ratchet

package module
v0.0.18 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 29, 2023 License: BSD-3-Clause Imports: 14 Imported by: 2

README 


migrated to monorepo https://github.com/katzenpost/katzenpost/issues/1

Documentation

Overview

Package ratchet originally written by AGL to implement the axolotl ratchet (designed by Trevor Perrin) for the Pond messaging system but then modified for a Katzenpost decryption mix network messaging system. Improvements herein made by Masala, Sofia Celli and David Stainton. David's latest changes turn the ratchet into a computationally expensive PQ hybrid ratchet wherein there's an ECDH and a CSIDH ratchet which both progress together. Both of these ratchets feed their computed shared secrets into the KDF ratchet via the root KDF chain. More clever designs and feedback encouraged.

Index

Constants

View Source 
const (
	PQRatchetPublicKeyInHeaderOffset = 4 + 4 + 32

	// MaxMissingMessages is the maximum number of missing messages that
	// we'll keep track of.
	MaxMissingMessages = 8

	// RatchetKeyMaxLifetime is the maximum lifetime of the ratchet
	RatchetKeyMaxLifetime = time.Hour * 672

	// DoubleRatchetOverhead is the number of bytes the ratchet adds in ciphertext overhead.
	DoubleRatchetOverhead = 120 + csidh.PublicKeySize
)

Variables

View Source 
var (
	ErrDuplicateOrDelayed                     = errors.New("Ratchet: duplicate message or message delayed longer than tolerance")
	ErrHandshakeAlreadyComplete               = errors.New("Ratchet: handshake already complete")
	ErrCannotDecrypt                          = errors.New("Ratchet: cannot decrypt")
	ErrIncorrectHeaderSize                    = errors.New("Ratchet: incorrect header size")
	ErrSerialisedKeyLength                    = errors.New("Ratchet: bad serialised key length")
	ErrNextEncryptedMessageWithoutRatchetFlag = errors.New("Ratchet: received message encrypted to next header key without ratchet flag set")
	ErrOldFormKeyExchange                     = errors.New("Ratchet: peer using old-form key exchange")
	ErrCorruptMessage                         = errors.New("Ratchet: corrupt message")
	ErrMessageExceedsReorderingLimit          = errors.New("Ratchet: message exceeds reordering limit")
	ErrEchoedDHValues                         = errors.New("Ratchet: peer echoed our own DH values back")
	ErrInvalidSignatureLength                 = errors.New("Ratchet: invalid signature length")
	ErrRatchetHeaderTooSmall                  = errors.New("Ratchet: header too small to be valid")
	ErrInvalidKeyExchange                     = errors.New("Ratchet: peer's key exchange is invalid")
	ErrFailedToInitializeRatchet              = errors.New("Ratchet: failed to initialize")
	ErrInvalidPubkey                          = errors.New("Ratchet: invalid public key")
	ErrInvalidPublicIdentityKey               = errors.New("Ratchet: invalid public identity key")
	ErrInvalidSignature                       = errors.New("Ratchet: invalid signature")
	ErrKeyExchangeKeysNotIsomorphicallyEqual  = errors.New("Ratchet: key exchange and identity public keys must be isomorphically equal")
	ErrFailedToLoadPQRatchet                  = errors.New("Ratchet: failed to load PQ Ratchet from state")
	ErrImportPQDh0                            = errors.New("Ratchet: failed to import PQ DH0 from exchange blob")
	ErrCSIDHSharedSecret                      = errors.New("Ratchet: failed to compute shared secret from PQDH0")
	ErrCSIDHPrivateExport                     = errors.New("Ratchet: CSIDH: failed to export private key")
	ErrCSIDHPrivateImport                     = errors.New("Ratchet: CSIDH: failed to import private key")
	ErrCSIDHPublicExport                      = errors.New("Ratchet: CSIDH: failed to export public key")
	ErrCSIDHPublicImport                      = errors.New("Ratchet: CSIDH: failed to import public key")
	ErrCSIDHInvalidPublicKey                  = errors.New("Ratchet: CSIDH public key validation failure")
	ErrInconsistentState                      = errors.New("Ratchet: the state is inconsistent")
)

Functions

func DestroyRatchet added in v0.0.1 

func DestroyRatchet(r *Ratchet)

DestroyRatchet destroys the ratchet

Types

type Ratchet 

type Ratchet struct {
	// Now is an optional function that will be used to get the current
	// time. If nil, time.Now is used.
	Now func() time.Time
	// contains filtered or unexported fields
}

Ratchet stucture contains the per-contact, crypto state.

func InitRatchet added in v0.0.1 

func InitRatchet(rand io.Reader) (*Ratchet, error)

InitRatchet initializes a ratchet struct

func NewRatchetFromBytes added in v0.0.9 

func NewRatchetFromBytes(rand io.Reader, data []byte) (*Ratchet, error)

NewRatchetFromBytes takes ownership of data and unmarshals it into a new *Ratchet. The bytes are wiped afterwards. The new *Ratchet is returned unless there's an error.

func (*Ratchet) CreateKeyExchange 

func (r *Ratchet) CreateKeyExchange() ([]byte, error)

CreateKeyExchange returns a byte slice which is meant to be transmitted to the other party via an encrypted and authenticated communications channel. The other party can then call their Ratchet's ProcessKeyExchange method to process this byte blob and establish a communications channel with the sender.

func (*Ratchet) Decrypt 

func (r *Ratchet) Decrypt(ciphertext []byte) ([]byte, error)

Decrypt decrypts a message

func (*Ratchet) Encrypt 

func (r *Ratchet) Encrypt(out, msg []byte) ([]byte, error)

Encrypt acts like append() but appends an encrypted version of msg to out.

func (*Ratchet) ProcessKeyExchange 

func (r *Ratchet) ProcessKeyExchange(exchangePayload []byte) error

ProcessKeyExchange processes the data of a keyExchange which is used to establish an encrypted authenticated communications channel.

func (*Ratchet) Save added in v0.0.10 

func (r *Ratchet) Save() (data []byte, err error)

Save transforms the object into a stream

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.