Documentation ¶
Index ¶
- Constants
- func DecryptMessageWithNonce(token DecryptTaskToken, cipherText []byte, nonce []byte) ([]byte, error)
- func EncryptMessageWithNewNonce(token DecryptTaskToken, plainText []byte) ([]byte, []byte, error)
- type AuthResult
- type ChunkGetter
- type Cryptor
- type DecryptTaskToken
- func (z *DecryptTaskToken) DecodeMsg(dc *msgp.Reader) (err error)
- func (z *DecryptTaskToken) EncodeMsg(en *msgp.Writer) (err error)
- func (z *DecryptTaskToken) MarshalMsg(b []byte) (o []byte, err error)
- func (z *DecryptTaskToken) Msgsize() (s int)
- func (z *DecryptTaskToken) UnmarshalMsg(bts []byte) (o []byte, err error)
- type DecryptionGuide
- type EcdhCache
- type EncryptTaskToken
- func (z *EncryptTaskToken) DecodeMsg(dc *msgp.Reader) (err error)
- func (z *EncryptTaskToken) EncodeMsg(en *msgp.Writer) (err error)
- func (z *EncryptTaskToken) MarshalMsg(b []byte) (o []byte, err error)
- func (z *EncryptTaskToken) Msgsize() (s int)
- func (z *EncryptTaskToken) UnmarshalMsg(bts []byte) (o []byte, err error)
- type EncryptionGuide
- type EthCallInfo
- type KeyFile
- type LogInfo
- type RandReader
- type RateLimiter
- type RpcxReq
- type RpcxResp
- type TxInfo
Constants ¶
const ( EncapsulateSecret = uint8(iota) DecapsulateSecret )
Variables ¶
This section is empty.
Functions ¶
func DecryptMessageWithNonce ¶
func DecryptMessageWithNonce(token DecryptTaskToken, cipherText []byte, nonce []byte) ([]byte, error)
func EncryptMessageWithNewNonce ¶
func EncryptMessageWithNewNonce(token DecryptTaskToken, plainText []byte) ([]byte, []byte, error)
Types ¶
type AuthResult ¶
type AuthResult struct { Succeeded bool `json:"succeeded"` Message string `json:"message"` // explain the error reason when Succeeded==false Result []byte `json:"result"` Proof []byte `json:"proof"` Salt []byte `json:"salt"` // use Salt and ECDH-generated secret to create a Cryptor for decrypting Result PubKey []byte `json:"pubkey"` // authorizer's pubkey }
type ChunkGetter ¶
type ChunkGetter interface { GetChunk(token DecryptTaskToken, path string, index int) (chunk []byte, errStr string) GetTotalBytes(path string) (totalBytes int, errStr string) }
A service provides 256KB chunks of IPFS files
type Cryptor ¶
type Cryptor struct {
// contains filtered or unexported fields
}
============ Encrypt and decrypt using the AES-GCM algorithm ============
func NewCryptor ¶
type DecryptTaskToken ¶
type DecryptTaskToken struct { ExpireTime int64 `msg:"e"` // generated by recryptor FileId [32]byte `msg:"f"` // copied from DecryptionGuide RecryptorSalt [32]byte `msg:"r"` // copied from DecryptionGuide Secret [32]byte `msg:"s"` // got by the recryptors from shamir.Combine RemoteAddr string `msg:"a"` // got from http.Request ViewerAccount [20]byte `msg:"v"` // recovered from DecryptionGuide.Signature Contract string `msg:"c"` // copied from DecryptionGuide }
The recryptor needs such a token during decrypting a viewer-required file To make the recrytor state-less, this token is sealed by the recryptors and stored on the client side
func (*DecryptTaskToken) DecodeMsg ¶
func (z *DecryptTaskToken) DecodeMsg(dc *msgp.Reader) (err error)
DecodeMsg implements msgp.Decodable
func (*DecryptTaskToken) EncodeMsg ¶
func (z *DecryptTaskToken) EncodeMsg(en *msgp.Writer) (err error)
EncodeMsg implements msgp.Encodable
func (*DecryptTaskToken) MarshalMsg ¶
func (z *DecryptTaskToken) MarshalMsg(b []byte) (o []byte, err error)
MarshalMsg implements msgp.Marshaler
func (*DecryptTaskToken) Msgsize ¶
func (z *DecryptTaskToken) Msgsize() (s int)
Msgsize returns an upper bound estimate of the number of bytes occupied by the serialized message
func (*DecryptTaskToken) UnmarshalMsg ¶
func (z *DecryptTaskToken) UnmarshalMsg(bts []byte) (o []byte, err error)
UnmarshalMsg implements msgp.Unmarshaler
type DecryptionGuide ¶
type DecryptionGuide struct { ChainId *big.Int `json:"chainid"` // got from config.json of ElfinDirectory Contract string `json:"contract"` // got from config.json of ElfinDirectory Function string `json:"function"` // got from config.json of ElfinDirectory Threshold int `json:"threshold"` // got from config.json of ElfinDirectory AuthorizerList []string `json:"authorizerlist"` // got from config.json of ElfinDirectory EncryptedParts [][]byte `json:"encryptedparts"` // generated by the Authorizers CallDataList [][]byte `json:"calldatalist"` // specified by the viewer Signature []byte `json:"signature"` // signed by the viewer Timestamp int64 `json:"timestamp"` // specified by the viewer RecryptorSalt []byte `json:"recryptorsalt"` // got from config.json of ElfinDirectory FileId []byte `json:"fileid"` // got from config.json of ElfinDirectory }
Guide the recryptor to get grantcode from authorizers and decrypt the 'EncryptedParts'
type EcdhCache ¶
type EcdhCache struct {
// contains filtered or unexported fields
}
================================================================ gvien the peer's public key, query the shared secret between me and this peer
func NewEcdhCache ¶
func (*EcdhCache) PeerKeyToSecret ¶
func (cache *EcdhCache) PeerKeyToSecret(myKey *ecdsa.PrivateKey, peerPubkey [33]byte, encapsulateType uint8) (secret []byte, err error)
Lookup the ecdhCache for secret. If cache misses, calculate the ECDH secret and put it into cache
type EncryptTaskToken ¶
type EncryptTaskToken struct { ExpireTime int64 `msg:"e"` // generated by recryptor FileId [32]byte `msg:"f"` // specified by the author RecryptorSalt [32]byte `msg:"r"` // generated by recryptor Secret [32]byte `msg:"s"` // generated by recryptor RequestorAddr [20]byte `msg:"a"` // address of the author }
The recryptor needs such a token during encrypting an author-submitted file To make the recrytor state-less, this token is sealed by the recryptors and stored on the client side
func (*EncryptTaskToken) DecodeMsg ¶
func (z *EncryptTaskToken) DecodeMsg(dc *msgp.Reader) (err error)
DecodeMsg implements msgp.Decodable
func (*EncryptTaskToken) EncodeMsg ¶
func (z *EncryptTaskToken) EncodeMsg(en *msgp.Writer) (err error)
EncodeMsg implements msgp.Encodable
func (*EncryptTaskToken) MarshalMsg ¶
func (z *EncryptTaskToken) MarshalMsg(b []byte) (o []byte, err error)
MarshalMsg implements msgp.Marshaler
func (*EncryptTaskToken) Msgsize ¶
func (z *EncryptTaskToken) Msgsize() (s int)
Msgsize returns an upper bound estimate of the number of bytes occupied by the serialized message
func (*EncryptTaskToken) UnmarshalMsg ¶
func (z *EncryptTaskToken) UnmarshalMsg(bts []byte) (o []byte, err error)
UnmarshalMsg implements msgp.Unmarshaler
type EncryptionGuide ¶
type EncryptionGuide struct { ChainId *big.Int `json:"chainid"` Contract string `json:"contract"` Function string `json:"function"` Threshold int `json:"threshold"` AuthorizerList []string `json:"authorizerlist"` OutData []byte `json:"outdata"` }
======================= For recryptors' encryption and decryption ======================= Guide the recryptor to get grantcode from authorizers and encrypt the shamir-split parts
type EthCallInfo ¶
type EthCallInfo struct { ChainId *big.Int Timestamp *big.Int From common.Address To common.Address FunctionSelector [4]byte OutData []byte }
func (*EthCallInfo) ToBytes ¶
func (ei *EthCallInfo) ToBytes() []byte
type KeyFile ¶
type KeyFile struct {
// contains filtered or unexported fields
}
====================================== A binary file to store the enclave's private key
func NewKeyFile ¶
func (KeyFile) RecoveryPrivateKey ¶
func (f KeyFile) RecoveryPrivateKey(isEnclaveMode bool) (privKey *ecdsa.PrivateKey)
func (KeyFile) SealKeyToFile ¶
func (f KeyFile) SealKeyToFile(privKey *ecdsa.PrivateKey, isEnclaveMode bool)
type LogInfo ¶
type RandReader ¶
type RandReader struct { }
=================================== Read random data from CPU's hardware RNG (random-number-generator)
func NewRandReader ¶
func NewRandReader() *RandReader
func (*RandReader) GenerateKey ¶
func (r *RandReader) GenerateKey() (*ecdsa.PrivateKey, error)
Generate a private key from true-random-number-generator in CPU
func (*RandReader) Read ¶
func (r *RandReader) Read(out []byte) (n int, err error)
implements io.Reader
func (*RandReader) Read32 ¶
func (r *RandReader) Read32() (salt [32]byte)
type RateLimiter ¶
type RpcxReq ¶
type RpcxReq struct { DecryptTaskToken // send this to the server for rate control and logging Path string // specifies a cloud file. Its detailed meaning depends on base protocol (IPFS, Arweave, etc) Index int // The chunk's index (the file is viewed as an array of chunks) }