Documentation
¶
Index ¶
- Constants
- Variables
- func Decode(data []byte, conf Config) ([]byte, error)
- func DecodeString(data string, conf Config) (string, error)
- func Encode(data []byte, conf Config) ([]byte, error)
- func EncodeString(data string, conf Config) (string, error)
- func IsPassphraseRight(prv PrivateKey) (bool, error)
- func ReadKey(unixPath string) ([]byte, error)
- func SSHDir() (string, error)
- type AgentClient
- type AgentError
- type AgentErrorType
- type AgentReq
- type AgentRes
- type AgentServer
- type Config
- type Meta
- type MetaFlag
- type PrivateKey
- type PublicKey
- type PublicKeyMeta
- type Recipient
- type Whisper
Examples ¶
Constants ¶
const ( APIVersion = "v0.8.11" WireFormatVersion = byte(8) )
Variables ¶
var ErrNoPrivateKey = errors.New("no private key")
var ErrPrvKeyNotFound = errors.New("private key not found")
var ErrPubKeyNotFound = errors.New("public key not found")
var ErrPubPrvNotMatch = errors.New("public and private key not match")
var ErrVersionMismatch = errors.New("whisper file format version mismatch")
var ErrWrongPublicKey = errors.New("the public key from option -a doesn't belong to the private key")
Functions ¶
func IsPassphraseRight ¶ added in v0.2.3
func IsPassphraseRight(prv PrivateKey) (bool, error)
Types ¶
type AgentClient ¶ added in v0.3.13
type AgentClient interface {
Whisper(conf Config, in io.Reader, out io.Writer) error
IsPassphraseRight(prv PrivateKey) (bool, error)
IsServerRunning(version string) (bool, error)
ClearCache() error
}
func NewAgentClient ¶ added in v0.3.13
func NewAgentClient(addr string) AgentClient
type AgentError ¶ added in v0.5.1
type AgentError struct {
Type AgentErrorType
Message string
}
func (AgentError) Error ¶ added in v0.5.1
func (e AgentError) Error() string
type AgentErrorType ¶ added in v0.5.1
type AgentErrorType int
const ( AgentErrorTypeOthers AgentErrorType = iota AgentErrorTypeSignMismatch AgentErrorTypeNotRecipient )
type AgentServer ¶ added in v0.1.0
AgentServer is a tcp server that can be used to avoid inputting the passphrase every time. It will do the encryption and decryption for you, not the agent client. There's no way to get the raw private key from the tcp client, to do so you have to have root permission and dump the os memory. If the server restarts you have to send it to server again.
func NewAgentServer ¶ added in v0.1.0
func NewAgentServer() *AgentServer
func (*AgentServer) Handle ¶ added in v0.1.0
func (a *AgentServer) Handle(s io.ReadWriteCloser) error
func (*AgentServer) Listen ¶ added in v0.1.0
func (a *AgentServer) Listen(l net.Listener)
Serve start a http server to avoid inputting the passphrase every time.
func (*AgentServer) Serve ¶ added in v0.1.0
func (a *AgentServer) Serve(addr string)
Serve start a http server to avoid inputting the passphrase every time.
type Config ¶ added in v0.1.0
type Config struct {
// Gzip compression level
GzipLevel int
// For data decryption and signature signing.
Private *PrivateKey
// For signature checking and meta data prefixing.
Sign *PublicKey
// For data encryption of different recipients.
// If the list is empty, it will be a decryption process.
Public []PublicKey
}
func (Config) EncodeMeta ¶ added in v0.3.0
The meta format is:
[version][flags][signer][key num][keyInfo1][keyInfo2]...
"version" is the whisper file format version. "flags" about the encoding, such as if gzip, base64 are enabled or not. "signer" is the signer's public key [PublicKey.ID] and [PublicKey.Selector]. "key num" is the num of recipients. "keyInfo1" is the first recipient's public key info. "keyInfo2" is the second recipient's public key info. ... The key info format is: [public key hash][public key meta].
func (Config) IsDecryption ¶ added in v0.4.0
type Meta ¶ added in v0.3.0
type Meta struct {
Gzip bool
Sign bool
LongPubKeyHash bool
Sender *PublicKeyMeta
// The key is the hash of the recipient's public key, value is the index of the recipient in the key list.
Recipients map[string]Recipient
}
func DecodeMeta ¶ added in v0.3.0
DecodeMeta decodes the meta from the whisper file.
func PeakMeta ¶ added in v0.4.0
func PeakMeta(in io.ReadCloser) (*Meta, io.ReadCloser, error)
PeakMeta read the meta data from the input stream, and return the unread input stream.
func (*Meta) FindSSHPrivateKey ¶ added in v0.4.0
FindSSHPrivateKey find the private key that matches the recipients' public key in the ~/.ssh folder.
type PrivateKey ¶ added in v0.0.5
type PublicKey ¶ added in v0.0.5
type PublicKey struct {
Data []byte
Meta PublicKeyMeta
}
func FetchPublicKey ¶ added in v0.4.0
FetchPublicKey from github id or a remote url.
type PublicKeyMeta ¶ added in v0.8.0
type PublicKeyMeta struct {
// A public ID for the public key, it can be a https url or github id.
ID string
// Uses to select the specific key in the URL file.
// The line contains the Selector substring will be selected.
Selector string
}
func NewPublicKeyMeta ¶ added in v0.8.0
func NewPublicKeyMeta(m string) PublicKeyMeta
func (PublicKeyMeta) String ¶ added in v0.8.0
func (k PublicKeyMeta) String() string
type Recipient ¶ added in v0.8.0
type Recipient struct {
Index int
Meta PublicKeyMeta
}
type Whisper ¶ added in v0.3.0
type Whisper struct {
// contains filtered or unexported fields
}
Whisper is a data encryption and decryption file format. The whisper file extension is ".wsp".
func New ¶ added in v0.0.4
New encoder and decoder pair. The encoding process:
data -> gzip -> cipher -> sign -> meta -> base64
The sign, gzip, base64 are optional.
Decoding is the reverse as the encoding. It will still decode the whole data even the signature check fails, it will return secure.ErrSignNotMatch error.
Example ¶
package main
import (
"fmt"
"os"
"path/filepath"
whisper "github.com/ysmood/whisper/lib"
"github.com/ysmood/whisper/lib/secure"
)
func main() {
recipient01, recipient01Pub := keyPair("id_ed25519_01", "test")
recipient02, recipient02Pub := keyPair("id_ed25519_02", "") // no passphrase
// Encrypt the message that can be decrypted by both recipient01 and recipient02.
encrypted, _ := whisper.EncodeString("hello world!", whisper.Config{
Public: []whisper.PublicKey{recipient01Pub, recipient02Pub},
})
decrypted01, _ := whisper.DecodeString(encrypted, whisper.Config{Private: &recipient01})
decrypted02, _ := whisper.DecodeString(encrypted, whisper.Config{Private: &recipient02})
fmt.Println(len(encrypted), decrypted01, decrypted02)
}
func keyPair(privateKeyName, passphrase string) (whisper.PrivateKey, whisper.PublicKey) {
prv, err := os.ReadFile(filepath.FromSlash("secure/test_data/" + privateKeyName))
if err != nil {
panic(err)
}
pub, err := os.ReadFile(filepath.FromSlash("secure/test_data/" + privateKeyName + secure.PUB_KEY_EXT))
if err != nil {
panic(err)
}
return whisper.PrivateKey{prv, passphrase}, whisper.PublicKey{Data: pub}
}
Output: 240 hello world! hello world!
func (*Whisper) Decoder ¶ added in v0.3.0
Decoder decrypt data stream from the in as whisper file format.
func (*Whisper) Encoder ¶ added in v0.3.0
Encoder encrypt data stream to the out as whisper file format.
func (*Whisper) Handle ¶ added in v0.4.0
func (w *Whisper) Handle(input io.ReadCloser, output io.WriteCloser) error
Source Files
Directories