whisper

package
v0.3.6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 3, 2024 License: MIT Imports: 18 Imported by: 0

Documentation

Index

Examples

Constants

View Source 
const (
	APIVersion    = "v0.3.6"
	FormatVersion = byte(3)
)

Variables

View Source 
var ErrNoPrivateKey = errors.New("no private key")
View Source 
var ErrPubKeyNotFound = errors.New("public key not found")
View Source 
var ErrPubPrvNotMatch = errors.New("public and private key not match")
View Source 
var ErrVersionMismatch = errors.New("whisper file format version mismatch")
View Source 
var ErrWrongPublicKey = errors.New("the public key from option -a doesn't belong to the private key")

Functions

func CallAgent added in v0.1.0 

func CallAgent(addr string, req AgentReq, in io.Reader, out io.Writer) error

Return true if the passphrase is correct.

func ClearCache added in v0.3.2 

func ClearCache(addr string) error

func Decode added in v0.0.5 

func Decode(data []byte, conf Config) ([]byte, error)

func DecodeString added in v0.0.5 

func DecodeString(data string, conf Config) (string, error)

func Encode added in v0.0.5 

func Encode(data []byte, conf Config) ([]byte, error)

func EncodeString added in v0.0.5 

func EncodeString(data string, conf Config) (string, error)

func IsAgentRunning added in v0.1.0 

func IsAgentRunning(addr, version string) (bool, error)

func IsPassphraseRight added in v0.2.3 

func IsPassphraseRight(addr string, prv PrivateKey) (bool, error)

func New added in v0.0.4 

func New(conf Config) piper.EncodeDecoder

New encoder and decoder pair. The encoding process: 

data -> gzip -> cipher -> sign -> meta

The sign, gzip are optional.

Decoding is the reverse as the encoding. It will still decode the whole data even the signature check fails, it will return secure.ErrSignNotMatch error.

Example 
package main

import (
	"fmt"
	"os"
	"path/filepath"

	whisper "github.com/ysmood/whisper/lib"
)

func main() {
	recipient01, recipient01Pub := keyPair("id_ecdsa01", "test")
	recipient02, recipient02Pub := keyPair("id_ecdsa02", "test")

	// Encrypt the message that can be decrypted by both recipient01 and recipient02.
	encrypted, _ := whisper.EncodeString("hello world!", whisper.Config{
		Public: []whisper.PublicKey{recipient01Pub, recipient02Pub},
	})

	decrypted01, _ := whisper.DecodeString(encrypted, whisper.Config{Private: &recipient01})
	decrypted02, _ := whisper.DecodeString(encrypted, whisper.Config{Private: &recipient02})

	fmt.Println(decrypted01, decrypted02)

}

func keyPair(privateKeyName, passphrase string) (whisper.PrivateKey, whisper.PublicKey) {
	prv, err := os.ReadFile(filepath.FromSlash("secure/test_data/" + privateKeyName))
	if err != nil {
		panic(err)
	}

	pub, err := os.ReadFile(filepath.FromSlash("secure/test_data/" + privateKeyName + ".pub"))
	if err != nil {
		panic(err)
	}

	return whisper.PrivateKey{prv, passphrase}, whisper.PublicKey{Data: pub}
}

Output:

hello world! hello world!

Types

type AgentReq added in v0.1.0 

type AgentReq struct {
	Version         string
	Decrypt         bool
	CheckPassphrase bool
	ClearCache      bool

	Config Config
}

type AgentRes added in v0.1.0 

type AgentRes struct {
	Running         bool
	PassphraseRight bool
	WrongPublicKey  bool
}

type AgentServer added in v0.1.0 

type AgentServer struct {
	Logger *slog.Logger
	// contains filtered or unexported fields
}

AgentServer is a tcp server that can be used to avoid inputting the passphrase every time. It will do the encryption and decryption for you, not the agent client. There's no way to get the passphrase from the tcp client, the only way to get the passphrase is to have root permission and dump the os memory. If the server restarts you have to send it to server again.

