Documentation ¶
Index ¶
- Constants
- Variables
- func CalculateLeaves(dataSize uint64) uint64
- func GenerateKeyPair() (sk SecretKey, pk PublicKey)
- func GenerateKeyPairDeterministic(entropy [EntropySize]byte) (sk SecretKey, pk PublicKey)
- func NewHash() hash.Hash
- func ReadSignedObject(r io.Reader, obj interface{}, maxLen uint64, pk PublicKey) error
- func SecureWipe(data []byte)
- func VerifyHash(data Hash, pk PublicKey, sig Signature) error
- func VerifySegment(base []byte, hashSet []Hash, numSegments, proofIndex uint64, root Hash) bool
- func WriteSignedObject(w io.Writer, obj interface{}, sk SecretKey) error
- type CachedMerkleTree
- type Ciphertext
- type Hash
- type HashSlice
- type MerkleTree
- type PublicKey
- type SecretKey
- type Signature
- type TwofishKey
Constants ¶
const ( // EntropySize defines the amount of entropy necessary to do secure // cryptographic operations, in bytes. EntropySize = 32 // PublicKeySize defines the size of public keys in bytes. PublicKeySize = ed25519.PublicKeySize // SecretKeySize defines the size of secret keys in bytes. SecretKeySize = ed25519.PrivateKeySize // SignatureSize defines the size of signatures in bytes. SignatureSize = ed25519.SignatureSize )
const (
// HashSize is the length of a Hash in bytes.
HashSize = 32
)
const ( // SegmentSize is the chunk size that is used when taking the Merkle root // of a file. 64 is chosen because bandwidth is scarce and it optimizes for // the smallest possible storage proofs. Using a larger base, even 256 // bytes, would result in substantially faster hashing, but the bandwidth // tradeoff was deemed to be more important, as blockchain space is scarce. SegmentSize = 64 )
const (
// TwofishOverhead is the number of bytes added by EncryptBytes
TwofishOverhead = 28
)
Variables ¶
var ( // ErrHashWrongLen is the error when encoded value has the wrong // length to be a hash. ErrHashWrongLen = errors.New("encoded value has the wrong length to be a hash") )
var ( // ErrInsufficientLen is an error when supplied ciphertext is not // long enough to contain a nonce. ErrInsufficientLen = errors.New("supplied ciphertext is not long enough to contain a nonce") )
var ( // ErrInvalidSignature is returned if a signature is provided that does not // match the data and public key. ErrInvalidSignature = errors.New("invalid signature") )
Functions ¶
func CalculateLeaves ¶ added in v0.3.3
CalculateLeaves calculates the number of leaves that would be pushed from data of size 'dataSize'.
func GenerateKeyPair ¶ added in v1.0.0
GenerateKeyPair creates a public-secret keypair that can be used to sign and verify messages.
func GenerateKeyPairDeterministic ¶ added in v1.0.0
func GenerateKeyPairDeterministic(entropy [EntropySize]byte) (sk SecretKey, pk PublicKey)
GenerateKeyPairDeterministic generates keys deterministically using the input entropy. The input entropy must be 32 bytes in length.
func ReadSignedObject ¶ added in v1.0.0
ReadSignedObject reads a length-prefixed object prefixed by its signature, and verifies the signature.
func SecureWipe ¶ added in v1.0.0
func SecureWipe(data []byte)
SecureWipe destroys the data contained within a byte slice. There are no strong guarantees that all copies of the memory have been eliminated. If the OS was doing context switching or using swap space the keys may still be elsewhere in memory.
func VerifyHash ¶
VerifyHash uses a public key and input data to verify a signature.
func VerifySegment ¶
VerifySegment will verify that a segment, given the proof, is a part of a Merkle root.
Types ¶
type CachedMerkleTree ¶ added in v1.0.0
type CachedMerkleTree struct {
merkletree.CachedTree
}
CachedMerkleTree wraps merkletree.CachedTree, changing some of the function definitions to assume sia-specific constants and return sia-specific types.
func NewCachedTree ¶ added in v1.0.0
func NewCachedTree(height uint64) *CachedMerkleTree
NewCachedTree returns a CachedMerkleTree, which can be used for getting Merkle roots and proofs from data that has cached subroots. See merkletree.CachedTree for more details.
func (*CachedMerkleTree) Prove ¶ added in v1.0.0
func (ct *CachedMerkleTree) Prove(base []byte, cachedHashSet []Hash) []Hash
Prove is a redefinition of merkletree.CachedTree.Prove, so that Sia-specific types are used instead of the generic types used by the parent package. The base is not a return value because the base is used as input.
