secrethandshake

package

v1.2.10 Latest Latest Go to latest Published: Oct 13, 2021 License: MIT Imports: 12 Imported by: 1

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/cryptoscope/secretstream

Links

Open Source Insights

Documentation ¶

Overview ¶

Package secrethandshake is a Go implementation of Dominic Tarr's secret-handshake: https://github.com/auditdrivencrypto/secret-handshake

Two instances of go-shs can secretly shake hands over a connection.

The implementation is compatible with the JS implementation. Run `npm ci && go test -tags interop_nodejs`.

Index ¶

Constants
Variables
func Client(state *State, conn io.ReadWriter) (err error)
func Server(state *State, conn io.ReadWriter) (err error)
type CurveKeyPair
type EdKeyPair
- func GenEdKeyPair(r io.Reader) (*EdKeyPair, error)
- func NewKeyPair(public, secret []byte) (*EdKeyPair, error)
type ErrEncoding
- func (e ErrEncoding) Error() string
- func (e ErrEncoding) Unwrap() error
type ErrKeySize
- func (eks ErrKeySize) Error() string
type ErrProcessing
- func (e ErrProcessing) Error() string
- func (e ErrProcessing) Unwrap() error
type ErrProtocol
- func (e ErrProtocol) Error() string
type State
- func NewClientState(appKey []byte, local EdKeyPair, remotePublic ed25519.PublicKey) (*State, error)
- func NewServerState(appKey []byte, local EdKeyPair) (*State, error)

Constants ¶

View Source

const ChallengeLength = 64

ChallengeLength is the length of a challenge message in bytes

View Source

const ClientAuthLength = 16 + 32 + 64

ClientAuthLength is the length of a clientAuth message in bytes

View Source

const MACLength = 16

MACLength is the length of a MAC in bytes

View Source

const ServerAuthLength = 16 + 64

ServerAuthLength is the length of a serverAuth message in bytes

Variables ¶

View Source

var ErrInvalidKeyPair = fmt.Errorf("secrethandshake/NewKeyPair: invalid public key")

Functions ¶

func Client ¶

func Client(state *State, conn io.ReadWriter) (err error)

Client shakes hands using the cryptographic identity specified in s using conn in the client role

func Server ¶

func Server(state *State, conn io.ReadWriter) (err error)

Server shakes hands using the cryptographic identity specified in s using conn in the server role

Types ¶

type CurveKeyPair ¶

type CurveKeyPair struct {
	Public [32]byte
	Secret [32]byte
}

CurveKeyPair is a keypair for use with github.com/agl/ed25519

type EdKeyPair ¶

type EdKeyPair struct {
	Public ed25519.PublicKey
	Secret ed25519.PrivateKey
}

EdKeyPair is a keypair for use with github.com/agl/ed25519

func GenEdKeyPair ¶

func GenEdKeyPair(r io.Reader) (*EdKeyPair, error)

GenEdKeyPair generates a ed25519 keyPair using the passed reader if r == nil it uses crypto/rand.Reader

func NewKeyPair ¶ added in v1.2.0

func NewKeyPair(public, secret []byte) (*EdKeyPair, error)

type ErrEncoding ¶ added in v1.2.2

type ErrEncoding struct {
	// contains filtered or unexported fields
}

func (ErrEncoding) Error ¶ added in v1.2.2

func (e ErrEncoding) Error() string

func (ErrEncoding) Unwrap ¶ added in v1.2.2

func (e ErrEncoding) Unwrap() error

Unwrap returns the cause

type ErrKeySize ¶ added in v1.2.2

type ErrKeySize struct {
	// contains filtered or unexported fields
}

func (ErrKeySize) Error ¶ added in v1.2.2

func (eks ErrKeySize) Error() string

type ErrProcessing ¶ added in v1.2.2

type ErrProcessing struct {
	// contains filtered or unexported fields
}

ErrProcessing is returned if I/O fails during the handshake TODO: supply Unwrap() for cause?

func (ErrProcessing) Error ¶ added in v1.2.2

func (e ErrProcessing) Error() string

func (ErrProcessing) Unwrap ¶ added in v1.2.2

func (e ErrProcessing) Unwrap() error

Unwrap returns the cause

type ErrProtocol ¶ added in v1.2.0

type ErrProtocol struct {
	// contains filtered or unexported fields
}

func (ErrProtocol) Error ¶ added in v1.2.0

func (e ErrProtocol) Error() string

type State ¶

type State struct {
	// contains filtered or unexported fields
}

State is the state each peer holds during the handshake

func NewClientState ¶

func NewClientState(appKey []byte, local EdKeyPair, remotePublic ed25519.PublicKey) (*State, error)

NewClientState initializes the state for the client side

func NewServerState ¶

func NewServerState(appKey []byte, local EdKeyPair) (*State, error)

NewServerState initializes the state for the server side

func (*State) GetBoxstreamDecKeys ¶

func (s *State) GetBoxstreamDecKeys() ([32]byte, [24]byte)

GetBoxstreamDecKeys returns the decryption key and nonce suitable for boxstream

func (*State) GetBoxstreamEncKeys ¶

func (s *State) GetBoxstreamEncKeys() ([32]byte, [24]byte)

GetBoxstreamEncKeys returns the encryption key and nonce suitable for boxstream

func (*State) Remote ¶

func (s *State) Remote() []byte

Remote returns the public key of the remote party

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
internal
extra25519 Package extra25519 implements the key conversion from ed25519 to curve25519.	Package extra25519 implements the key conversion from ed25519 to curve25519.
tests

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL