auth

package
v2.0.7+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 30, 2019 License: GPL-3.0, BSD-3-Clause Imports: 2 Imported by: 0

Documentation

Overview

Package auth authenticates a message using a secret key.

The Sum function, viewed as a function of the message for a uniform random key, is designed to meet the standard notion of unforgeability. This means that an attacker cannot find authenticators for any messages not authenticated by the sender, even if the attacker has adaptively influenced the messages authenticated by the sender. For a formal definition see, e.g., Section 2.4 of Bellare, Kilian, and Rogaway, "The security of the cipher block chaining message authentication code," Journal of Computer and System Sciences 61 (2000), 362–399; http://www-cse.ucsd.edu/~mihir/papers/cbc.html.

auth does not make any promises regarding "strong" unforgeability; perhaps one valid authenticator can be converted into another valid authenticator for the same message. NaCl also does not make any promises regarding "truncated unforgeability."

This package is interoperable with NaCl: https://nacl.cr.yp.to/auth.html.

Example
package main

import (
	"encoding/hex"
	"fmt"

	"github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common/crypto/nacl/auth"
)

func main() {
	// Load your secret key from a safe place and reuse it across multiple
	// Sum calls. (Obviously don't use this example key for anything
	// real.) If you want to convert a passphrase to a key, use a suitable
	// package like bcrypt or scrypt.
	secretKeyBytes, err := hex.DecodeString("6368616e676520746869732070617373776f726420746f206120736563726574")
	if err != nil {
		panic(err)
	}

	var secretKey [32]byte
	copy(secretKey[:], secretKeyBytes)

	mac := auth.Sum([]byte("hello world"), &secretKey)
	fmt.Printf("%x\n", *mac)
	result := auth.Verify(mac[:], []byte("hello world"), &secretKey)
	fmt.Println(result)
	badResult := auth.Verify(mac[:], []byte("different message"), &secretKey)
	fmt.Println(badResult)
}
Output:

eca5a521f3d77b63f567fb0cb6f5f2d200641bc8dada42f60c5f881260c30317
true
false

Index

Examples

Constants

View Source
const (
	// Size is the size, in bytes, of an authenticated digest.
	Size = 32
	// KeySize is the size, in bytes, of an authentication key.
	KeySize = 32
)

Variables

This section is empty.

Functions

func Sum

func Sum(m []byte, key *[KeySize]byte) *[Size]byte

Sum generates an authenticator for m using a secret key and returns the 32-byte digest.

func Verify

func Verify(digest []byte, m []byte, key *[KeySize]byte) bool

Verify checks that digest is a valid authenticator of message m under the given secret key. Verify does not leak timing information.

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL