net.Listener)

Serve start a http server to avoid inputting the passphrase every time.

func (*AgentServer) Serve added in v0.1.0 

func (a *AgentServer) Serve(addr string)

Serve start a http server to avoid inputting the passphrase every time.

type Config added in v0.1.0 

type Config struct {
	// Gzip compression level
	GzipLevel int

	// For data decryption and signature signing.
	Private *PrivateKey

	// For signature checking and meta data prefixing.
	Sign *PublicKey

	// For data encryption of different recipients.
	// If the list is empty, it will be a decryption process.
	Public []PublicKey
}

func (Config) EncodeMeta added in v0.3.0 

func (c Config) EncodeMeta(out io.Writer) error

The meta format is: 

[version][flags][sender][key num][key2 hash]...

"version" is the whisper file format version. "flags" about the encoding, such as if gzip, base64 are enabled or not. "sender" is the sender's public key [PublicKey.ID] and [PublicKey.Selector]. "key num" is the num of recipients. "key1 hash" is the hash of the first recipient's public key. "key2 hash" is the hash of the second recipient's public key. ...

func (Config) IsDecryption added in v0.4.0 

func (c Config) IsDecryption() bool

func (Config) PubKeyHashList added in v0.3.0 

func (c Config) PubKeyHashList() (bool, [][]byte, error)

type Meta added in v0.3.0 

type Meta struct {
	Gzip           bool
	Sign           bool
	LongPubKeyHash bool

	Sender *PublicKey

	// The key is the hash of the recipient's public key, value is the index of the recipient in the key list.
	Recipients map[string]int
}

func DecodeMeta added in v0.3.0 

func DecodeMeta(in io.Reader) (*Meta, error)

DecodeMeta decodes the meta from the whisper file.

func PeakMeta added in v0.4.0 

func PeakMeta(in io.ReadCloser) (*Meta, io.ReadCloser, error)

PeakMeta read the meta data from the input stream, and return the unread input stream.

func (*Meta) FindSSHPrivateKey added in v0.4.0 

func (m *Meta) FindSSHPrivateKey() (string, error)

FindSSHPrivateKey find the private key that matches the recipients' public key in the ~/.ssh folder.

func (Meta) GetIndex added in v0.3.0 

func (m Meta) GetIndex(p PrivateKey) (int, error)

GetIndex returns the index of the encrypted secret that the p can decrypt.

func (Meta) HasPubKey added in v0.3.0 

func (m Meta) HasPubKey(p PublicKey) (bool, error)

func (Meta) HashSize added in v0.3.0 

func (m Meta) HashSize() int

type MetaFlag added in v0.3.0 

type MetaFlag byte
const (
	MetaGzip MetaFlag = 1 << iota
	MetaSign
	MetaLongPubKeyHash // If set, the hash size will be [sha1.Size], or it will be 4 bytes
)

type PrivateKey added in v0.0.5 

type PrivateKey struct {
	Data []byte

	// Passphrase is used to decrypt the [PrivateKey.Data]
	Passphrase string
}

type PublicKey added in v0.0.5 

type PublicKey struct {
	Data []byte

	// A public ID for the public key, it can be a https url or github id.
	ID string

	// Uses to select the specific key in the URL file.
	// The line contains the Selector substring will be selected.
	Selector string
}

func FetchPublicKey added in v0.4.0 

func FetchPublicKey(location string) (*PublicKey, error)

func PublicKeyFromMeta added in v0.3.0 

func PublicKeyFromMeta(m string) PublicKey

func (PublicKey) Meta added in v0.3.0 

func (k PublicKey) Meta() string

func (PublicKey) Select added in v0.3.0 

func (k PublicKey) Select() ([]byte, error)

Select the line in Data contains the Selector.

type Whisper added in v0.3.0 

type Whisper struct {
	// contains filtered or unexported fields
}

Whisper is a data encryption and decryption file format. The whisper file extension is ".wsp".

func New added in v0.0.4 

func New(conf Config) *Whisper

New encoder and decoder pair. The encoding process: 

data -> gzip -> cipher -> sign -> meta -> base64

The sign, gzip, base64 are optional.

Decoding is the reverse as the encoding. It will still decode the whole data even the signature check fails, it will return secure.ErrSignNotMatch error.

Example 
package main

import (
	"fmt"
	"os"
	"path/filepath"

	whisper "github.com/ysmood/whisper/lib"
)

func main() {
	recipient01, recipient01Pub := keyPair("id_ecdsa01", "test")
	recipient02, recipient02Pub := keyPair("id_ecdsa02", "test")

	// Encrypt the message that can be decrypted by both recipient01 and recipient02.
	encrypted, _ := whisper.EncodeString("hello world!", whisper.Config{
		Public: []whisper.PublicKey{recipient01Pub, recipient02Pub},
	})

	decrypted01, _ := whisper.DecodeString(encrypted, whisper.Config{Private: &recipient01})
	decrypted02, _ := whisper.DecodeString(encrypted, whisper.Config{Private: &recipient02})

	fmt.Println(decrypted01, decrypted02)

}

func keyPair(privateKeyName, passphrase string) (whisper.PrivateKey, whisper.PublicKey) {
	prv, err := os.ReadFile(filepath.FromSlash("secure/test_data/" + privateKeyName))
	if err != nil {
		panic(err)
	}

	pub, err := os.ReadFile(filepath.FromSlash("secure/test_data/" + privateKeyName + ".pub"))
	if err != nil {
		panic(err)
	}

	return whisper.PrivateKey{prv, passphrase}, whisper.PublicKey{Data: pub}
}

Output:

hello world! hello world!

func (*Whisper) Decoder added in v0.3.0 

func (w *Whisper) Decoder(in io.Reader) (io.ReadCloser, error)

Decoder decrypt data stream from the in as whisper file format.

func (*Whisper) Encoder added in v0.3.0 

func (w *Whisper) Encoder(out io.Writer) (io.WriteCloser, error)

Encoder encrypt data stream to the out as whisper file format.

func (*Whisper) Handle added in v0.4.0 

func (w *Whisper) Handle(input io.ReadCloser, output io.WriteCloser) error

Source Files

View all Source files

Directories

Path Synopsis
Package secure makes encrypted data can only be decrypted by selected recipients.
 Package secure makes encrypted data can only be decrypted by selected recipients.
gen-keys

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.