crypto

package
v0.5.0-rc Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 25, 2016 License: MIT Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// EntropySize defines the amount of entropy necessary to do secure
	// cryptographic operations, in bytes.
	EntropySize = ed25519.EntropySize

	// PublicKeySize defines the size of public keys in bytes.
	PublicKeySize = ed25519.PublicKeySize

	// SecretKeySize defines the size of secret keys in bytes.
	SecretKeySize = ed25519.SecretKeySize

	// SignatureSize defines the size of signatures in bytes.
	SignatureSize = ed25519.SignatureSize
)
View Source
const (
	HashSize = 32
)
View Source
const (
	SegmentSize = 64 // number of bytes that are hashed to form each base leaf of the Merkle tree
)
View Source
const (
	TwofishOverhead = 28 // number of bytes added by EncryptBytes
)

Variables

View Source
var (
	ErrHashWrongLen = errors.New("encoded value has the wrong length to be a hash")
)
View Source
var (
	ErrInsufficientLen = errors.New("supplied ciphertext is not long enough to contain a nonce")
)

Functions

func CalculateLeaves added in v0.3.3

func CalculateLeaves(fileSize uint64) uint64

Calculates the number of leaves in the file when building a Merkle tree.

func GenerateKeyPair added in v1.0.0

func GenerateKeyPair() (sk SecretKey, pk PublicKey, err error)

GenerateKeyPair creates a public-secret keypair that can be used to sign and verify messages.

func GenerateKeyPairDeterministic added in v1.0.0

func GenerateKeyPairDeterministic(entropy [EntropySize]byte) (SecretKey, PublicKey)

GenerateKeyPairDeterministic generates keys deterministically using the input entropy. The input entropy must be 32 bytes in length.

func NewHash added in v0.3.0

func NewHash() hash.Hash

NewHash returns a blake2b 256bit hasher.

func Perm added in v1.0.0

func Perm(n int) ([]int, error)

Perm returns, as a slice of n ints, a random permutation of the integers [0,n).

func RandBytes added in v1.0.0

func RandBytes(n int) ([]byte, error)

RandBytes returns n bytes of random data.

func RandIntn added in v1.0.0

func RandIntn(n int) (int, error)

RandIntn returns a non-negative random integer in the range [0,n). It panics if n <= 0.

func SecureWipe added in v1.0.0

func SecureWipe(data []byte)

SecureWipe destroys the data contained within a byte slice. There are no strong guarantees that all copies of the memory have been eliminated. If the OS was doing context switching or using swap space the keys may still be elsewhere in memory.

func VerifyHash added in v0.3.0

func VerifyHash(data Hash, pk PublicKey, sig Signature) error

VerifyHash uses a public key and input data to verify a signature.

func VerifySegment added in v0.3.0

func VerifySegment(base []byte, hashSet []Hash, numSegments, proofIndex uint64, root Hash) bool

VerifySegment will verify that a segment, given the proof, is a part of a merkle root.

Types

type Ciphertext added in v0.3.1

type Ciphertext []byte

func (Ciphertext) MarshalJSON added in v1.0.0

func (c Ciphertext) MarshalJSON() ([]byte, error)

func (*Ciphertext) UnmarshalJSON added in v1.0.0

func (c *Ciphertext) UnmarshalJSON(b []byte) error

type Hash added in v0.3.0

type Hash [HashSize]byte

func BuildReaderProof added in v0.3.0

func BuildReaderProof(r io.Reader, proofIndex uint64) (base []byte, hashSet []Hash, err error)

BuildReaderProof will build a storage proof when given a reader.

func HashAll added in v0.3.0

func HashAll(objs ...interface{}) Hash

HashAll takes a set of objects as input, encodes them all using the encoding package, and then hashes the result.

func HashBytes added in v0.3.0

func HashBytes(data []byte) Hash

HashBytes takes a byte slice and returns the result.

func HashObject added in v0.3.0

func HashObject(obj interface{}) Hash

HashObject takes an object as input, encodes it using the encoding package, and then hashes the result.

func MerkleRoot added in v0.3.0

func MerkleRoot(leaves [][]byte) (h Hash)

MerkleRoot calculates the "root hash" formed by repeatedly concatenating and hashing a binary tree of hashes. If the number of leaves is not a power of 2, the orphan hash(es) are not rehashed. Examples:

     ┌───┴──┐       ┌────┴───┐         ┌─────┴─────┐
  ┌──┴──┐   │    ┌──┴──┐     │      ┌──┴──┐     ┌──┴──┐
┌─┴─┐ ┌─┴─┐ │  ┌─┴─┐ ┌─┴─┐ ┌─┴─┐  ┌─┴─┐ ┌─┴─┐ ┌─┴─┐   │
   (5-leaf)         (6-leaf)             (7-leaf)

func ReaderMerkleRoot added in v0.3.0

func ReaderMerkleRoot(r io.Reader) (h Hash, err error)

ReaderMerkleRoot returns the merkle root of a reader.

func (Hash) MarshalJSON added in v1.0.0

func (h Hash) MarshalJSON() ([]byte, error)

MarshalJSON marshales a hash as a hex string.

func (Hash) String added in v1.0.0

func (h Hash) String() string

String prints the hash in hex.

func (*Hash) UnmarshalJSON added in v1.0.0

func (h *Hash) UnmarshalJSON(b []byte) error

UnmarshalJSON decodes the json hex string of the hash.

type HashSlice added in v0.3.0

type HashSlice []Hash

HashSlice is used for sorting

func (HashSlice) Len added in v0.3.0

func (hs HashSlice) Len() int

These functions implement sort.Interface, allowing hashes to be sorted.

func (HashSlice) Less added in v0.3.0

func (hs HashSlice) Less(i, j int) bool

func (HashSlice) Swap added in v0.3.0

func (hs HashSlice) Swap(i, j int)

type MerkleTree added in v1.0.0

type MerkleTree struct {
	*merkletree.Tree
}

func NewTree added in v0.3.0

func NewTree() MerkleTree

NewTree returns a tree object that can be used to get the merkle root of a dataset.

func (MerkleTree) PushObject added in v1.0.0

func (t MerkleTree) PushObject(obj interface{})

PushObject encodes and adds the hash of the encoded object to the tree as a leaf.

func (MerkleTree) ReadSegments

func (t MerkleTree) ReadSegments(r io.Reader) error

ReadSegments reads segments from r into the tree. If EOF is encountered mid-segment, the leaf is resized to the number of bytes read and then added to the tree. No error is returned unless err != io.EOF && err != io.errUnexpectedEOF

func (MerkleTree) Root added in v1.0.0

func (t MerkleTree) Root() (h Hash)

Root returns the Merkle root of all the objects pushed to the tree.

type PublicKey

type PublicKey [ed25519.PublicKeySize]byte

PublicKey is an object that can be used to verify signatures.

type SecretKey

type SecretKey [ed25519.SecretKeySize]byte

SecretKey can be used to sign data for the corresponding public key.

func (SecretKey) PublicKey added in v1.0.0

func (sk SecretKey) PublicKey() (pk PublicKey)

PublicKey returns the public key that corresponds to a secret key.

type Signature

type Signature [ed25519.SignatureSize]byte

Signature proves that data was signed by the owner of a particular public key's corresponding secret key.

func SignHash added in v0.3.0

func SignHash(data Hash, sk SecretKey) (sig Signature, err error)

SignHash signs a message using a secret key.

type TwofishKey added in v0.3.0

type TwofishKey [EntropySize]byte

func GenerateTwofishKey added in v0.3.0

func GenerateTwofishKey() (key TwofishKey, err error)

GenerateEncryptionKey produces a key that can be used for encrypting and decrypting files.

func (TwofishKey) DecryptBytes added in v0.3.0

func (key TwofishKey) DecryptBytes(ct Ciphertext) ([]byte, error)

DecryptBytes decrypts the ciphertext created by EncryptBytes. The nonce is expected to be the first 12 bytes of the ciphertext.

func (TwofishKey) EncryptBytes added in v0.3.0

func (key TwofishKey) EncryptBytes(plaintext []byte) (Ciphertext, error)

EncryptBytes encrypts a []byte using the key. EncryptBytes uses GCM and prepends the nonce (12 bytes) to the ciphertext.

func (TwofishKey) NewCipher added in v0.3.2

func (key TwofishKey) NewCipher() cipher.Block

NewCipher creates a new Twofish cipher from the key.

func (TwofishKey) NewReader added in v0.3.2

func (key TwofishKey) NewReader(r io.Reader) io.Reader

NewReader returns a reader that encrypts or decrypts its input stream.

func (TwofishKey) NewWriter added in v0.3.2

func (key TwofishKey) NewWriter(w io.Writer) io.Writer

NewWriter returns a writer that encrypts or decrypts its input stream.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL