crypto

package
v0.1.20 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 19, 2023 License: Unlicense Imports: 14 Imported by: 0

Documentation

Overview

Package crypto contains all the cryptographic primitives used in Indra.

There is the standard public/private keys, signature and validation functions, cloaked public keys used in message and packets.

A set of implementations of these primitives based on the above are present for implementing interfaces to use them with libp2p.

A set of helper functions for frequently used operations involving multiple items or derivations are here also.

Index

Constants

View Source 
const (
	// BlindLen is the length of the blinding factor in bytes for a Cloak.
	BlindLen = 3

	// HashLen is the length from the hash of the key with the Blinder appended to
	// the Cloak.
	HashLen = 5

	// CloakLen is the sum of the Blinder truncated hash from blinder and public key.
	CloakLen = BlindLen + HashLen

	// PrvKeyLen is the length of a private key, inherited from secp256k1.
	PrvKeyLen = secp256k1.PrivKeyBytesLen

	// PubKeyLen is the length of the serialized key. It is an ECDSA compressed
	// key, 33 bytes with a 2 or 3 prefix to signify the sign of the key.
	PubKeyLen = secp256k1.PubKeyBytesLenCompressed

	// SigLen is the length of a standard secp256k1 schnorr signature
	SigLen = 64
)

Variables

This section is empty.

Functions

func ComputeSharedSecret 

func ComputeSharedSecret(prv *Prv, pub *Pub) sha256.Hash

ComputeSharedSecret computes an Elliptic Curve Diffie-Hellman shared secret that can be decrypted by the holder of the private key matching the public key provided, and the public key is provided as part of the message.

func GenNonces 

func GenNonces(count int) (n []nonce.IV)

GenNonces generates an arbitrary number of Initialization Vector bytes.

func GenPingNonces 

func GenPingNonces() (n [6]nonce.IV)

GenPingNonces generates 6 Initialization Vector bytes.

func GenerateTestKeyPair 

func GenerateTestKeyPair() (sp *Prv, sP *Pub, e error)

GenerateTestKeyPair generates a key pair.

func GenerateTestKeyPairs 

func GenerateTestKeyPairs() (sp, rp *Prv, sP, rP *Pub, e error)

GenerateTestKeyPairs generates two public/private key pairs.

func GetCipherSet 

func GetCipherSet() (prvs Privs, pubs Pubs)

GetCipherSet generates a set of Privs and Pubs.

func Match 

func Match(r CloakedPubKey, k PubBytes) bool

Match uses the cached public key and the provided blinding factor to match the source public key so the packet address field is only recognisable to the intended recipient.

func NewSigner 

func NewSigner() (first *Prv, ks *KeySet, e error)

NewSigner creates a new KeySet which enables (relatively) fast generation of new private keys for use with ECDH encryption by using scalar addition.

Types

type Blinder 

type Blinder [BlindLen]byte

Blinder is the bytes concatenated after a key to generate the Cloak hash.

type Ciphers 

type Ciphers [3]sha256.Hash

Ciphers is a collection of 3 encyrption keys used progressively for a reply message payload.

func GenCiphers 

func GenCiphers(prvs Privs, pubs Pubs) (ciphers Ciphers)

GenCiphers generates a set of 3 Ciphers using Privs and Pubs.

type CloakedPubKey 

type CloakedPubKey [CloakLen]byte

CloakedPubKey is the blinded hash of a public key used to conceal a message public key from attackers.

func Cloak 

func Cloak(b Blinder, key PubBytes) (c CloakedPubKey)

func GetCloak 

func GetCloak(s *Pub) (c CloakedPubKey)

GetCloak returns a value which a receiver with the private key can identify the association of a message with the peer in order to retrieve the private key to generate the message cipher.