func NewAgentServer added in v0.1.0 

func NewAgentServer() *AgentServer

func (*AgentServer) Handle added in v0.1.0 

func (a *AgentServer) Handle(s io.ReadWriteCloser) error

func (*AgentServer) Listen added in v0.1.0 

func (a *AgentServer) Listen(l net.Listener)

Serve start a http server to avoid inputting the passphrase every time.

func (*AgentServer) Serve added in v0.1.0 

func (a *AgentServer) Serve(addr string)

Serve start a http server to avoid inputting the passphrase every time.

type Config added in v0.1.0 

type Config struct {
	// Gzip compression level
	GzipLevel int

	// For data decryption and signature signing.
	Private *PrivateKey

	// For signature checking and meta data prefixing.
	Sign *PublicKey

	// For data encryption of different recipients
	Public []PublicKey
}

func (Config) EncodeMeta added in v0.3.0 

func (c Config) EncodeMeta(out io.Writer) error

The meta format is: 

[version][flags][sender][key num][key2 hash]...

"version" is the whisper file format version. "flags" about the encoding, such as if gzip, base64 are enabled or not. "sender" is the sender's public key [PublicKey.ID] and [PublicKey.Selector]. "key num" is the num of recipients. "key1 hash" is the hash of the first recipient's public key. "key2 hash" is the hash of the second recipient's public key. ...

func (Config) PubKeyHashList added in v0.3.0 

func (c Config) PubKeyHashList() (bool, [][]byte, error)

type Meta added in v0.3.0 

type Meta struct {
	Gzip           bool
	Sign           bool
	LongPubKeyHash bool

	Sender         *PublicKey
	PubKeyHashList map[string]int
}

func DecodeMeta added in v0.3.0 

func DecodeMeta(in io.Reader) (*Meta, error)

func (Meta) GetIndex added in v0.3.0 

func (m Meta) GetIndex(p PrivateKey) (int, error)

GetIndex returns the index of the encrypted secret that the p can decrypt.

func (Meta) HasPubKey added in v0.3.0 

func (m Meta) HasPubKey(p PublicKey) (bool, error)

func (Meta) HashSize added in v0.3.0 

func (m Meta) HashSize() int

type MetaFlag added in v0.3.0 

type MetaFlag byte
const (
	MetaGzip MetaFlag = 1 << iota
	MetaSign
	MetaLongPubKeyHash // If set, the hash size will be [sha1.Size], or it will be 4 bytes
)

type PrivateKey added in v0.0.5 

type PrivateKey struct {
	Data []byte

	// Passphrase is used to decrypt the [PrivateKey.Data]
	Passphrase string
}

type PublicKey added in v0.0.5 

type PublicKey struct {
	Data []byte

	// A public ID for the public key, it can be a https url or github id.
	ID string

	// Uses to select the specific key in the URL file.
	// The line contains the Selector substring will be selected.
	Selector string
}

func PublicKeyFromMeta added in v0.3.0 

func PublicKeyFromMeta(m string) PublicKey

func (PublicKey) Meta added in v0.3.0 

func (k PublicKey) Meta() string

func (PublicKey) Select added in v0.3.0 

func (k PublicKey) Select() ([]byte, error)

Select the line in Data contains the Selector.

type Whisper added in v0.3.0 

type Whisper struct {
	// contains filtered or unexported fields
}

func (*Whisper) Decoder added in v0.3.0 

func (w *Whisper) Decoder(in io.Reader) (io.ReadCloser, error)

func (*Whisper) Encoder added in v0.3.0 

func (w *Whisper) Encoder(out io.Writer) (io.WriteCloser, error)

Source Files

View all Source files

Directories

Path Synopsis
Package secure makes encrypted data can only be decrypted by selected recipients.
 Package secure makes encrypted data can only be decrypted by selected recipients.
gen-keys

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.