Documentation ¶
Overview ¶
Package cryptoutil contains generic & stateless crypto helpers.
Index ¶
- Constants
- func AESCTRStream(key, iv []byte) (cipher.Stream, error)
- func AESGCMDecrypt(key, data []byte) ([]byte, error)
- func AESGCMEncrypt(key, data []byte) ([]byte, error)
- func AttachmentCIDSliceDecrypt(g *protocoltypes.Group, eCIDs [][]byte) ([][]byte, error)
- func AttachmentCIDSliceEncrypt(g *protocoltypes.Group, cids [][]byte) ([][]byte, error)
- func AttachmentOpener(ciphertext io.Reader, sk libp2pcrypto.PrivKey, l *zap.Logger) (*io.PipeReader, error)
- func AttachmentSealer(plaintext io.Reader, l *zap.Logger) (libp2pcrypto.PrivKey, *io.PipeReader, error)
- func ComputeLinkKey(publicKey, secret []byte) (*[KeySize]byte, error)
- func ConcatAndHashSha256(slices ...[]byte) *[sha256.Size]byte
- func CreatePushGroupReference(sender []byte, counter uint64, secret []byte) ([]byte, error)
- func DeriveKey(passphrase, salt []byte) ([]byte, []byte, error)
- func EdwardsToMontgomery(privKey crypto.PrivKey, pubKey crypto.PubKey) (*[32]byte, *[32]byte, error)
- func EdwardsToMontgomeryPriv(privKey crypto.PrivKey) (*[KeySize]byte, error)
- func EdwardsToMontgomeryPub(pubKey crypto.PubKey) (*[KeySize]byte, error)
- func GenerateNonce() (*[NonceSize]byte, error)
- func GenerateNonceSize(size int) ([]byte, error)
- func GetGroupForAccount(priv, signing crypto.PrivKey) (*protocoltypes.Group, error)
- func GetGroupForContact(contactPairSK crypto.PrivKey) (*protocoltypes.Group, error)
- func GetGroupPushSecret(m GroupWithSecret) ([]byte, error)
- func GetKeysForGroupOfContact(contactPairSK crypto.PrivKey) (crypto.PrivKey, crypto.PrivKey, error)
- func GetLinkKeyArray(m GroupWithLinkKey) (*[KeySize]byte, error)
- func GetSharedSecret(m GroupWithLinkKey) *[KeySize]byte
- func KeySliceToArray(keySlice []byte) (*[KeySize]byte, error)
- func NewDeviceSecret() (*protocoltypes.DeviceSecret, error)
- func NonceSliceToArray(nonceSlice []byte) (*[NonceSize]byte, error)
- func OpenEnvelopeHeaders(data []byte, g *protocoltypes.Group) (*protocoltypes.MessageEnvelope, *protocoltypes.MessageHeaders, error)
- func SealEnvelope(payload []byte, ds *protocoltypes.DeviceSecret, deviceSK crypto.PrivKey, ...) ([]byte, error)
- func SealPayload(payload []byte, ds *protocoltypes.DeviceSecret, deviceSK crypto.PrivKey, ...) ([]byte, []byte, error)
- func SeedFromEd25519PrivateKey(key crypto.PrivKey) ([]byte, error)
- type DecryptInfo
- type DeviceKeystore
- type DeviceKeystoreOpts
- type GroupDatastore
- func (gd *GroupDatastore) Delete(ctx context.Context, pk crypto.PubKey) error
- func (gd *GroupDatastore) Get(ctx context.Context, key crypto.PubKey) (*protocoltypes.Group, error)
- func (gd *GroupDatastore) Has(ctx context.Context, key crypto.PubKey) (bool, error)
- func (gd *GroupDatastore) Put(ctx context.Context, g *protocoltypes.Group) error
- func (gd *GroupDatastore) PutForContactPK(ctx context.Context, pk crypto.PubKey, deviceKeystore DeviceKeystore) error
- type GroupDatastoreReadOnly
- type GroupWithLinkKey
- type GroupWithSecret
- type MemberDevice
- type MessageKeystore
- func (m *MessageKeystore) DeriveDeviceSecret(ctx context.Context, g *protocoltypes.Group, deviceSK crypto.PrivKey) error
- func (m *MessageKeystore) GetByPushGroupReference(ctx context.Context, ref []byte) ([]byte, error)
- func (m *MessageKeystore) GetDeviceChainKey(ctx context.Context, groupPK, pk crypto.PubKey) (*protocoltypes.DeviceSecret, error)
- func (m *MessageKeystore) GetDeviceSecret(ctx context.Context, g *protocoltypes.Group, acc DeviceKeystore) (*protocoltypes.DeviceSecret, error)
- func (m *MessageKeystore) GetKeyForCID(ctx context.Context, id cid.Cid) (*[32]byte, error)
- func (m *MessageKeystore) GetPrecomputedKeyExpectedCount() int
- func (m *MessageKeystore) HasSecretForRawDevicePK(ctx context.Context, groupPK, devicePK []byte) (has bool)
- func (m *MessageKeystore) OpenEnvelope(ctx context.Context, g *protocoltypes.Group, ownPK crypto.PubKey, data []byte, ...) (*protocoltypes.MessageHeaders, *protocoltypes.EncryptedMessage, [][]byte, ...)
- func (m *MessageKeystore) OpenEnvelopePayload(ctx context.Context, env *protocoltypes.MessageEnvelope, ...) (*protocoltypes.EncryptedMessage, [][]byte, error)
- func (m *MessageKeystore) OpenOutOfStoreMessage(ctx context.Context, envelope *protocoltypes.OutOfStoreMessage, ...) ([]byte, bool, error)
- func (m *MessageKeystore) OpenPayload(ctx context.Context, id cid.Cid, groupPK crypto.PubKey, payload []byte, ...) ([]byte, *DecryptInfo, error)
- func (m *MessageKeystore) PostDecryptActions(ctx context.Context, di *DecryptInfo, g *protocoltypes.Group, ...) error
- func (m *MessageKeystore) RegisterChainKey(ctx context.Context, g *protocoltypes.Group, devicePK crypto.PubKey, ...) error
- func (m *MessageKeystore) SealEnvelope(ctx context.Context, g *protocoltypes.Group, deviceSK crypto.PrivKey, ...) ([]byte, error)
- func (m *MessageKeystore) UpdatePushGroupReferences(ctx context.Context, devicePK []byte, first uint64, group GroupWithSecret) error
- type OwnMemberDevice
Constants ¶
const ( KeySize = 32 // Key size required by box NonceSize = 24 // Nonce size required by box ScryptIterations = 1 << 15 ScryptR = 8 ScryptP = 1 ScryptKeyLen = 32 )
const NamespaceGroupDatastore = "account_groups_datastore"
const PushSecretNamespace = "push_secret_ref" // nolint:gosec
Variables ¶
This section is empty.
Functions ¶
func AESCTRStream ¶ added in v2.231.0
AESCTRStream returns a CTR stream that can be used to produce ciphertext without padding.
func AESGCMDecrypt ¶ added in v2.231.0
AESGCMDecrypt uses AES+GCM to decrypt plaintext data.
func AESGCMEncrypt ¶ added in v2.231.0
AESGCMEncrypt use AES+GCM to encrypt plaintext data.
The generated output will be longer than the original plaintext input.
func AttachmentCIDSliceDecrypt ¶ added in v2.308.0
func AttachmentCIDSliceDecrypt(g *protocoltypes.Group, eCIDs [][]byte) ([][]byte, error)
func AttachmentCIDSliceEncrypt ¶ added in v2.308.0
func AttachmentCIDSliceEncrypt(g *protocoltypes.Group, cids [][]byte) ([][]byte, error)
func AttachmentOpener ¶ added in v2.308.0
func AttachmentOpener(ciphertext io.Reader, sk libp2pcrypto.PrivKey, l *zap.Logger) (*io.PipeReader, error)
func AttachmentSealer ¶ added in v2.308.0
func AttachmentSealer(plaintext io.Reader, l *zap.Logger) (libp2pcrypto.PrivKey, *io.PipeReader, error)
func ComputeLinkKey ¶ added in v2.318.0
func ConcatAndHashSha256 ¶ added in v2.33.0
func CreatePushGroupReference ¶ added in v2.321.0
func DeriveKey ¶ added in v2.231.0
DeriveKey takes a passphrase of any length and returns a key of fixed size.
If no salt is provided, a new one will be created and returned.
func EdwardsToMontgomery ¶
func EdwardsToMontgomery(privKey crypto.PrivKey, pubKey crypto.PubKey) (*[32]byte, *[32]byte, error)
EdwardsToMontgomery converts ed25519 priv/pub keys to X25519 keys.
func EdwardsToMontgomeryPriv ¶ added in v2.33.0
EdwardsToMontgomeryPriv converts ed25519 priv key to X25519 priv key.
func EdwardsToMontgomeryPub ¶ added in v2.33.0
EdwardsToMontgomeryPub converts ed25519 pub key to X25519 pub key.
func GenerateNonce ¶ added in v2.33.0
func GenerateNonceSize ¶ added in v2.231.0
func GetGroupForAccount ¶ added in v2.308.0
func GetGroupForAccount(priv, signing crypto.PrivKey) (*protocoltypes.Group, error)
func GetGroupForContact ¶ added in v2.308.0
func GetGroupForContact(contactPairSK crypto.PrivKey) (*protocoltypes.Group, error)
func GetGroupPushSecret ¶ added in v2.321.0
func GetGroupPushSecret(m GroupWithSecret) ([]byte, error)
func GetKeysForGroupOfContact ¶ added in v2.308.0
func GetLinkKeyArray ¶ added in v2.318.0
func GetLinkKeyArray(m GroupWithLinkKey) (*[KeySize]byte, error)
func GetSharedSecret ¶ added in v2.318.0
func GetSharedSecret(m GroupWithLinkKey) *[KeySize]byte
func KeySliceToArray ¶ added in v2.33.0
func NewDeviceSecret ¶ added in v2.308.0
func NewDeviceSecret() (*protocoltypes.DeviceSecret, error)
func NonceSliceToArray ¶ added in v2.33.0
func OpenEnvelopeHeaders ¶ added in v2.308.0
func OpenEnvelopeHeaders(data []byte, g *protocoltypes.Group) (*protocoltypes.MessageEnvelope, *protocoltypes.MessageHeaders, error)
func SealEnvelope ¶ added in v2.308.0
func SealEnvelope(payload []byte, ds *protocoltypes.DeviceSecret, deviceSK crypto.PrivKey, g *protocoltypes.Group, attachmentsCIDs [][]byte) ([]byte, error)
func SealPayload ¶ added in v2.308.0
func SealPayload(payload []byte, ds *protocoltypes.DeviceSecret, deviceSK crypto.PrivKey, g *protocoltypes.Group) ([]byte, []byte, error)
Types ¶
type DecryptInfo ¶ added in v2.308.0
type DeviceKeystore ¶ added in v2.308.0
type DeviceKeystore interface { AccountPrivKey() (crypto.PrivKey, error) AccountProofPrivKey() (crypto.PrivKey, error) DevicePrivKey() (crypto.PrivKey, error) ContactGroupPrivKey(pk crypto.PubKey) (crypto.PrivKey, error) MemberDeviceForGroup(g *protocoltypes.Group) (*OwnMemberDevice, error) RestoreAccountKeys(accountKey crypto.PrivKey, accountProofKey crypto.PrivKey) error AttachmentPrivKey(cid []byte) (crypto.PrivKey, error) AttachmentPrivKeyPut(cid []byte, sk crypto.PrivKey) error AttachmentSecret(cid []byte) ([]byte, error) AttachmentSecretPut(cid []byte, secret []byte) error AttachmentSecretSlice(cids [][]byte) ([][]byte, error) AttachmentSecretSlicePut(cids, secrets [][]byte) error }
func NewDeviceKeystore ¶ added in v2.308.0
func NewDeviceKeystore(ks keystore.Keystore, opts *DeviceKeystoreOpts) DeviceKeystore
NewDeviceKeystore creates a new deviceKeystore instance, if the keystore does not hold an deviceKeystore key, one will be created when required
func NewWithExistingKeys ¶ added in v2.308.0
func NewWithExistingKeys(ks keystore.Keystore, sk crypto.PrivKey, proofSK crypto.PrivKey) (DeviceKeystore, error)
NewWithExistingKeys creates a new deviceKeystore instance and registers the supplied secret key, useful when migrating deviceKeystore to another device
type DeviceKeystoreOpts ¶ added in v2.326.0
type GroupDatastore ¶ added in v2.308.0
type GroupDatastore struct {
// contains filtered or unexported fields
}
func NewGroupDatastore ¶ added in v2.308.0
func NewGroupDatastore(ds datastore.Datastore) (*GroupDatastore, error)
func (*GroupDatastore) Get ¶ added in v2.308.0
func (gd *GroupDatastore) Get(ctx context.Context, key crypto.PubKey) (*protocoltypes.Group, error)
func (*GroupDatastore) Put ¶ added in v2.308.0
func (gd *GroupDatastore) Put(ctx context.Context, g *protocoltypes.Group) error
func (*GroupDatastore) PutForContactPK ¶ added in v2.308.0
func (gd *GroupDatastore) PutForContactPK(ctx context.Context, pk crypto.PubKey, deviceKeystore DeviceKeystore) error
type GroupDatastoreReadOnly ¶ added in v2.308.0
type GroupWithLinkKey ¶ added in v2.318.0
type GroupWithLinkKey interface { GroupWithSecret GetLinkKey() []byte }
type GroupWithSecret ¶ added in v2.321.0
type MemberDevice ¶ added in v2.308.0
MemberDevice is a remote Device part of a group
type MessageKeystore ¶ added in v2.308.0
type MessageKeystore struct {
// contains filtered or unexported fields