The three byte blinding factor concatenated in front of the public key generates the 5 bytes at the end of the CloakedPubKey code. In this way the source public key it relates to is hidden to any who don't have this public key, which only the parties know.

type Hash 

type Hash [HashLen]byte

Hash is the truncated SHA256 hash of the Blinder with a PubBytes.

type KeySet 

type KeySet struct {
	Mutex           sync.Mutex
	Base, Increment *Prv
}

KeySet is a fast private key generator that uses two random base private keys and combines one with the other repeatedly to generate a new, valid private key, using scalar multiplication.

func (*KeySet) Next 

func (ks *KeySet) Next() (n *Prv)

Next adds Increment to Base, assigns the new private key to the Base and returns the new private key.

func (*KeySet) Next2 

func (ks *KeySet) Next2() (n [2]*Prv)

Next2 returns two private keys from the KeySet.

func (*KeySet) Next3 

func (ks *KeySet) Next3() (n [3]*Prv)

Next3 returns three private keys from the KeySet.

type Keys 

type Keys struct {
	Pub   *Pub
	Bytes PubBytes
	Prv   *Prv
}

Keys is a structure for a pre-formed public/private key set with the public key bytes ready for fast comparisons.

func Generate2Keys 

func Generate2Keys() (one, two *Keys, e error)

Generate2Keys generates two Keys.

func GenerateKeys 

func GenerateKeys() (k *Keys, e error)

GenerateKeys generates one set of Keys.

func MakeKeys 

func MakeKeys(pr *Prv) *Keys

MakeKeys uses a private key to generate a Keys.

type Nonces 

type Nonces [3]nonce.IV

Nonces is the collection of 3 encryption nonces associated with the Ciphers.

func Gen3Nonces 

func Gen3Nonces() (n Nonces)

Gen3Nonces generates 3 Initialization Vectors.

type Privs 

type Privs [3]*Prv

Privs is a collection of 3 private keys used for generating reply headers.

type Prv 

type Prv secp256k1.PrivateKey

Prv is a secp256k1 private key.

func GeneratePrvKey 

func GeneratePrvKey() (prv *Prv, e error)

GeneratePrvKey generates a secp256k1 private key.

func GetTwoPrvKeys 

func GetTwoPrvKeys() (prv1, prv2 *Prv)

GetTwoPrvKeys is a helper for tests to generate two new private keys.

func PrvFromBased32 

func PrvFromBased32(s string) (k *Prv, e error)

PrvFromBased32 decodes a Based32 encoded private key.

func PrvKeyFromBytes 

func PrvKeyFromBytes(b []byte) *Prv

PrvKeyFromBytes converts a byte slice into a private key.

func (*Prv) Equals 

func (p *Prv) Equals(key crypto.Key) (eq bool)

Equals is an implementation of the libp2p crypto.Key interface, allowing the Indra keys to be used by libp2p as peer identity keys.

func (*Prv) GetPublic 

func (p *Prv) GetPublic() crypto.PubKey

GetPublic derives the public key matching a private key, an implementation of the libp2p crypto.PrivKey interface, allowing the Indra keys to be used by libp2p as peer identity keys.

func (*Prv) Raw 

func (p *Prv) Raw() ([]byte, error)

Raw is an implementation of the libp2p crypto.Key interface, allowing the Indra keys to be used by libp2p as peer identity keys.

func (*Prv) Sign 

func (p *Prv) Sign(bytes []byte) (b []byte, e error)

Sign is an implementation of the libp2p crypto.PrivKey interface, allowing the Indra keys to be used by libp2p as peer identity keys.

func (*Prv) ToBased32 

func (p *Prv) ToBased32() (s string)

ToBased32 returns the Based32 encoded string of the private key.

func (*Prv) ToBytes 

func (p *Prv) ToBytes() (b PrvBytes)

ToBytes returns the Bytes serialized form.

func (*Prv) Type 

func (p *Prv) Type() crypto_pb.KeyType

Type is an implementation of the libp2p crypto.Key interface, allowing the Indra keys to be used by libp2p as peer identity keys.

func (*Prv) Zero 

func (p *Prv) Zero()

Zero out a private key to prevent key scraping from memory.

type PrvBytes 

type PrvBytes [PrvKeyLen]byte

PrvBytes is the binary encoded form of a secp256k1 private key.

func (PrvBytes) Zero 

func (pb PrvBytes) Zero()

Zero zeroes out a private key in serial form.

type Pub 

type Pub secp256k1.PublicKey

Pub is a public key.

func DerivePub 

func DerivePub(prv *Prv) *Pub

DerivePub generates a public key from the prv.Pub.

func PubFromBased32 

func PubFromBased32(s string) (k *Pub, e error)

PubFromBased32 decodes a Based32 encoded form of the Pub.

func PubFromBytes 

func PubFromBytes(b []byte) (pub *Pub, e error)

PubFromBytes converts a byte slice into a public key, if it is valid and on the secp256k1 elliptic curve.

func (*Pub) Equals 

func (k *Pub) Equals(key crypto.Key) (eq bool)

Equals compares two public keys and returns true if they match.

func (*Pub) Raw 

func (k *Pub) Raw() ([]byte, error)

Raw is an implementation of the libp2p crypto.Key interface, allowing the Indra keys to be used by libp2p as peer identity keys.

func (*Pub) String 

func (k *Pub) String() (s string)

String returns a Based32 encoded string of the public key.

func (*Pub) ToBased32 

func (k *Pub) ToBased32() (s string)

ToBased32 returns the Based32 formatted form of the public key.

func (*Pub) ToBased32Abbreviated 

func (k *Pub) ToBased32Abbreviated() (s string)

ToBased32Abbreviated returns a concatenated form with the middle replaced with an ellipsis.

func (*Pub) ToBytes 

func (k *Pub) ToBytes() (p PubBytes)

ToBytes returns the compressed 33 byte form of the pubkey as used in wire and storage forms.

func (*Pub) ToHex 

func (k *Pub) ToHex() (s string, e error)

ToHex returns the hex encoding of a Pub.

func (*Pub) ToPublicKey 

func (k *Pub) ToPublicKey() *secp256k1.PublicKey

ToPublicKey unwraps the secp256k1.PublicKey inside the Pub.

func (*Pub) Type 

func (k *Pub) Type() crypto_pb.KeyType

Type is an implementation of the libp2p crypto.Key interface, allowing the Indra keys to be used by libp2p as peer identity keys.

func (*Pub) Verify 

func (k *Pub) Verify(data []byte, sigBytes []byte) (is bool,
	e error)

Verify is an implementation of the libp2p crypto.PkbKey interface, allowing the Indra keys to be used by libp2p as peer identity keys.

The output of Sign above and the bytes of the message are the required inputs.

type PubBytes 

type PubBytes [PubKeyLen]byte

PubBytes is the serialised form of a secp256k1 public key.

func (PubBytes) Equals 

func (pb PubBytes) Equals(qb PubBytes) bool

Equals checks if two binary encoded public keys are equal.

func (PubBytes) String 

func (pb PubBytes) String() (s string)

String returns the based32 form of a public key's compact encoded bytes.

func (PubBytes) ToBased32 

func (pb PubBytes) ToBased32() (s string)

ToBased32 returns the based32 form of a public key's compact encoded bytes.

type Pubs 

type Pubs [3]*Pub

Pubs is a collection of 3 public keys used for generating reply headers.

type SigBytes 

type SigBytes [SigLen]byte

SigBytes is an ECDSA BIP62 formatted compact signature which allows the recovery of the public key from the signature.

func SigFromBased32 

func SigFromBased32(s string) (sig SigBytes, e error)

SigFromBased32 decodes a SigBytes encoded in Based32.

func Sign 

func Sign(prv *Prv, hash sha256.Hash) (sig SigBytes, e error)

Sign produces an ECDSA BIP62 compact signature.

func (SigBytes) MatchesPubkey added in v0.1.20 

func (sb SigBytes) MatchesPubkey(bytes []byte, pk *Pub) (match bool)

func (SigBytes) Recover 

func (sb SigBytes) Recover(hash sha256.Hash) (p *Pub, e error)

Recover the public key corresponding to the signing private key used to create a signature on the hash of a message.

func (SigBytes) String 

func (sb SigBytes) String() string

String returns the Based32 encoded form of a signature.

Source Files

View all Source files

Directories

Path Synopsis
Package ciph manages encryption ciphers and encrypting blobs of data.
 Package ciph manages encryption ciphers and encrypting blobs of data.
Package nonce provides a simple interface for generating standard AES encryption nonces that give strong cryptographic entropy to message encryption, as well as 8 byte (64 bit) random private identifiers for references between types.
 Package nonce provides a simple interface for generating standard AES encryption nonces that give strong cryptographic entropy to message encryption, as well as 8 byte (64 bit) random private identifiers for references between types.
Package sha256 provides a simple interface for single and double SHA256 hashes, used with secp256k1 signatures, message digest checksums, cloaked public key "addresses" and so on.
 Package sha256 provides a simple interface for single and double SHA256 hashes, used with secp256k1 signatures, message digest checksums, cloaked public key "addresses" and so on.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.