Documentation
¶
Overview ¶
Packagee 2e contains functions used in the end-to-end encryption algorithm, including the end-to-end key rotation.
Packagee 2e contains functions used in the end-to-end encryption algorithm, including the end-to-end key rotation.
Packagee 2e contains functions used in the end-to-end encryption algorithm, including the end-to-end key rotation.
Packagee 2e contains functions used in the end-to-end encryption algorithm, including the end-to-end key rotation.
Packagee 2e contains functions used in the end-to-end encryption algorithm, including the end-to-end key rotation.
Packagee 2e contains functions used in the end-to-end encryption algorithm, including the end-to-end key rotation.
Packagee 2e contains functions used in the end-to-end encryption algorithm, including the end-to-end key rotation.
Index ¶
- Constants
- Variables
- func Crypt(key Key, fingerprint format.Fingerprint, msg []byte) []byte
- func DecryptAES256(key, ciphertext []byte) ([]byte, error)
- func DecryptAES256WithIV(key []byte, iv [AESBlockSize]byte, ciphertext []byte) ([]byte, error)
- func DeriveKeyFingerprint(dhkey *cyclic.Int, keyNum uint32, salts ...[]byte) format.Fingerprint
- func EncryptAES256(key, plaintext []byte) ([]byte, error)
- func EncryptAES256WithIV(key []byte, iv [AESBlockSize]byte, plaintext []byte) ([]byte, error)
- func GenerateConnectionFingerprint(sendFp, receiveFp []byte) []byte
- func GenerateKeyTTL(key *large.Int, min uint16, max uint16, params TTLParams) (uint16, uint32)
- func IsUnencrypted(m format.Message) (bool, *id.ID)
- func KeyGen(currentUser *id.ID, users []*id.ID, grp *cyclic.Group) []*cyclic.Int
- func MakeRelationshipFingerprint(pubkeyA, pubkeyB *cyclic.Int, sender, receiver *id.ID) []byte
- func Pad(msg []byte, encMsgLen int) (encMsg []byte, err error)
- func SetUnencrypted(payload []byte, uid *id.ID) ([]byte, format.Fingerprint)
- func Unpad(encMsg []byte) (msg []byte, err error)
- type Key
- type KeyResidue
- type MessageID
- type SendReport
- type TTLParams
Constants ¶
const AES256KeyLen = 32
const AESBlockSize = aes.BlockSize
const KeyLen = 32
const (
KeyResidueLength = 32
)
KeyResidue generation constants.
const MessageIDLen = 32
const MinPaddingLen = MinPaddingStringLen + NumFixedPaddingLen
const MinPaddingStringLen = 8
See length checking in RFC 3447 7.2.1-1
const NumFixedPaddingLen = 3
const ReKeyStr = "REKEY"
Variables ¶
var ErrBadArgs = errors.New("Key and/or plaintext/ciphertext are nil")
var ErrBadCiphertext = errors.New("Ciphertext is nil, empty or is not multiple of blocksize")
var ErrBadPadding = errors.New("Bad padding in plaintext")
var ErrBadPlaintext = errors.New("Plaintext is nil, empty or is not padded to blocksize")
Error case messages
var ErrCantPad = errors.New("Error while padding plaintext")
var ErrCantUnpad = errors.New("Error while unpadding plaintext")
var ErrCiphertextTooShort = errors.New("Ciphertext is too short (< 32 bytes)")
var ErrEncMessageLength = errors.New("encoded message less than min. padding length")
var ErrMessageTooLong = errors.New("message too long")
Error case messages
var ErrPaddingContainsZero = errors.New("padding string contains a zero")
var ErrPaddingPrefix = errors.New("padding prefix invalid")
var ErrPaddingTerminator = errors.New("padding terminator invalid")
Functions ¶
func Crypt ¶
func Crypt(key Key, fingerprint format.Fingerprint, msg []byte) []byte
Crypt uses XChaCha20 to encrypt or decrypt a message with the passed key using the fingerprint as a nonce
func DecryptAES256 ¶
DecryptAES256 decrypts a ciphertext using AES256 with the passed key Ciphertext is assumed to start with the IV Key can have any size, as internally it is hashed to generate the actual key Key and ciphertext can't be nil nor empty Padding and IV are removed internally Returns decrypted plaintext if no error, otherwise nil and err
func DecryptAES256WithIV ¶
DecryptAES256WithIV decrypts a ciphertext using AES256 with the passed key and IV Ciphertext is assumed to not have the IV, and to be padded Key can have any size, as internally it is hashed to generate the actual key IV must be 16 bytes, and it is recommended to be the MSBs of the key fingerprint Key and ciphertext can't be nil nor empty Padding is removed internally Returns decrypted plaintext if no error, otherwise nil and err
func DeriveKeyFingerprint ¶
derives a single key fingerprint at position keynum using blake2B on the concatenation of the second half of the cyclic basekey and the keynum and the salts Fingerprint = H(Second half of base key | userID | keyNum | salt[0] | salt[1] | ...)
func EncryptAES256 ¶
EncryptAES256 encrypts the plaintext using AES256 with the passed key Plaintext is assumed to be unpadded, as padding is added internally Key can have any size, as internally it is hashed to generate the actual key Key and plaintext can't be nil nor empty IV is generated internally and returned as first 16 bytes of the ciphertext Returns ciphertext if no error, otherwise nil and err
func EncryptAES256WithIV ¶
EncryptAES256WithIV encrypts the plaintext using AES256 with the passed key and IV Plaintext is assumed to be unpadded, as padding is added internally Key can have any size, as internally it is hashed to generate the actual key IV must be 16 bytes, and it is recommended to be the MSBs of the key fingerprint Key and plaintext can't be nil nor empty Returns ciphertext if no error, otherwise nil and err
func GenerateConnectionFingerprint ¶
GenerateConnectionFingerprint that is the same on both sender and receiver side for E2e partners
func GenerateKeyTTL ¶
GenerateKeyTTL generates Key TTL and num keys given a key and a range. Returns fair key TTL (num keys before retrigger happens) and num keys (usage capacity)
func IsUnencrypted ¶
IsUnencrypted determines if the message is unencrypted by comparing the hash of the message payload to the MAC. Returns true if the message is unencrypted and false otherwise. the highest bit of the recipient ID is stored in the highest bit of the MAC field. This is accounted for and the id is reassembled, with a presumed user type
func MakeRelationshipFingerprint ¶
creates a unique relationship fingerprint which can be used to ensure keys are unique and that message IDs are unique
func SetUnencrypted ¶
SetUnencrypted sets up the condition where the message would be determined to be unencrypted by setting the MAC to the hash of the message payload.
Types ¶
type KeyResidue ¶
type KeyResidue [KeyResidueLength]byte
KeyResidue is the residue of a Key. It represents a hash of the Key and a residue salt.
func NewKeyResidue ¶
func NewKeyResidue(key Key) KeyResidue
NewKeyResidue returns a residue of a Key. The residue is the hash of the key with the residueSalt.
func UnmarshalKeyResidue ¶
func UnmarshalKeyResidue(b []byte) (KeyResidue, error)
UnmarshalKeyResidue a KeyResidue from a byte slice binary format. Returns an error if the passed byte slice is the wrong length.
func (KeyResidue) Marshal ¶
func (kr KeyResidue) Marshal() []byte
Marshal returns the serialized KeyResidue into a binary format.
func (KeyResidue) MarshalJSON ¶
func (kr KeyResidue) MarshalJSON() ([]byte, error)
MarshalJSON marshals the KeyResidue into valid JSON. This function adheres to the json.Marshaler interface.
func (KeyResidue) String ¶
func (kr KeyResidue) String() string
String adheres to the stringer interface to return a truncated base64 encoded string of the KeyResidue.
func (KeyResidue) StringVerbose ¶
func (kr KeyResidue) StringVerbose() string
StringVerbose returns an un-truncated base64 encoding of the message iD.
func (*KeyResidue) UnmarshalJSON ¶
func (kr *KeyResidue) UnmarshalJSON(data []byte) error
UnmarshalJSON unmarshalls the JSON into the KeyResidue. This function adheres to the json.Unmarshaler interface.
type MessageID ¶
type MessageID [MessageIDLen]byte
func NewMessageID ¶
The message ID is probabilistically unique due to the uniqueness of the relationship fingerprint and the conversation ID
func UnmarshalMessageID ¶
Unmarshals a message id from a byte slice binary format. Returns an error if the passed byte slice is the wrong length
func (MessageID) String ¶
Adheres to the stringer interface to return a truncated base64 encoded string of the message ID
func (MessageID) StringVerbose ¶
Returns an un truncated base64 encoding of the message iD
type SendReport ¶
type SendReport struct {
// RoundList is the list of rounds which the message payload
// is sent.
RoundList []id.Round
// MessageId is the ID of the message sent.
MessageId MessageID
// SentTime is the time in which the message was sent.
// More specifically it is when SendE2e is called.
SentTime time.Time
// KeyResidue is the residue of the key used for the first partition of the
// message payload. The residue is a hash of the key and a salt.
KeyResidue KeyResidue
}
SendReport is the report structure for e2e.Handler's SendE2e.
Source Files
Directories