func (*CachedMerkleTree) Push ¶ added in v1.0.0
func (ct *CachedMerkleTree) Push(h Hash)
Push is a redefinition of merkletree.CachedTree.Push, with the added type safety of only accepting a hash.
func (*CachedMerkleTree) PushSubTree ¶ added in v1.3.3
func (ct *CachedMerkleTree) PushSubTree(height int, h Hash) error
PushSubTree is a redefinition of merkletree.CachedTree.PushSubTree, with the added type safety of only accepting a hash.
func (*CachedMerkleTree) Root ¶ added in v1.0.0
func (ct *CachedMerkleTree) Root() (h Hash)
Root is a redefinition of merkletree.CachedTree.Root, returning a Hash instead of a []byte.
type Ciphertext ¶ added in v0.3.3
type Ciphertext []byte
Ciphertext is an encrypted []byte.
func (Ciphertext) MarshalJSON ¶ added in v1.0.0
func (c Ciphertext) MarshalJSON() ([]byte, error)
MarshalJSON returns the JSON encoding of a CipherText
func (*Ciphertext) UnmarshalJSON ¶ added in v1.0.0
func (c *Ciphertext) UnmarshalJSON(b []byte) error
UnmarshalJSON parses the JSON-encoded b and returns an instance of CipherText.
type Hash ¶
Hash is a BLAKE2b 256-bit digest.
func HashAll ¶
func HashAll(objs ...interface{}) (hash Hash)
HashAll takes a set of objects as input, encodes them all using the encoding package, and then hashes the result.
func HashObject ¶
func HashObject(obj interface{}) (hash Hash)
HashObject takes an object as input, encodes it using the encoding package, and then hashes the result.
func MerkleProof ¶ added in v1.0.0
MerkleProof builds a Merkle proof that the data at segment 'proofIndex' is a part of the Merkle root formed by 'b'.
func MerkleRoot ¶
MerkleRoot returns the Merkle root of the input data.
func (*Hash) LoadString ¶ added in v1.0.3
LoadString takes a string, parses the hash value of the string, and sets the value of the hash equal to the hash value of the string.
func (Hash) MarshalJSON ¶ added in v1.0.0
MarshalJSON marshales a hash as a hex string.
func (*Hash) UnmarshalJSON ¶ added in v1.0.0
UnmarshalJSON decodes the json hex string of the hash.
type HashSlice ¶
type HashSlice []Hash
HashSlice is used for sorting
type MerkleTree ¶ added in v1.0.0
type MerkleTree struct {
merkletree.Tree
}
MerkleTree wraps merkletree.Tree, changing some of the function definitions to assume sia-specific constants and return sia-specific types.
func NewTree ¶
func NewTree() *MerkleTree
NewTree returns a MerkleTree, which can be used for getting Merkle roots and Merkle proofs on data. See merkletree.Tree for more details.
func (*MerkleTree) PushObject ¶ added in v1.0.0
func (t *MerkleTree) PushObject(obj interface{})
PushObject encodes and adds the hash of the encoded object to the tree as a leaf.
func (*MerkleTree) Root ¶ added in v1.0.0
func (t *MerkleTree) Root() (h Hash)
Root is a redefinition of merkletree.Tree.Root, returning a Hash instead of a []byte.
type PublicKey ¶
type PublicKey [PublicKeySize]byte
PublicKey is an object that can be used to verify signatures.
type SecretKey ¶
type SecretKey [SecretKeySize]byte
SecretKey can be used to sign data for the corresponding public key.
type Signature ¶
type Signature [SignatureSize]byte
Signature proves that data was signed by the owner of a particular public key's corresponding secret key.
type TwofishKey ¶
type TwofishKey [EntropySize]byte
TwofishKey is a key used for encrypting and decrypting data.
func GenerateTwofishKey ¶
func GenerateTwofishKey() (key TwofishKey)
GenerateTwofishKey produces a key that can be used for encrypting and decrypting files.
func (TwofishKey) DecryptBytes ¶
func (key TwofishKey) DecryptBytes(ct Ciphertext) ([]byte, error)
DecryptBytes decrypts the ciphertext created by EncryptBytes. The nonce is expected to be the first 12 bytes of the ciphertext.
func (TwofishKey) EncryptBytes ¶
func (key TwofishKey) EncryptBytes(plaintext []byte) Ciphertext
EncryptBytes encrypts a []byte using the key. EncryptBytes uses GCM and prepends the nonce (12 bytes) to the ciphertext.
func (TwofishKey) NewCipher ¶ added in v0.3.3
func (key TwofishKey) NewCipher() cipher.Block
NewCipher creates a new Twofish cipher from the key.