message

package
v0.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 4, 2015 License: BSD-2-Clause Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// DefaultTotalLength is the size of the message.
	DefaultTotalLength = BodyMaxLength + SignHeaderSize + KeyHeaderSize
	// DefaultPadToLength is the size of the body including random padding
	DefaultPadToLength = 4096
	// DefaultHashCashBits is the minimum number of hashcash bits requried
	DefaultHashCashBits = byte(23)
)
View Source 
const (
	// Curve25519KeySize defines how big a curve25519 key is
	Curve25519KeySize = 32
	// SharedKeySize defines how long the shared secret is
	SharedKeySize = 64
	// HMACKeySize is the size of the HMAC key
	HMACKeySize = 32
	// SymmetricKeySize is the size of the symmetric encryption key (for AES-CTR)
	SymmetricKeySize = 32
	// NonceSize bytes of nonce
	NonceSize = 32
	// PadKeySize is the size of the padding key
	PadKeySize = 32
	// HMACSize is the size of the hmac output, we're using SHA256
	HMACSize = 32
	// IVSize defines the length of the IV, calculated by hashing pubkeys and nonce
	IVSize = aes.BlockSize
)
View Source 
const (
	// MsgTypeBlob signals a standard blob of data without special meaning
	MsgTypeBlob = 0x01
	// MsgTypeList signals a list of other messages
	MsgTypeList = 0x02
	// MsgTypeRepost signals a message that is sent to a reposter
	MsgTypeRepost = 0x03
)
View Source 
const (
	// BodyMaxLength is the maximum length of the body that can be accepted
	BodyMaxLength = 65535
	// MessageIDSize is the size of a MessageID
	MessageIDSize = sha256.Size
	// SignHeaderSize is the size of the signature header
	SignHeaderSize = 1 + ed25519.PublicKeySize + ed25519.SignatureSize + MessageIDSize + hashcash.NonceSize
	// KeyHeaderSize is the size of the key header (four curve25519 public keys for DH and nonce)
	KeyHeaderSize = 4*Curve25519KeySize + NonceSize

	// Version of this protocol
	Version = 0x01
)
View Source 
const (
	// SignerPubKeySize is the size of a public key used for signing
	SignerPubKeySize = ed25519.PublicKeySize
)
View Source 
const VersionID = "0.0.1 very alpha"

VersionID of this release

Variables

View Source 
var (
	//ErrNoKeys is returned if no method for private key discovery is available
	ErrNoKeys = errors.New("message: No private keys available")
	// ErrBadMessageID is returned when the message ID signed is different from the one calculated
	ErrBadMessageID = errors.New("message: Unexpected message ID")
	// ErrBadSender is returned when another sender was expected
	ErrBadSender = errors.New("message: Unexpected sender")
)
View Source 
var (
	// ErrIncompleteKeyPack is returned if a KeyPack cannot be filled
	ErrIncompleteKeyPack = errors.New("message: incomplete keypack")
	// ErrMissingKey is returned if too few keys are used fro keypack construction
	ErrMissingKey = errors.New("message: missing temporary pubkey")
)
View Source 
var (
	// ErrTooLong is returned if the message body is too big
	ErrTooLong = errors.New("message: Content too long")
	// ErrTooShort is returned if the message is smaller than allowed
	ErrTooShort = errors.New("message: Message too short")
	// ErrBadHMAC is returned if the HMAC does not verify
	ErrBadHMAC = errors.New("message: Bad HMAC")
)
View Source 
var (
	// ErrNoKeyFound is returned if no key could be found
	ErrNoKeyFound = errors.New("message: No signature key found in generation")
	// ErrBadVersion is returned if a message does not conform to the right version
	ErrBadVersion = errors.New("message: Wrong version")
	// ErrHashCash is returned if not enough bits are produced by the ErrHashCash challenge
	ErrHashCash = errors.New("message: Not enough HashCash bits")
	// ErrBadSignature is returned if the post signature does not verify
	ErrBadSignature = errors.New("message: Signature verification failed")
)
View Source 
var (
	// ErrEnvelopeShort is returned if the envelope is too short to even contain a signature header
	ErrEnvelopeShort = errors.New("message: Envelope too short")
)

Functions

func CalcKeys 

func CalcKeys(sharedSecret [SharedKeySize]byte) (hmacKey *[HMACKeySize]byte, symmetricKey *[SymmetricKeySize]byte)

CalcKeys generates the keys for hmac calculation and symmetric encryption from the shared secret

func CalcMaxEmbedded 

func CalcMaxEmbedded(TotalLength int) int

CalcMaxEmbedded returns the maximum size of data that can be included in a message of TotalLength size

func CalcMessageID 

func CalcMessageID(msg []byte) *[MessageIDSize]byte

CalcMessageID from raw message (skip signature part)

func CalcSharedSecret 

func CalcSharedSecret(myKeys, peerKeys *KeyPack, nonce *[NonceSize]byte, sending bool) (sharedSecret [SharedKeySize]byte)

CalcSharedSecret does a triple DH from the keypacks to generate the shared secret. myKeys needs to contain private keys, peerKeys only needs public keys Sending determines if one is sender or recipient of a message

func GenIV 

func GenIV(d []byte) *[IVSize]byte

GenIV generates the IV by sha256 d. d should be the slice containing the pubkeys and nonce from the message

func GenNonce 

func GenNonce() (*[NonceSize]byte, error)

GenNonce returns NonceSize random bytes

func GenPad 

func GenPad(key *[PadKeySize]byte, length int) []byte

GenPad produces a slice of bytes with length int, filled with pseudo-random numbers generated from key using AES-CTR

func GenPadKey 

func GenPadKey() (*[PadKeySize]byte, error)

GenPadKey generates a random value suitable for the padding generator

func KeyIsHidden 

func KeyIsHidden(k *Curve25519Key) bool

KeyIsHidden returns true if key index should be hidden

func KeyIsSync 

func KeyIsSync(k *Curve25519Key) bool

KeyIsSync returns true if messages for this key should be synced

func PackKeyHeader 

func PackKeyHeader(senderKeys, peerKeys *KeyPack, nonce *[NonceSize]byte) *[KeyHeaderSize]byte

PackKeyHeader constructs the header from the KeyPacks and Nonce.

func RePad 

func RePad(msg []byte, padKey *[PadKeySize]byte, totalLength int) []byte

RePad adds the deterministic padding to a message

Types

type Base64Message 

type Base64Message []byte

Base64Message is a message encoded in Base64

func EncodeBase64 

func EncodeBase64(message []byte) Base64Message

EncodeBase64 encodes a message to base64

func (Base64Message) Decode 

func (bm Base64Message) Decode() ([]byte, error)

Decode a base64 encoded message

func (Base64Message) GetSignHeader 

func (bm Base64Message) GetSignHeader() (*[SignHeaderSize]byte, error)

GetSignHeader returns the signature header from an message

type Curve25519Key 

type Curve25519Key [Curve25519KeySize]byte

Curve25519Key is a curve25519 public or private key

func CalcPub 

func CalcPub(privateKey *Curve25519Key) *Curve25519Key

CalcPub generates a public key from a private key

func GenLongTermKey 

func GenLongTermKey(hidden bool, sync bool) (*Curve25519Key, error)

GenLongTermKey returns a private key that is meant for long-term use and adheres to the hidden index rule hidden means that the server should not allow index access without authentication sync means that the server should not sync the message to other servers (it is not part of the global index)

func GenPubKey 

func GenPubKey(priv *Curve25519Key) *Curve25519Key

GenPubKey calculates the public key for a private key

func GenRandomKey 

func GenRandomKey() (*Curve25519Key, error)

GenRandomKey generates a random key useable for temporary keys

type DecryptBodyDef 

type DecryptBodyDef struct {
	IV           [IVSize]byte        // The IV to use. This is overkill since the key is unique anyways... anyways
	SharedSecret [SharedKeySize]byte // The shared secret, calculate HMAC and Symmetric Key from this
}

DecryptBodyDef contains parameters for decryption

func (*DecryptBodyDef) DecryptBody 

func (bd *DecryptBodyDef) DecryptBody(data []byte) ([]byte, byte, error)

DecryptBody decrypts a body and verifies the hmac

type EncryptBodyDef 

type EncryptBodyDef struct {
	IV           [IVSize]byte        // The IV to use. This is overkill since the key is unique anyways... anyways
	SharedSecret [SharedKeySize]byte // The shared secret, calculate HMAC and Symmetric Key from this
	TotalLength  int                 // Total size of body including padding
	PadToLength  int                 // PadToLength will pad the body to PadToLength size of random padding before adding deterministic padding, if any
	MessageType  byte
}

EncryptBodyDef contains parameters for body encryption

func (*EncryptBodyDef) EncryptBody 

func (bd *EncryptBodyDef) EncryptBody(data []byte) (*EncryptedBody, error)

EncryptBody takes data and creates a body out of it

type EncryptedBody 

type EncryptedBody struct {
	Encrypted            []byte           // First element
	RandomPadding        []byte           // Second element
	DeterministicPadding []byte           // Third element
	PadKey               [PadKeySize]byte // Will be set if deterministic padding is appended
	HMACSum              [HMACSize]byte   // The HMAC
}

EncryptedBody contains the restuls of an encryption or parsing

func (EncryptedBody) Bytes 

func (eb EncryptedBody) Bytes() []byte

Bytes returns the body as byteslice

func (EncryptedBody) BytesNoPadding 

func (eb EncryptedBody) BytesNoPadding() []byte

BytesNoPadding returns the body as byteslice omitting deterministic padding

type KeyPack 

type KeyPack struct {
	ConstantPubKey   *Curve25519Key // Public key: SenderConstantPubKey
	ConstantPrivKey  *Curve25519Key // Private key of ConstantPubKey
	TemporaryPubKey  *Curve25519Key // Public key: SenderTemporaryPubKey
	TemporaryPrivKey *Curve25519Key // Private key of TemporaryPubKey
}

KeyPack contains one side of keys

func GenKeyPack 

func GenKeyPack(privateConstant *Curve25519Key, deterministic bool) (*KeyPack, error)

GenKeyPack generate a keypack. If privateConstant is nil, all keys will be ephemeral. If deterministic is true then the temporaryPrivKey will be generated from the constantPrivKey

func GenReceiveKeys 

func GenReceiveKeys(publicConstant, publicTemporary *Curve25519Key) (*KeyPack, error)

GenReceiveKeys generates a KeyPack for the recipient unless public keys are available

func GenSenderKeys 

func GenSenderKeys(privateConstant *Curve25519Key) (*KeyPack, error)

GenSenderKeys returns a keypack suitable for the sender. If PrivateConstant is nil, all keys will be ephemeral

func ParseKeyHeader 

func ParseKeyHeader(keyHeader *[KeyHeaderSize]byte) (senderKeys, peerKeys *KeyPack, nonce *[NonceSize]byte)

ParseKeyHeader returns the KeyPacks and Nonce of a KeyHeader

func (*KeyPack) FillKeys 

func (kp *KeyPack) FillKeys(deterministic bool) error

FillKeys constructs missing keys in a KeyPack. If deterministic==true then temporary keys are generated from the constant keys

func (*KeyPack) MatchPrivate 

func (kp *KeyPack) MatchPrivate(constantPrivKey, temporaryPrivKey *Curve25519Key) bool

MatchPrivate tries to match given private key(s) to the KeyPack. Keys will be added to the keypack if a match is found

type Message 

type Message struct {
	SignatureHeader *[SignHeaderSize]byte // Packet signature header
	Header          *[KeyHeaderSize]byte  // Packed message header
	Body            []byte                // Unpacked body
}

Message is a full message

func ParseMessage 

func ParseMessage(msg []byte) (*Message, error)

ParseMessage cuts a byteslice into a Message struct

func (Message) Bytes 

func (msg Message) Bytes() []byte

Bytes converts a message struct into a byte slice

func (Message) CalcMessageID 

func (msg Message) CalcMessageID() *[MessageIDSize]byte

CalcMessageID from encrypted body

type MetaDataRecieve 

type MetaDataRecieve struct {
	SenderConstantPublicKey   *Curve25519Key      // Public key used by sender
	ReceiveConstantPublicKey  *Curve25519Key      // Constant public key of recipient
	ReceiveTemporaryPublicKey *Curve25519Key      // Temporary public key of recipient
	MessageID                 [MessageIDSize]byte // MessageID as calculated
	MessageType               byte                // MessageType of message
}

MetaDataRecieve contains data from decryption

type MetaDataSend 

type MetaDataSend struct {
	MessageID              [MessageIDSize]byte // MessageID of the message (calculated from header+body)
	PadKey                 *[PadKeySize]byte   // Will be set if deterministic padding is appended and meaningful
	MessageKey             *Curve25519Key      // Will be set if ephemeral recipient keys are used
	ReceiverConstantPubKey *Curve25519Key
}

MetaDataSend contains metadata for the message

type Receiver 

type Receiver struct {
	SenderPublicKey            *Curve25519Key // Optional. If set, verify for message
	ReceiveConstantPrivateKey  *Curve25519Key // Optional. Will use callback if not set
	ReceiveTemporaryPrivateKey *Curve25519Key // Optional. Will try to generate from ReceiveConstantPrivateKey, then Callback
	// KeyCallBack is an optional function to get private keys. It takes a public key as parameter and expects the private key or nil as return
	KeyCallBack func(*Curve25519Key) *Curve25519Key
	// HashCashBits is the minimum number of hashcash bits required. Will be set to default if missing
	HashCashBits byte
}

Receiver defines receiver functionality

func (Receiver) Decrypt 

func (receiver Receiver) Decrypt(encMessage []byte) (message []byte, meta *MetaDataRecieve, err error)

Decrypt applies decryption & verification to a messsage

type Sender 

type Sender struct {
	Signer                    *SignKeyPair   // Optional, autogenerated when missing
	SenderPrivateKey          *Curve25519Key // Optional. Use ephemeral key if missing
	ReceiveConstantPublicKey  *Curve25519Key // Optional. Constant public key of receiver, ephemeral keys will be used if missing
	ReceiveTemporaryPublicKey *Curve25519Key // MUST be set IF ReceiveConstantPublicKey is set
	// TotalLength is the total size of body including padding.
	// Set to default if missing if 0
	TotalLength int
	// PadToLength will pad the body to PadToLength size of random padding before adding deterministic padding, if any.
	// Set to default if missing if 0
	PadToLength int
	// HashCashBits is the minimum number of hashcash bits required. Will be set to default if missing
	HashCashBits byte
}

Sender defines sender behavior

func (Sender) Encrypt 

func (sender Sender) Encrypt(messageType byte, message []byte) (encMessage []byte, meta *MetaDataSend, err error)

Encrypt encrypts a message

func (Sender) EncryptRepost 

func (sender Sender) EncryptRepost(messageType byte, message []byte) (rewrapMessage []byte, meta *MetaDataSend, err error)

EncryptRepost encrypts a message for reposting, meaning that the deterministic padding is thrown away and there is no encoding

type SignKeyPair 

type SignKeyPair struct {
	PublicKey  *[SignerPubKeySize]byte
	PrivateKey *[ed25519.PrivateKeySize]byte
	Nonce      [hashcash.NonceSize]byte // HashCash nonce
	Bits       byte                     // Bits in hashcash
}

SignKeyPair represents a signature key pari

func GenKey 

func GenKey(bits byte) (keypair *SignKeyPair, err error)

GenKey calculates a keypair fit for signing, including hashcahs

func (*SignKeyPair) Marshal 

func (keypair *SignKeyPair) Marshal() []byte

Marshal a keypair into a byte slice

func (*SignKeyPair) Sign 

func (keypair *SignKeyPair) Sign(msgID [MessageIDSize]byte) *[SignHeaderSize]byte

Sign a messageid

func (SignKeyPair) Unmarshal 

func (keypair SignKeyPair) Unmarshal(d []byte) (*SignKeyPair, error)

Unmarshal d into keypair

type SignatureDetails 

type SignatureDetails struct {
	MsgID         [MessageIDSize]byte      // MsgID of the message (sha256(KeyHeader|Body))
	PublicKey     [SignerPubKeySize]byte   // Public key of signer
	HashCashNonce [hashcash.NonceSize]byte // The HashCash nonce
	HashCashBits  byte                     // HashCash bits
}

SignatureDetails contains the fields of the signature header (minus signature itself)

func VerifySignature 

func VerifySignature(header [SignHeaderSize]byte, minbits byte) (details *SignatureDetails, err error)

VerifySignature verifies a signature header. It checks if the version, signatures and hashcash are correct

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.