Documentation ¶
Index ¶
- Constants
- Variables
- func CalculateLeaves(dataSize uint64) uint64
- func GenerateKeyPair() (sk SecretKey, pk PublicKey)
- func GenerateKeyPairDeterministic(entropy [EntropySize]byte) (sk SecretKey, pk PublicKey)
- func NewHash() hash.Hash
- func ReadSignedObject(r io.Reader, obj interface{}, maxLen uint64, pk PublicKey) error
- func SecureWipe(data []byte)
- func VerifyHash(data Hash, pk PublicKey, sig Signature) error
- func VerifySegment(base []byte, hashSet []Hash, numSegments, proofIndex uint64, root Hash) bool
- func WriteSignedObject(w io.Writer, obj interface{}, sk SecretKey) error
- type CachedMerkleTree
- type Ciphertext
- type Hash
- type HashSlice
- type MerkleTree
- type PublicKey
- type SecretKey
- type Signature
- type TwofishKey
- func (key TwofishKey) DecryptBytes(ct Ciphertext) ([]byte, error)
- func (key TwofishKey) DecryptBytesInPlace(ct Ciphertext) ([]byte, error)
- func (key TwofishKey) EncryptBytes(plaintext []byte) Ciphertext
- func (key TwofishKey) NewCipher() cipher.Block
- func (key TwofishKey) NewReader(r io.Reader) io.Reader
- func (key TwofishKey) NewWriter(w io.Writer) io.Writer
Constants ¶
const ( // EntropySize defines the amount of entropy necessary to do secure // cryptographic operations, in bytes. EntropySize = 32 // PublicKeySize defines the size of public keys in bytes. PublicKeySize = ed25519.PublicKeySize // SecretKeySize defines the size of secret keys in bytes. SecretKeySize = ed25519.PrivateKeySize // SignatureSize defines the size of signatures in bytes. SignatureSize = ed25519.SignatureSize )
const (
// HashSize is the length of a Hash in bytes.
HashSize = 32
)
const ( // SegmentSize is the chunk size that is used when taking the Merkle root // of a file. 64 is chosen because bandwidth is scarce and it optimizes for // the smallest possible storage proofs. Using a larger base, even 256 // bytes, would result in substantially faster hashing, but the bandwidth // tradeoff was deemed to be more important, as blockchain space is scarce. SegmentSize = 64 )
const (
// TwofishOverhead is the number of bytes added by EncryptBytes
TwofishOverhead = 28
)
Variables ¶
var ( // ErrHashWrongLen is the error when encoded value has the wrong // length to be a hash. ErrHashWrongLen = errors.New("encoded value has the wrong length to be a hash") )
var ( // ErrInsufficientLen is an error when supplied ciphertext is not // long enough to contain a nonce. ErrInsufficientLen = errors.New("supplied ciphertext is not long enough to contain a nonce") )
var ( // ErrInvalidSignature is returned if a signature is provided that does not // match the data and public key. ErrInvalidSignature = errors.New("invalid signature") )
Functions ¶
func CalculateLeaves ¶
CalculateLeaves calculates the number of leaves that would be pushed from data of size 'dataSize'.
func GenerateKeyPair ¶
GenerateKeyPair creates a public-secret keypair that can be used to sign and verify messages.
func GenerateKeyPairDeterministic ¶
func GenerateKeyPairDeterministic(entropy [EntropySize]byte) (sk SecretKey, pk PublicKey)
GenerateKeyPairDeterministic generates keys deterministically using the input entropy. The input entropy must be 32 bytes in length.
func ReadSignedObject ¶
ReadSignedObject reads a length-prefixed object prefixed by its signature, and verifies the signature.
func SecureWipe ¶
func SecureWipe(data []byte)
SecureWipe destroys the data contained within a byte slice. There are no strong guarantees that all copies of the memory have been eliminated. If the OS was doing context switching or using swap space the keys may still be elsewhere in memory.
func VerifyHash ¶
VerifyHash uses a public key and input data to verify a signature.
func VerifySegment ¶
VerifySegment will verify that a segment, given the proof, is a part of a Merkle root.
Types ¶
type CachedMerkleTree ¶
type CachedMerkleTree struct {
merkletree.CachedTree
}
CachedMerkleTree wraps merkletree.CachedTree, changing some of the function definitions to assume siaclassic-specific constants and return siaclassic-specific types.
func NewCachedTree ¶
func NewCachedTree(height uint64) *CachedMerkleTree
NewCachedTree returns a CachedMerkleTree, which can be used for getting Merkle roots and proofs from data that has cached subroots. See merkletree.CachedTree for more details.
func (*CachedMerkleTree) Prove ¶
func (ct *CachedMerkleTree) Prove(base []byte, cachedHashSet []Hash) []Hash
Prove is a redefinition of merkletree.CachedTree.Prove, so that SiaClassic-specific types are used instead of the generic types used by the parent package. The base is not a return value because the base is used as input.
func (*CachedMerkleTree) Push ¶
func (ct *CachedMerkleTree) Push(h Hash)
Push is a redefinition of merkletree.CachedTree.Push, with the added type safety of only accepting a hash.
func (*CachedMerkleTree) PushSubTree ¶
func (ct *CachedMerkleTree) PushSubTree(height int, h Hash) error
PushSubTree is a redefinition of merkletree.CachedTree.PushSubTree, with the added type safety of only accepting a hash.
func (*CachedMerkleTree) Root ¶
func (ct *CachedMerkleTree) Root() (h Hash)
Root is a redefinition of merkletree.CachedTree.Root, returning a Hash instead of a []byte.
type Ciphertext ¶
type Ciphertext []byte
Ciphertext is an encrypted []byte.
func (Ciphertext) MarshalJSON ¶
func (c Ciphertext) MarshalJSON() ([]byte, error)
MarshalJSON returns the JSON encoding of a CipherText
func (*Ciphertext) UnmarshalJSON ¶
func (c *Ciphertext) UnmarshalJSON(b []byte) error
UnmarshalJSON parses the JSON-encoded b and returns an instance of CipherText.
type Hash ¶
Hash is a BLAKE2b 256-bit digest.
func HashAll ¶
func HashAll(objs ...interface{}) (hash Hash)
HashAll takes a set of objects as input, encodes them all using the encoding package, and then hashes the result.
func HashObject ¶
func HashObject(obj interface{}) (hash Hash)
HashObject takes an object as input, encodes it using the encoding package, and then hashes the result.
func MerkleProof ¶
MerkleProof builds a Merkle proof that the data at segment 'proofIndex' is a part of the Merkle root formed by 'b'.
func MerkleRoot ¶
MerkleRoot returns the Merkle root of the input data.
func (*Hash) LoadString ¶
LoadString takes a string, parses the hash value of the string, and sets the value of the hash equal to the hash value of the string.
func (Hash) MarshalJSON ¶
MarshalJSON marshales a hash as a hex string.
func (*Hash) UnmarshalJSON ¶
UnmarshalJSON decodes the json hex string of the hash.
type HashSlice ¶
type HashSlice []Hash
HashSlice is used for sorting
type MerkleTree ¶
type MerkleTree struct {
merkletree.Tree
}
MerkleTree wraps merkletree.Tree, changing some of the function definitions to assume siaclassic-specific constants and return siaclassic-specific types.
func NewTree ¶
func NewTree() *MerkleTree
NewTree returns a MerkleTree, which can be used for getting Merkle roots and Merkle proofs on data. See merkletree.Tree for more details.
func (*MerkleTree) PushObject ¶
func (t *MerkleTree) PushObject(obj interface{})
PushObject encodes and adds the hash of the encoded object to the tree as a leaf.
func (*MerkleTree) Root ¶
func (t *MerkleTree) Root() (h Hash)
Root is a redefinition of merkletree.Tree.Root, returning a Hash instead of a []byte.
type PublicKey ¶
type PublicKey [PublicKeySize]byte
PublicKey is an object that can be used to verify signatures.
type SecretKey ¶
type SecretKey [SecretKeySize]byte
SecretKey can be used to sign data for the corresponding public key.
type Signature ¶
type Signature [SignatureSize]byte
Signature proves that data was signed by the owner of a particular public key's corresponding secret key.
type TwofishKey ¶
type TwofishKey [EntropySize]byte
TwofishKey is a key used for encrypting and decrypting data.
func GenerateTwofishKey ¶
func GenerateTwofishKey() (key TwofishKey)
GenerateTwofishKey produces a key that can be used for encrypting and decrypting files.
func (TwofishKey) DecryptBytes ¶
func (key TwofishKey) DecryptBytes(ct Ciphertext) ([]byte, error)
DecryptBytes decrypts the ciphertext created by EncryptBytes. The nonce is expected to be the first 12 bytes of the ciphertext.
func (TwofishKey) DecryptBytesInPlace ¶
func (key TwofishKey) DecryptBytesInPlace(ct Ciphertext) ([]byte, error)
DecryptBytesInPlace decrypts the ciphertext created by EncryptBytes. The nonce is expected to be the first 12 bytes of the ciphertext. DecryptBytesInPlace reuses the memory of ct to be able to operate in-place. This means that ct can't be reused after calling DecryptBytesInPlace.
func (TwofishKey) EncryptBytes ¶
func (key TwofishKey) EncryptBytes(plaintext []byte) Ciphertext
EncryptBytes encrypts a []byte using the key. EncryptBytes uses GCM and prepends the nonce (12 bytes) to the ciphertext.
func (TwofishKey) NewCipher ¶
func (key TwofishKey) NewCipher() cipher.Block
NewCipher creates a new Twofish cipher from the key.