hpke

package

v2.1.4 Latest Latest Go to latest Published: Dec 14, 2023 License: Apache-2.0 Imports: 18 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/zntrio/harp

Links

Open Source Insights

Documentation ¶

Overview ¶

Package hpke provides RFC9180 hybrid public key encryption features.

Index ¶

type AEAD
type Exporter
type KDF
type KEM
- func (k KEM) IsValid() bool
- func (k KEM) Scheme() kem.Scheme
type Opener
type Receiver
type Sealer
type Sender
type Suite
- func New(kemID KEM, kdfID KDF, aeadID AEAD) *Suite

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AEAD ¶

type AEAD uint16

const (
	// AEAD_AES128GCM is AES-128 block cipher in Galois Counter Mode (GCM).
	AEAD_AES128GCM AEAD = 0x01
	// AEAD_AES256GCM is AES-256 block cipher in Galois Counter Mode (GCM).
	AEAD_AES256GCM AEAD = 0x02
	// AEAD_ChaCha20Poly1305 is ChaCha20 stream cipher and Poly1305 MAC.
	AEAD_ChaCha20Poly1305 AEAD = 0x03
	// AEAD_EXPORT_ONLY is reserved for applications that only use the Exporter
	// interface.
	AEAD_EXPORT_ONLY AEAD = 0xFFFF
)

func (AEAD) IsValid ¶

func (a AEAD) IsValid() bool

func (AEAD) KeySize ¶

func (a AEAD) KeySize() uint16

func (AEAD) New ¶

func (a AEAD) New(key []byte) (cipher.AEAD, error)

func (AEAD) NonceSize ¶

func (a AEAD) NonceSize() uint16

type Exporter ¶

type Exporter interface {
	Export(exporterContext []byte, length uint16) ([]byte, error)
}

Exporter describes key derivation operation.

type KDF ¶

type KDF uint16

const (
	// KDF_HKDF_SHA256 is a KDF using HKDF with SHA-256.
	KDF_HKDF_SHA256 KDF = 0x01
	// KDF_HKDF_SHA384 is a KDF using HKDF with SHA-384.
	KDF_HKDF_SHA384 KDF = 0x02
	// KDF_HKDF_SHA512 is a KDF using HKDF with SHA-512.
	KDF_HKDF_SHA512 KDF = 0x03
)

func (KDF) Expand ¶

func (k KDF) Expand(prk, labeledInfo []byte, outputLen uint16) ([]byte, error)

func (KDF) Extract ¶

func (k KDF) Extract(secret, salt []byte) []byte

func (KDF) ExtractSize ¶

func (k KDF) ExtractSize() uint16

func (KDF) IsValid ¶

func (k KDF) IsValid() bool

type KEM ¶

type KEM uint16

const (
	// KEM_P256_HKDF_SHA256 is a KEM using P-256 curve and HKDF with SHA-256.
	KEM_P256_HKDF_SHA256 KEM = 0x10
	// KEM_P384_HKDF_SHA384 is a KEM using P-384 curve and HKDF with SHA-384.
	KEM_P384_HKDF_SHA384 KEM = 0x11
	// KEM_P521_HKDF_SHA512 is a KEM using P-521 curve and HKDF with SHA-512.
	KEM_P521_HKDF_SHA512 KEM = 0x12
	// KEM_X25519_HKDF_SHA256 is a KEM using X25519 Diffie-Hellman function
	// and HKDF with SHA-256.
	KEM_X25519_HKDF_SHA256 KEM = 0x20
)

func (KEM) IsValid ¶

func (k KEM) IsValid() bool

func (KEM) Scheme ¶

func (k KEM) Scheme() kem.Scheme

type Opener ¶

type Opener interface {
	Exporter

	// Open tries to authenticate and decrypt a ciphertext with associated
	// additional data. The nonce is handled internally.
	Open(ct, aad []byte) (pt []byte, err error)
}

Opener decrypts a ciphertext using an AEAD encryption.

type Receiver ¶

type Receiver interface {
	SetupBase(enc []byte) (Opener, error)
	SetupPSK(enc []byte, psk, pskID []byte) (Opener, error)
	SetupAuth(enc []byte, pkS *ecdh.PublicKey) (Opener, error)
	SetupAuthPSK(enc []byte, psk, pskID []byte, pkS *ecdh.PublicKey) (Opener, error)
}

Receiver describes message receiver contract.

type Sealer ¶

type Sealer interface {
	Exporter

	// Seal encrypts a given plaintext a plaintext with associated data.
	// The nonce is managed internally.
	Seal(pt, aad []byte) (ct []byte, err error)
}

Sealer encrypts a plaintext using an AEAD encryption.

type Sender ¶

type Sender interface {
	SetupBase() ([]byte, Sealer, error)
	SetupPSK(psk, pskID []byte) ([]byte, Sealer, error)
	SetupAuth(skS *ecdh.PrivateKey) ([]byte, Sealer, error)
	SetupAuthPSK(psk, pskID []byte, skS *ecdh.PrivateKey) ([]byte, Sealer, error)
}

Sender describes message sender contract.

type Suite ¶

type Suite struct {
	// contains filtered or unexported fields
}

Suite represents HPKE suite parameters.

func New ¶

func New(kemID KEM, kdfID KDF, aeadID AEAD) *Suite

New initializes a new HPKE suite.

func (Suite) IsValid ¶

func (s Suite) IsValid() bool

IsValid checks if the suite is initialized with valid values.

func (Suite) Params ¶

func (s Suite) Params() (KEM, KDF, AEAD)

Params returns suite parameters.

func (Suite) Receiver ¶

func (s Suite) Receiver(skR *ecdh.PrivateKey, info []byte) Receiver

Receiver returns a message receiver context builder.

func (Suite) Sender ¶

func (s Suite) Sender(pkR *ecdh.PublicKey, info []byte) Sender

Sender returns a message sender context builder.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL