crypto

package
v1.9.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 21, 2024 License: MIT Imports: 21 Imported by: 2

Documentation

Index

Constants

View Source
const (
	// EntropySize defines the amount of entropy necessary to do secure
	// cryptographic operations, in bytes.
	EntropySize = 32

	// PublicKeySize defines the size of public keys in bytes.
	PublicKeySize = ed25519.PublicKeySize

	// SecretKeySize defines the size of secret keys in bytes.
	SecretKeySize = ed25519.PrivateKeySize

	// SignatureSize defines the size of signatures in bytes.
	SignatureSize = ed25519.SignatureSize
)
View Source
const (
	// HashSize is the length of a Hash in bytes.
	HashSize = 32
)
View Source
const (
	// SegmentSize is the chunk size that is used when taking the Merkle root
	// of a file. 64 is chosen because bandwidth is scarce and it optimizes for
	// the smallest possible storage proofs. Using a larger base, even 256
	// bytes, would result in substantially faster hashing, but the bandwidth
	// tradeoff was deemed to be more important, as blockchain space is scarce.
	SegmentSize = 64
)

Variables

View Source
var (
	// TypeDefaultRenter is the default CipherType that is used for
	// encrypting pieces of uploaded data.
	TypeDefaultRenter = TypeThreefish
	// TypeDefaultWallet is the default CipherType that is used for
	// wallet operations like encrypting the wallet files.
	TypeDefaultWallet = TypeTwofish

	// TypeInvalid represents an invalid type which cannot be used for any
	// meaningful purpose.
	TypeInvalid = CipherType{0, 0, 0, 0, 0, 0, 0, 0}
	// TypePlain means no encryption is used.
	TypePlain = CipherType{0, 0, 0, 0, 0, 0, 0, 1}
	// TypeTwofish is the type for the Twofish-GCM encryption.
	TypeTwofish = CipherType{0, 0, 0, 0, 0, 0, 0, 2}
	// TypeThreefish is the type for the Threefish encryption.
	TypeThreefish = CipherType{0, 0, 0, 0, 0, 0, 0, 3}
	// TypeXChaCha20 is the type for the XChaCha20 encryption.
	TypeXChaCha20 = CipherType{0, 0, 0, 0, 0, 0, 0, 4}
)
View Source
var (
	// ErrHashWrongLen is the error when encoded value has the wrong
	// length to be a hash.
	ErrHashWrongLen = errors.New("encoded value has the wrong length to be a hash")
)
View Source
var (
	// ErrInsufficientLen is an error when supplied ciphertext is not
	// long enough to contain a nonce.
	ErrInsufficientLen = errors.New("supplied ciphertext is not long enough to contain a nonce")
)
View Source
var (
	// ErrInvalidCipherType is returned upon encountering an unknown cipher
	// type.
	ErrInvalidCipherType = errors.New("provided cipher type is invalid")
)
View Source
var (
	// ErrInvalidSignature is returned if a signature is provided that does not
	// match the data and public key.
	ErrInvalidSignature = errors.New("invalid signature")
)

Functions

func CalculateLeaves added in v0.3.3

func CalculateLeaves(dataSize uint64) uint64

CalculateLeaves calculates the number of leaves that would be pushed from data of size 'dataSize'.

func ConvertHashesToByteSlices added in v1.6.0

func ConvertHashesToByteSlices(h []Hash) [][]byte

ConvertHashesToByteSlices takes hash slice and convert to slice bytes slices

func DecryptWithNonce added in v1.4.0

func DecryptWithNonce(ciphertext []byte, aead cipher.AEAD) ([]byte, error)

DecryptWithNonce decrypts ciphertext with aead, using a prepended nonce.

func DeriveSharedSecret added in v1.4.0

func DeriveSharedSecret(xsk X25519SecretKey, xpk X25519PublicKey) (secret [32]byte)

DeriveSharedSecret derives 32 bytes of entropy from a secret key and public key. Derivation is via ScalarMult of the private and public keys, followed by a 256-bit unkeyed blake2b hash.

func EncryptWithNonce added in v1.4.0

func EncryptWithNonce(plaintext []byte, aead cipher.AEAD) []byte

EncryptWithNonce encrypts plaintext with aead and prepends a random nonce.

func GenerateKeyPair added in v1.0.0

func GenerateKeyPair() (sk SecretKey, pk PublicKey)

GenerateKeyPair creates a public-secret keypair that can be used to sign and verify messages.

func GenerateKeyPairDeterministic added in v1.0.0

func GenerateKeyPairDeterministic(entropy [EntropySize]byte) (sk SecretKey, pk PublicKey)

GenerateKeyPairDeterministic generates keys deterministically using the input entropy. The input entropy must be 32 bytes in length.

func GenerateX25519KeyPair added in v1.4.0

func GenerateX25519KeyPair() (xsk X25519SecretKey, xpk X25519PublicKey)

GenerateX25519KeyPair generates an ephemeral key pair for use in ECDH.

func IsValidCipherType added in v1.4.0

func IsValidCipherType(ct CipherType) bool

IsValidCipherType returns true if ct is a known CipherType and false otherwise.

func NewHash added in v0.3.0

func NewHash() hash.Hash

NewHash returns a blake2b 256bit hasher.

func ReadSignedObject added in v1.0.0

func ReadSignedObject(r io.Reader, obj interface{}, maxLen uint64, pk PublicKey) error

ReadSignedObject reads a length-prefixed object prefixed by its signature, and verifies the signature.

func SecureWipe added in v1.0.0

func SecureWipe(data []byte)

SecureWipe destroys the data contained within a byte slice. There are no strong guarantees that all copies of the memory have been eliminated. If the OS was doing context switching or using swap space the keys may still be elsewhere in memory.

func VerifyDiffProof added in v1.4.0

func VerifyDiffProof(ranges []ProofRange, numLeaves uint64, proofHashes, leafHashes []Hash, root Hash) bool

VerifyDiffProof verifies a proof produced by MerkleDiffProof.

func VerifyHash added in v0.3.0

func VerifyHash(data Hash, pk PublicKey, sig Signature) error

VerifyHash uses a public key and input data to verify a signature.

func VerifyMixedRangeProof added in v1.5.0

func VerifyMixedRangeProof(segmentData []byte, proof []Hash, root Hash, start, end int) bool

VerifyMixedRangeProof verifies a mixed proof given the node hashes, downloaded segments, the proof, contract root, number of segments in the contract, sectorSize, a start and an end for the downloaded range.

func VerifyRangeProof added in v1.4.0

func VerifyRangeProof(segments []byte, proof []Hash, start, end int, root Hash) bool

VerifyRangeProof verifies a proof produced by MerkleRangeProof.

VerifyRangeProof for a single segment is NOT equivalent to VerifySegment.

func VerifyRangeProofFromReader added in v1.9.3

func VerifyRangeProofFromReader(segmentsReader io.Reader, proof []Hash, start, end int, root Hash) bool

VerifyRangeProofFromReader verifies a proof produced by MerkleRangeProof.

VerifyRangeProofFromReader for a single segment is NOT equivalent to VerifySegment.

func VerifySectorRangeProof added in v1.4.0

func VerifySectorRangeProof(roots []Hash, proof []Hash, start, end int, root Hash) bool

VerifySectorRangeProof verifies a proof produced by MerkleSectorRangeProof.

func VerifySegment added in v0.3.0

func VerifySegment(base []byte, hashSet []Hash, numSegments, proofIndex uint64, root Hash) bool

VerifySegment will verify that a segment, given the proof, is a part of a Merkle root.

VerifySegment is NOT equivalent to VerifyRangeProof for a single segment.

func WriteSignedObject added in v1.0.0

func WriteSignedObject(w io.Writer, obj interface{}, sk SecretKey) error

WriteSignedObject writes a length-prefixed object prefixed by its signature.

Types

type CachedMerkleTree added in v1.0.0

type CachedMerkleTree struct {
	merkletree.CachedTree
}

CachedMerkleTree wraps merkletree.CachedTree, changing some of the function definitions to assume sia-specific constants and return sia-specific types.

func NewCachedTree added in v1.0.0

func NewCachedTree(height uint64) *CachedMerkleTree

NewCachedTree returns a CachedMerkleTree, which can be used for getting Merkle roots and proofs from data that has cached subroots. See merkletree.CachedTree for more details.

func (*CachedMerkleTree) Clone added in v1.6.0

func (ct *CachedMerkleTree) Clone() *CachedMerkleTree

Clone creates copy of cached merkle tree.

func (*CachedMerkleTree) Prove added in v1.0.0

func (ct *CachedMerkleTree) Prove(base []byte, cachedHashSet []Hash) []Hash

Prove is a redefinition of merkletree.CachedTree.Prove, so that ScPrime-specific types are used instead of the generic types used by the parent package. The base is not a return value because the base is used as input.

func (*CachedMerkleTree) Push added in v1.0.0

func (ct *CachedMerkleTree) Push(h Hash)

Push is shorthand for PushSubTree(0, h).

func (*CachedMerkleTree) PushSubTree added in v1.3.3

func (ct *CachedMerkleTree) PushSubTree(height int, h Hash) error

PushSubTree is a redefinition of merkletree.CachedTree.PushSubTree, with the added type safety of only accepting a hash.

func (*CachedMerkleTree) Root added in v1.0.0

func (ct *CachedMerkleTree) Root() (h Hash)

Root is a redefinition of merkletree.CachedTree.Root, returning a Hash instead of a []byte.

type CipherKey added in v1.4.0

type CipherKey interface {
	// Key returns the underlying key.
	Key() []byte

	// Type returns the type of the key.
	Type() CipherType

	// EncryptBytes encrypts the given plaintext and returns the
	// ciphertext.
	EncryptBytes([]byte) Ciphertext

	// DecryptBytes decrypts the given ciphertext and returns the
	// plaintext.
	DecryptBytes(Ciphertext) ([]byte, error)

	// DecryptBytesInPlace decrypts the given ciphertext and returns the
	// plaintext. It will reuse the memory of the ciphertext which means
	// that it's not safe to use it after calling DecryptBytesInPlace. The
	// uint64 is the blockIndex at which the ciphertext is supposed to
	// start. e.g. if the ciphertext starts at offset 64 and Threefish is
	// used which has a BlockSize of 64 bytes, then the index would be 1.
	DecryptBytesInPlace(Ciphertext, uint64) ([]byte, error)

	// Derive derives a child cipherkey given a provided chunk index and
	// piece index.
	Derive(chunkIndex, pieceIndex uint64) CipherKey
}

CipherKey is a key with ScPrime specific encryption/decryption methods.

func GenerateSiaKey added in v1.4.0

func GenerateSiaKey(ct CipherType) CipherKey

GenerateSiaKey creates a new SiaKey from the provided type and entropy.

func NewSiaKey added in v1.4.0

func NewSiaKey(ct CipherType, entropy []byte) (CipherKey, error)

NewSiaKey creates a new SiaKey from the provided type and entropy.

func NewWalletKey added in v1.4.0

func NewWalletKey(entropy Hash) CipherKey

NewWalletKey is a helper method which is meant to be used only if the type and entropy are guaranteed to be valid. In the wallet this is always the case since we always use hashes as the entropy and we don't read the key from file.

type CipherType added in v1.4.0

type CipherType [8]byte

CipherType is an identifier for the individual ciphers provided by this package.

func RandomCipherType added in v1.4.0

func RandomCipherType() CipherType

RandomCipherType is a helper function for testing. It's located in the crypto package to centralize all the types within one file to make future changes to them easy.

func (*CipherType) FromString added in v1.4.0

func (ct *CipherType) FromString(s string) error

FromString reads a CipherType from a string.

func (CipherType) Overhead added in v1.4.0

func (ct CipherType) Overhead() uint64

Overhead reports the overhead produced by a CipherType in bytes.

func (CipherType) String added in v1.4.0

func (ct CipherType) String() string

String creates a string representation of a CipherType that can be converted into a type with FromString.

type Ciphertext added in v0.3.1

type Ciphertext []byte

Ciphertext is an encrypted []byte.

type Hash added in v0.3.0

type Hash [HashSize]byte

Hash is a BLAKE2b 256-bit digest.

func ConvertBytesToHash added in v1.6.0

func ConvertBytesToHash(b []byte) Hash

ConvertBytesToHash return Hash type from slice byte

func ConvertBytesToHashes added in v1.6.0

func ConvertBytesToHashes(b [][]byte) []Hash

ConvertBytesToHashes return []Hash type from slices of bytes.

func HashAll added in v0.3.0

func HashAll(objs ...interface{}) (hash Hash)

HashAll takes a set of objects as input, encodes them all using the encoding package, and then hashes the result.

func HashBytes added in v0.3.0

func HashBytes(data []byte) Hash

HashBytes takes a byte slice and returns the result.

func HashBytesBlake256r14 added in v1.9.0

func HashBytesBlake256r14(input []byte) (hash Hash)

HashBytesBlake256r14 takes bytes as input and hashes them using BLAKE256r14 algorithm.

func HashBytesBlake256r14Rev added in v1.9.0

func HashBytesBlake256r14Rev(input []byte) (hash Hash)

HashBytesBlake256r14Rev calls HashBytesBlake256r14 and reverses the result.

func HashObject added in v0.3.0

func HashObject(obj interface{}) (hash Hash)

HashObject takes an object as input, encodes it using the encoding package, and then hashes the result.

func MerkleDiffProof added in v1.4.0

func MerkleDiffProof(ranges []ProofRange, numLeaves uint64, updatedSectors [][]byte, sectorRoots []Hash) []Hash

MerkleDiffProof builds a Merkle proof for multiple segment ranges.

func MerkleMixedRangeProof added in v1.5.0

func MerkleMixedRangeProof(sectorRoots []Hash, segmentData []byte, sectorSize int, start, end int) []Hash

MerkleMixedRangeProof creates a merkle range proof using both sector hashes and segments.

func MerkleProof added in v1.0.0

func MerkleProof(b []byte, proofIndex uint64) (base []byte, hashSet []Hash)

MerkleProof builds a Merkle proof that the data at segment 'proofIndex' is a part of the Merkle root formed by 'b'.

MerkleProof is NOT equivalent to MerkleRangeProof for a single segment.

func MerkleRangeProof added in v1.4.0

func MerkleRangeProof(b []byte, start, end int) []Hash

MerkleRangeProof builds a Merkle proof for the segment range [start,end).

MerkleRangeProof for a single segment is NOT equivalent to MerkleProof.

func MerkleRoot added in v0.3.0

func MerkleRoot(b []byte) Hash

MerkleRoot returns the Merkle root of the input data.

func MerkleSectorRangeProof added in v1.4.0

func MerkleSectorRangeProof(roots []Hash, start, end int) []Hash

MerkleSectorRangeProof builds a Merkle proof for the sector range [start,end).

func (Hash) Bytes added in v1.6.0

func (h Hash) Bytes() []byte

Bytes convert Hash type to slice bytes

func (*Hash) LoadString added in v1.0.1

func (h *Hash) LoadString(s string) error

LoadString takes a string, parses the hash value of the string, and sets the value of the hash equal to the hash value of the string.

func (Hash) MarshalJSON added in v1.0.0

func (h Hash) MarshalJSON() ([]byte, error)

MarshalJSON marshals a hash as a hex string.

func (Hash) MarshalText added in v1.6.2

func (h Hash) MarshalText() ([]byte, error)

MarshalText returns the hex string of the hash.

func (Hash) String added in v1.0.0

func (h Hash) String() string

String prints the hash in hex.

func (*Hash) UnmarshalJSON added in v1.0.0

func (h *Hash) UnmarshalJSON(b []byte) error

UnmarshalJSON decodes the json hex string of the hash.

func (*Hash) UnmarshalText added in v1.6.2

func (h *Hash) UnmarshalText(text []byte) error

UnmarshalText decodes the hex string of the hash.

type HashSlice added in v0.3.0

type HashSlice []Hash

HashSlice is used for sorting

func (HashSlice) Len added in v0.3.0

func (hs HashSlice) Len() int

These functions implement sort.Interface, allowing hashes to be sorted.

func (HashSlice) Less added in v0.3.0

func (hs HashSlice) Less(i, j int) bool

func (HashSlice) Swap added in v0.3.0

func (hs HashSlice) Swap(i, j int)

type MerkleTree added in v1.0.0

type MerkleTree struct {
	merkletree.Tree
}

MerkleTree wraps merkletree.Tree, changing some of the function definitions to assume sia-specific constants and return sia-specific types.

func NewTree added in v0.3.0

func NewTree() *MerkleTree

NewTree returns a MerkleTree, which can be used for getting Merkle roots and Merkle proofs on data. See merkletree.Tree for more details.

func (*MerkleTree) Clone added in v1.6.0

func (t *MerkleTree) Clone() *MerkleTree

Clone is a redefenition of merkletree.Tree.Clone, returning a clone of the merkle tree.

func (*MerkleTree) PushObject added in v1.0.0

func (t *MerkleTree) PushObject(obj interface{})

PushObject encodes and adds the hash of the encoded object to the tree as a leaf.

func (*MerkleTree) Root added in v1.0.0

func (t *MerkleTree) Root() (h Hash)

Root is a redefinition of merkletree.Tree.Root, returning a Hash instead of a []byte.

type ProofRange added in v1.4.0

type ProofRange = merkletree.LeafRange

A ProofRange is a contiguous range of segments or sectors.

type PublicKey

type PublicKey [PublicKeySize]byte

PublicKey is an object that can be used to verify signatures.

type SecretKey

type SecretKey [SecretKeySize]byte

SecretKey can be used to sign data for the corresponding public key.

func (SecretKey) PublicKey added in v1.0.0

func (sk SecretKey) PublicKey() (pk PublicKey)

PublicKey returns the public key that corresponds to a secret key.

type Signature

type Signature [SignatureSize]byte

Signature proves that data was signed by the owner of a particular public key's corresponding secret key.

func SignHash added in v0.3.0

func SignHash(data Hash, sk SecretKey) (sig Signature)

SignHash signs a message using a secret key.

type TwofishKey added in v0.3.0

type TwofishKey [EntropySize]byte

TwofishKey is a key used for encrypting and decrypting data.

func (TwofishKey) DecryptBytes added in v0.3.0

func (key TwofishKey) DecryptBytes(ct Ciphertext) ([]byte, error)

DecryptBytes decrypts a ciphertext created by EncryptPiece. The nonce is expected to be the first 12 bytes of the ciphertext.

func (TwofishKey) DecryptBytesInPlace added in v1.3.4

func (key TwofishKey) DecryptBytesInPlace(ct Ciphertext, blockIndex uint64) ([]byte, error)

DecryptBytesInPlace decrypts the ciphertext created by EncryptBytes. The nonce is expected to be the first 12 bytes of the ciphertext. DecryptBytesInPlace reuses the memory of ct to be able to operate in-place. This means that ct can't be reused after calling DecryptBytesInPlace.

func (TwofishKey) Derive added in v1.4.0

func (key TwofishKey) Derive(chunkIndex, pieceIndex uint64) CipherKey

Derive derives a child key for a given combination of chunk and piece index.

func (TwofishKey) EncryptBytes added in v0.3.0

func (key TwofishKey) EncryptBytes(piece []byte) Ciphertext

EncryptBytes encrypts arbitrary data using the TwofishKey, prepending a 12 byte nonce to the ciphertext in the process. GCM and prepends the nonce (12 bytes) to the ciphertext.

func (TwofishKey) Key added in v1.4.0

func (key TwofishKey) Key() []byte

Key returns the twofish key.

func (TwofishKey) Type added in v1.4.0

func (TwofishKey) Type() CipherType

Type returns the type of the twofish key.

type X25519PublicKey added in v1.4.0

type X25519PublicKey [32]byte

An X25519PublicKey is the public half of an X25519 key pair.

type X25519SecretKey added in v1.4.0

type X25519SecretKey [32]byte

An X25519SecretKey is the secret half of an X25519 key pair.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL