secretstream: go.cryptoscope.co/secretstream/secrethandshake Index | Files | Directories

package secrethandshake

import "go.cryptoscope.co/secretstream/secrethandshake"

Package secrethandshake is a Go implementation of Dominic Tarr's secret-handshake: https://github.com/auditdrivencrypto/secret-handshake

Two instances of go-shs can secretly shake hands over a connection.

The implementation is compatible with the JS implementation. Run `npm ci && go test -tags interop_nodejs`.

Index

Package Files

conn.go errors.go state.go

Constants

const ChallengeLength = 64

ChallengeLength is the length of a challenge message in bytes

const ClientAuthLength = 16 + 32 + 64

ClientAuthLength is the length of a clientAuth message in bytes

const MACLength = 16

MACLength is the length of a MAC in bytes

const ServerAuthLength = 16 + 64

ServerAuthLength is the length of a serverAuth message in bytes

Variables

var ErrInvalidKeyPair = fmt.Errorf("secrethandshake/NewKeyPair: invalid public key")

func Client Uses

func Client(state *State, conn io.ReadWriter) (err error)

Client shakes hands using the cryptographic identity specified in s using conn in the client role

func Server Uses

func Server(state *State, conn io.ReadWriter) (err error)

Server shakes hands using the cryptographic identity specified in s using conn in the server role

type CurveKeyPair Uses

type CurveKeyPair struct {
    Public [32]byte
    Secret [32]byte
}

CurveKeyPair is a keypair for use with github.com/agl/ed25519

type EdKeyPair Uses

type EdKeyPair struct {
    Public ed25519.PublicKey
    Secret ed25519.PrivateKey
}

EdKeyPair is a keypair for use with github.com/agl/ed25519

func GenEdKeyPair Uses

func GenEdKeyPair(r io.Reader) (*EdKeyPair, error)

GenEdKeyPair generates a ed25519 keyPair using the passed reader if r == nil it uses crypto/rand.Reader

func NewKeyPair Uses

func NewKeyPair(public, secret []byte) (*EdKeyPair, error)

type ErrEncoding Uses

type ErrEncoding struct {
    // contains filtered or unexported fields
}

func (ErrEncoding) Error Uses

func (e ErrEncoding) Error() string

func (ErrEncoding) Unwrap Uses

func (e ErrEncoding) Unwrap() error

Unwrap returns the cause

type ErrKeySize Uses

type ErrKeySize struct {
    // contains filtered or unexported fields
}

func (ErrKeySize) Error Uses

func (eks ErrKeySize) Error() string

type ErrProcessing Uses

type ErrProcessing struct {
    // contains filtered or unexported fields
}

ErrProcessing is returned if I/O fails during the handshake TODO: supply Unwrap() for cause?

func (ErrProcessing) Error Uses

func (e ErrProcessing) Error() string

func (ErrProcessing) Unwrap Uses

func (e ErrProcessing) Unwrap() error

Unwrap returns the cause

type ErrProtocol Uses

type ErrProtocol struct {
    // contains filtered or unexported fields
}

func (ErrProtocol) Error Uses

func (e ErrProtocol) Error() string

type State Uses

type State struct {
    // contains filtered or unexported fields
}

State is the state each peer holds during the handshake

func NewClientState Uses

func NewClientState(appKey []byte, local EdKeyPair, remotePublic ed25519.PublicKey) (*State, error)

NewClientState initializes the state for the client side

func NewServerState Uses

func NewServerState(appKey []byte, local EdKeyPair) (*State, error)

NewServerState initializes the state for the server side

func (*State) GetBoxstreamDecKeys Uses

func (s *State) GetBoxstreamDecKeys() ([32]byte, [24]byte)

GetBoxstreamDecKeys returns the decryption key and nonce suitable for boxstream

func (*State) GetBoxstreamEncKeys Uses

func (s *State) GetBoxstreamEncKeys() ([32]byte, [24]byte)

GetBoxstreamEncKeys returns the encryption key and nonce suitable for boxstream

func (*State) Remote Uses

func (s *State) Remote() []byte

Remote returns the public key of the remote party

Directories

PathSynopsis
internal/extra25519blatent grep of github.com/agl/ed25519/extra25519 until we have a better solution
tests

Package secrethandshake imports 13 packages (graph) and is imported by 10 packages. Updated 2020-03-14. Refresh now. Tools for package owners.