natrium

package module

v1.1.1 Latest Latest Go to latest Published: Apr 23, 2018 License: ISC Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/bunsim/natrium

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func AEAD(key []byte) cipher.AEAD
func CTCompare(a []byte, b []byte) int
func ECDHSecret(ourPriv ECDHPrivate, theirPubl ECDHPublic) []byte
func HexDecode(str string) ([]byte, error)
func HexEncode(bts []byte) string
func PasswordHash(pwd []byte, opslimit int, memlimit int) string
func PasswordVerify(pwd []byte, hash string) bool
func RandBytes(b []byte)
func RandUint32() uint32
func RandUint32LT(lim uint32) uint32
func SecureHash(message []byte, key []byte) []byte
func SecureHasher(key []byte) hash.Hash
func Stream(key []byte, nonce []byte) cipher.Stream
func StretchKey(pwd []byte, salt []byte, opslimit int, memlimit int) []byte
func TripleECDH(ourAuth ECDHPrivate, theirAuth ECDHPublic, ourEph ECDHPrivate, ...) []byte
type ECDHPrivate
- func ECDHGenerateKey() ECDHPrivate
- func (priv ECDHPrivate) PublicKey() ECDHPublic
type ECDHPublic
type EdDSAPrivate
- func EdDSADeriveKey(seed []byte) EdDSAPrivate
- func EdDSAGenerateKey() EdDSAPrivate
- func (k EdDSAPrivate) PublicKey() EdDSAPublic
- func (k EdDSAPrivate) Sign(message []byte) []byte
- func (k EdDSAPrivate) String() string
- func (k EdDSAPrivate) ToECDH() ECDHPrivate
type EdDSAPublic
- func (k EdDSAPublic) MarshalJSON() ([]byte, error)
- func (k EdDSAPublic) String() string
- func (k EdDSAPublic) ToECDH() ECDHPublic
- func (k EdDSAPublic) Verify(message []byte, signature []byte) error

Constants ¶

This section is empty.

Variables ¶

View Source

var ECDHKeyLength = C.crypto_scalarmult_BYTES

ECDHKeyLength represents the length of an ECDH public or private key.

View Source

var EdDSAPrivateLength = C.crypto_sign_SECRETKEYBYTES

EdDSAPrivateLength is the length of an EdDSA private key.

View Source

var EdDSAPublicLength = C.crypto_sign_PUBLICKEYBYTES

EdDSAPublicLength is the length of an EdDSA public key.

View Source

var EdDSASignatureLength = C.crypto_sign_BYTES

EdDSASignatureLength is the length of an EdDSA signature.

View Source

var PasswordSaltLen int

PasswordSaltLen gives the length of the salt parameter to StretchKey

Functions ¶

func AEAD ¶

func AEAD(key []byte) cipher.AEAD

AEAD creates an object implementing the standard Go AEAD (Authenticated Encryption with Associated Data) interface. Keys must be 32 bytes long, and the underlying algorithm uses the ChaCha20 stream cipher with the Poly1305 authentication function.

func CTCompare ¶

func CTCompare(a []byte, b []byte) int

CTCompare returns 0 if the two byte strings are identical, -1 if a is less than b (little-endian), and 1 if a is larger than b. It runs in constant time given a particular length of a and b.

func ECDHSecret ¶

func ECDHSecret(ourPriv ECDHPrivate, theirPubl ECDHPublic) []byte

ECDHSecret computes the Diffie-Hellman shared-secret given our private key and their public key.

func HexDecode ¶

func HexDecode(str string) ([]byte, error)

HexDecode decodes a hexadecimal string to a byte array.

func HexEncode ¶

func HexEncode(bts []byte) string

HexEncode encodes a byte array to a hexadecimal string.

func PasswordHash ¶

func PasswordHash(pwd []byte, opslimit int, memlimit int) string

PasswordHash uses the Argon2 algorithm to create an ASCII string which includes opslimit, memlimit, a random salt, and a memory-hard hash. It's designed to be stored in databases and directly used with PasswordVerify.

func PasswordVerify ¶

func PasswordVerify(pwd []byte, hash string) bool

PasswordVerify verifies that the given password corresponds to the given salted hash string (of the format returned by PasswordHash).

func RandBytes ¶

func RandBytes(b []byte)

RandBytes fills the given byte slice with random values.

func RandUint32 ¶

func RandUint32() uint32

RandUint32 returns a random uint32.

func RandUint32LT ¶

func RandUint32LT(lim uint32) uint32

RandUint32LT returns a random uint32 from 0 to lim, uniformly.

func SecureHash ¶

func SecureHash(message []byte, key []byte) []byte

SecureHash uses the Blake2b algorithm to generate a 256-bit (32-byte) hash of a message with an optional key. The key parameter can be nil if normal hashing, instead of authenticated hashing, is wanted.

func SecureHasher ¶ added in v1.1.0

func SecureHasher(key []byte) hash.Hash

SecureHasher creates a Blake2b stream hasher.

func Stream ¶

func Stream(key []byte, nonce []byte) cipher.Stream

Stream creates a raw ChaCha20 streamer based on the key and nonce.

func StretchKey ¶

func StretchKey(pwd []byte, salt []byte, opslimit int, memlimit int) []byte

StretchKey uses the Argon2 algorithm to create a 256-bit key based upon a password and a salt. This function is deterministic given a certain opslimit and memlimit.

func TripleECDH ¶

func TripleECDH(ourAuth ECDHPrivate, theirAuth ECDHPublic, ourEph ECDHPrivate, theirEph ECDHPublic) []byte

TripleECDH is a convenience function does a triple Diffie-Hellman authenticated key exchange; it derives a shared secret from both long term keys and ephemeral keys to provide both deniable and forward-secure session-key derivation.

Types ¶

type ECDHPrivate ¶

type ECDHPrivate []byte

ECDHPrivate represents a X25519 private key.

func ECDHGenerateKey ¶

func ECDHGenerateKey() ECDHPrivate

ECDHGenerateKey generates an ECDH private key.

func (ECDHPrivate) PublicKey ¶

func (priv ECDHPrivate) PublicKey() ECDHPublic

PublicKey derives the public key corresponding to the ECDH private key.

type ECDHPublic ¶

type ECDHPublic []byte

ECDHPublic represents a X25519 public key.

type EdDSAPrivate ¶

type EdDSAPrivate []byte

EdDSAPrivate represents an Ed25519 private key.

func EdDSADeriveKey ¶

func EdDSADeriveKey(seed []byte) EdDSAPrivate

EdDSADeriveKey derives an EdDSA private key from an arbitrary seed.

func EdDSAGenerateKey ¶

func EdDSAGenerateKey() EdDSAPrivate

EdDSAGenerateKey generates an EdDSA private key. The public key can be derived from the private key, so there is no issue. Keys are represented by byte slices, and can be cast to and from them.

func (EdDSAPrivate) PublicKey ¶

func (k EdDSAPrivate) PublicKey() EdDSAPublic

PublicKey obtains the public component of an EdDSA private key.

func (EdDSAPrivate) Sign ¶

func (k EdDSAPrivate) Sign(message []byte) []byte

Sign signs a message using the given EdDSA private key, returning the signature.

func (EdDSAPrivate) String ¶

func (k EdDSAPrivate) String() string

func (EdDSAPrivate) ToECDH ¶

func (k EdDSAPrivate) ToECDH() ECDHPrivate

ToECDH converts an EdDSA private key deterministically to a ECDH private key.

type EdDSAPublic ¶

type EdDSAPublic []byte

EdDSAPublic represents an Ed25519 public key.

func (EdDSAPublic) MarshalJSON ¶

func (k EdDSAPublic) MarshalJSON() ([]byte, error)

MarshalJSON implements the MarshalJSON interface.

func (EdDSAPublic) String ¶

func (k EdDSAPublic) String() string

func (EdDSAPublic) ToECDH ¶

func (k EdDSAPublic) ToECDH() ECDHPublic

ToECDH converts an EdDSA public key deterministically to a ECDH public key

func (EdDSAPublic) Verify ¶

func (k EdDSAPublic) Verify(message []byte, signature []byte) error

Verify verifies a signature and a message using a public key. If there is a problem, then a non-nil value would be returned. A nil value means everything is fine.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL