Documentation ¶
Index ¶
- func Argon2(time, memory uint32, threads uint8) suite.MHF
- func Ed25519Sha256HkdfHmac(mhf suite.MHF) suite.CipherSuite
- func Ed448Sha512HkdfHmac(mhf suite.MHF) suite.CipherSuite
- func P256Sha256HkdfHmac(mhf suite.MHF) suite.CipherSuite
- func P256Sha512HkdfHmac(mhf suite.MHF) suite.CipherSuite
- func P384Sha256HkdfHmac(mhf suite.MHF) suite.CipherSuite
- func P384Sha512HkdfHmac(mhf suite.MHF) suite.CipherSuite
- func P521Sha512HkdfHmac(mhf suite.MHF) suite.CipherSuite
- func Scrypt(N, r, p int) suite.MHF
- type Client
- type Confirmations
- type Lookup
- type MapLookup
- type Server
- type ServerMaterial
- type SharedSecret
- type UserInfo
- type Verifier
- type VerifierPair
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Ed25519Sha256HkdfHmac ¶
func Ed25519Sha256HkdfHmac(mhf suite.MHF) suite.CipherSuite
func Ed448Sha512HkdfHmac ¶
func Ed448Sha512HkdfHmac(mhf suite.MHF) suite.CipherSuite
func P256Sha256HkdfHmac ¶
func P256Sha256HkdfHmac(mhf suite.MHF) suite.CipherSuite
func P256Sha512HkdfHmac ¶
func P256Sha512HkdfHmac(mhf suite.MHF) suite.CipherSuite
func P384Sha256HkdfHmac ¶
func P384Sha256HkdfHmac(mhf suite.MHF) suite.CipherSuite
func P384Sha512HkdfHmac ¶
func P384Sha512HkdfHmac(mhf suite.MHF) suite.CipherSuite
func P521Sha512HkdfHmac ¶
func P521Sha512HkdfHmac(mhf suite.MHF) suite.CipherSuite
Types ¶
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
func NewClient ¶
func NewClient(s suite.CipherSuite, clientIdentity, serverIdentity, password, salt []byte) (*Client, error)
func (*Client) CompleteHandshake ¶
func (c *Client) CompleteHandshake(m *ServerMaterial) (*SharedSecret, error)
func (*Client) EphemeralPublic ¶
EphemeralPublic returns A. This will be sent to the server.
type Confirmations ¶
type Confirmations struct {
// contains filtered or unexported fields
}
Confirmations provides a easy interface for confirmation verification, for state load.
func NewConfirmations ¶
func NewConfirmations(confirmation, remoteConfirmation []byte, suite suite.CipherSuite) *Confirmations
NewConfirmations creates a Confirmations.
func (Confirmations) Bytes ¶
func (c Confirmations) Bytes() []byte
Bytes gets the confirmation message.
func (Confirmations) Verify ¶
func (c Confirmations) Verify(incomingConfirmation []byte) error
Verify verifies an incoming confirmation message.
type MapLookup ¶
in-memory DB user Lookup implementation to be used by the Server. This is the place where a valid user registration is stored (identity-verifier) User's info should be fetched from a non-volatile DB. This is here primarily for tests. Don't use
func NewMapLookup ¶
func NewMapLookup() *MapLookup
type Server ¶
type Server struct {
// contains filtered or unexported fields
}
func (*Server) Handshake ¶
func (s *Server) Handshake(identity, A []byte) (*ServerMaterial, *SharedSecret, error)
type ServerMaterial ¶
type ServerMaterial struct {
B []byte
}
ServerMaterial is what you send out to the client A so it can verify the confirmation against the given B and secret key known only to A. SPAKE2+ reference says that we can send it all in one go. This saves an extra round.
type SharedSecret ¶
type SharedSecret struct {
// contains filtered or unexported fields
}
func (SharedSecret) Bytes ¶
func (s SharedSecret) Bytes() []byte
func (*SharedSecret) Confirmation ¶
func (s *SharedSecret) Confirmation() []byte
send this to server once verification is complete
func (*SharedSecret) Verify ¶
func (s *SharedSecret) Verify(incomingConfirmation []byte) error
Verify verifies an incoming confirmation message.
type Verifier ¶
type Verifier struct { // identity with a verifier. To be stored on a non-volatile DB. I []byte Verifier VerifierPair }
func (*Verifier) Encode ¶
Encode the verifier into a portable format - returns a tuple <Identity, VerifierPair> as portable strings. The caller can store the Verifier against the Identity in non-volatile storage. An SRP client will supply Identity and its public key - whereupon, an SRP server will use the Identity as a key to lookup the rest of the encoded verifier data.
type VerifierPair ¶
type VerifierPair struct {
V1, V2 []byte
}