}
func NewInMemMessageKeystore ¶ added in v2.308.0
func NewInMemMessageKeystore() (*MessageKeystore, func())
nolint:deadcode,unused // NewInMemMessageKeystore instantiate a new MessageKeystore, useful for testing
func NewMessageKeystore ¶ added in v2.308.0
func NewMessageKeystore(s datastore.Datastore) *MessageKeystore
NewMessageKeystore instantiate a new MessageKeystore
func (*MessageKeystore) DeriveDeviceSecret ¶ added in v2.308.0
func (m *MessageKeystore) DeriveDeviceSecret(ctx context.Context, g *protocoltypes.Group, deviceSK crypto.PrivKey) error
func (*MessageKeystore) GetByPushGroupReference ¶ added in v2.321.0
func (*MessageKeystore) GetDeviceChainKey ¶ added in v2.308.0
func (m *MessageKeystore) GetDeviceChainKey(ctx context.Context, groupPK, pk crypto.PubKey) (*protocoltypes.DeviceSecret, error)
func (*MessageKeystore) GetDeviceSecret ¶ added in v2.308.0
func (m *MessageKeystore) GetDeviceSecret(ctx context.Context, g *protocoltypes.Group, acc DeviceKeystore) (*protocoltypes.DeviceSecret, error)
func (*MessageKeystore) GetKeyForCID ¶ added in v2.308.0
func (m *MessageKeystore) GetKeyForCID(ctx context.Context, id cid.Cid) (*[32]byte, error)
func (*MessageKeystore) GetPrecomputedKeyExpectedCount ¶ added in v2.308.0
func (m *MessageKeystore) GetPrecomputedKeyExpectedCount() int
func (*MessageKeystore) HasSecretForRawDevicePK ¶ added in v2.369.0
func (m *MessageKeystore) HasSecretForRawDevicePK(ctx context.Context, groupPK, devicePK []byte) (has bool)
func (*MessageKeystore) OpenEnvelope ¶ added in v2.308.0
func (m *MessageKeystore) OpenEnvelope( ctx context.Context, g *protocoltypes.Group, ownPK crypto.PubKey, data []byte, id cid.Cid, ) (*protocoltypes.MessageHeaders, *protocoltypes.EncryptedMessage, [][]byte, error)
func (*MessageKeystore) OpenEnvelopePayload ¶ added in v2.369.0
func (m *MessageKeystore) OpenEnvelopePayload( ctx context.Context, env *protocoltypes.MessageEnvelope, headers *protocoltypes.MessageHeaders, g *protocoltypes.Group, ownPK crypto.PubKey, id cid.Cid, ) (*protocoltypes.EncryptedMessage, [][]byte, error)
func (*MessageKeystore) OpenOutOfStoreMessage ¶ added in v2.308.0
func (m *MessageKeystore) OpenOutOfStoreMessage(ctx context.Context, envelope *protocoltypes.OutOfStoreMessage, groupPublicKey []byte) ([]byte, bool, error)
func (*MessageKeystore) OpenPayload ¶ added in v2.308.0
func (m *MessageKeystore) OpenPayload(ctx context.Context, id cid.Cid, groupPK crypto.PubKey, payload []byte, headers *protocoltypes.MessageHeaders) ([]byte, *DecryptInfo, error)
func (*MessageKeystore) PostDecryptActions ¶ added in v2.308.0
func (m *MessageKeystore) PostDecryptActions(ctx context.Context, di *DecryptInfo, g *protocoltypes.Group, ownPK crypto.PubKey, headers *protocoltypes.MessageHeaders) error
func (*MessageKeystore) RegisterChainKey ¶ added in v2.308.0
func (m *MessageKeystore) RegisterChainKey(ctx context.Context, g *protocoltypes.Group, devicePK crypto.PubKey, ds *protocoltypes.DeviceSecret, isOwnPK bool) error
func (*MessageKeystore) SealEnvelope ¶ added in v2.308.0
func (*MessageKeystore) UpdatePushGroupReferences ¶ added in v2.321.0
func (m *MessageKeystore) UpdatePushGroupReferences(ctx context.Context, devicePK []byte, first uint64, group GroupWithSecret) error
type OwnMemberDevice ¶ added in v2.308.0
type OwnMemberDevice struct {
// contains filtered or unexported fields
}
OwnMemberDevice is own local Device part of a group
func NewOwnMemberDevice ¶ added in v2.308.0
func NewOwnMemberDevice(member crypto.PrivKey, device crypto.PrivKey) *OwnMemberDevice
func (*OwnMemberDevice) PrivateDevice ¶ added in v2.308.0
func (d *OwnMemberDevice) PrivateDevice() crypto.PrivKey
func (*OwnMemberDevice) PrivateMember ¶ added in v2.308.0
func (d *OwnMemberDevice) PrivateMember() crypto.PrivKey
func (*OwnMemberDevice) Public ¶ added in v2.308.0
func (d *OwnMemberDevice) Public() *MemberDevice