bmcrypto

package
v0.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 19, 2021 License: MIT Imports: 27 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var KeyTypes = []KeyType{
	NewRsaKey(2048),
	NewRsaKey(4096),
	NewEd25519Key(),
	NewEcdsaKey(elliptic.P384()),
}

KeyTypes is a list of all keytypes available

Functions

func CatalogDecrypt 

func CatalogDecrypt(key, data []byte, catalog interface{}) error

CatalogDecrypt decrypts a catalog with the given key

func CatalogEncrypt 

func CatalogEncrypt(catalog interface{}) ([]byte, []byte, error)

CatalogEncrypt encrypts a catalog with a random key.

func CreateCatalogKey 

func CreateCatalogKey() ([]byte, error)

CreateCatalogKey generates a new key that is used for encrypting a catalog

func Decrypt 

func Decrypt(key PrivKey, txID string, message []byte) ([]byte, error)

Decrypt a message with the given key

func DualKeyGetSecret 

func DualKeyGetSecret(priv PrivKey, txID TransactionID) ([]byte, bool, error)

DualKeyGetSecret verifies if the transaction ID matches our private key. If so, it will return the secret that has been exchanged

func EdPrivToX25519 

func EdPrivToX25519(privateKey ed25519.PrivateKey) []byte

EdPrivToX25519 converts a ed25519 PrivateKey to a X25519 Private Key

func EdPubToX25519 

func EdPubToX25519(pk ed25519.PublicKey) []byte

EdPubToX25519 converts a ed25519 Public Key to a X25519 Public Key

func Encrypt 

func Encrypt(pubKey PubKey, message []byte) ([]byte, string, string, error)

Encrypt a message with the given key

func GenerateIvAndKey 

func GenerateIvAndKey() ([]byte, []byte, error)

GenerateIvAndKey generate a random IV and key

func GenerateKeyPair 

func GenerateKeyPair(kt KeyType) (*PrivKey, *PubKey, error)

GenerateKeyPair generates a private/public keypair based on the given type

func GetAesDecryptorReader 

func GetAesDecryptorReader(iv []byte, key []byte, r io.Reader) (io.Reader, error)

GetAesDecryptorReader returns a reader that automatically decrypts reader blocks through CFB stream

func GetAesEncryptorReader 

func GetAesEncryptorReader(iv []byte, key []byte, r io.Reader) (io.Reader, error)

GetAesEncryptorReader returns a reader that automatically encrypts reader blocks through CFB stream

func JSONDecrypt 

func JSONDecrypt(key []byte, ciphertext []byte, v interface{}) error

JSONDecrypt decrypts data back from a encrypted marshalled JSON structure

func JSONEncrypt 

func JSONEncrypt(key []byte, data interface{}) ([]byte, error)

JSONEncrypt encrypts a structure that is marshalled to JSON

func KeyExchange 

func KeyExchange(privK PrivKey, pubK PubKey) ([]byte, error)

KeyExchange exchange a message given the Private and other's Public Key

func MessageDecrypt 

func MessageDecrypt(key []byte, message []byte) ([]byte, error)

MessageDecrypt decrypts a binary message

func MessageEncrypt 

func MessageEncrypt(key []byte, plaintext []byte) ([]byte, error)

MessageEncrypt encrypts a binary message

func Sign 

func Sign(key PrivKey, message []byte) ([]byte, error)

Sign a message based on the given key.

func Verify 

func Verify(key PubKey, message []byte, sig []byte) (bool, error)

Verify if hash compares against the signature of the message

Types

type KeyEcdsa 

type KeyEcdsa struct {
	Curve elliptic.Curve
}

KeyEcdsa is a keytype for elliptic curve

func (*KeyEcdsa) CanDualKeyExchange 

func (k *KeyEcdsa) CanDualKeyExchange() bool

CanDualKeyExchange returns true if the key(type) is able to be used for a dual key exchange

func (*KeyEcdsa) CanEncrypt 

func (k *KeyEcdsa) CanEncrypt() bool

CanEncrypt returns true if the key(type) is able to be used for encryption/decryption

func (*KeyEcdsa) CanKeyExchange 

func (k *KeyEcdsa) CanKeyExchange() bool

CanKeyExchange returns true if the key(type) is able to be used for key exchange

func (*KeyEcdsa) Decrypt 

func (k *KeyEcdsa) Decrypt(key PrivKey, txID string, message []byte) ([]byte, error)

Decrypt will decrypt the given bytes with the private key

func (*KeyEcdsa) DualKeyExchange 

func (k *KeyEcdsa) DualKeyExchange(pub PubKey) ([]byte, *TransactionID, error)

DualKeyExchange allows for a ECIES key exchange

func (*KeyEcdsa) Encrypt 

func (k *KeyEcdsa) Encrypt(key PubKey, message []byte) ([]byte, string, string, error)

Encrypt will encrypt the given bytes with the public key. Will return the ciphertext, a transaction ID (if needed), the crypto used and an error

func (*KeyEcdsa) GenerateKeyPair 

func (k *KeyEcdsa) GenerateKeyPair(r io.Reader) (*PrivKey, *PubKey, error)

GenerateKeyPair will generate a new keypair for this keytype. io.Reader can be deterministic if needed

func (*KeyEcdsa) JWTHasValidSignMethod 

func (k *KeyEcdsa) JWTHasValidSignMethod(token *jwt.Token) bool

JWTHasValidSignMethod will return true when this keytype has been used for signing the token

func (*KeyEcdsa) JWTSignMethod 

func (k *KeyEcdsa) JWTSignMethod() jwt.SigningMethod

JWTSignMethod will return the signing method used for this keytype

func (*KeyEcdsa) KeyExchange 

func (k *KeyEcdsa) KeyExchange(privK PrivKey, pubK PubKey) ([]byte, error)

KeyExchange allows for a key exchange (if possible in the keytype)

func (*KeyEcdsa) ParsePrivateKeyData 

func (k *KeyEcdsa) ParsePrivateKeyData(buf []byte) (interface{}, error)

ParsePrivateKeyData will parse a string representation of a key and returns the given key

func (*KeyEcdsa) ParsePrivateKeyInterface 

func (k *KeyEcdsa) ParsePrivateKeyInterface(key interface{}) ([]byte, error)

ParsePrivateKeyInterface will parse a interface and returns the key representation

func (*KeyEcdsa) ParsePublicKeyData 

func (k *KeyEcdsa) ParsePublicKeyData(buf []byte) (interface{}, error)

ParsePublicKeyData will parse a interface and returns the key representation

func (*KeyEcdsa) ParsePublicKeyInterface 

func (k *KeyEcdsa) ParsePublicKeyInterface(key interface{}) ([]byte, error)

ParsePublicKeyInterface will parse a interface and returns the key representation

func (*KeyEcdsa) Sign 

func (k *KeyEcdsa) Sign(_ io.Reader, key PrivKey, message []byte) ([]byte, error)

Sign will sign the given bytes with the private key

func (*KeyEcdsa) String 

func (k *KeyEcdsa) String() string

String returns a string representation of the key type ("rsa", "ecdsa", "ed25519" etc)

func (*KeyEcdsa) Verify 

func (k *KeyEcdsa) Verify(key PubKey, message []byte, sig []byte) (bool, error)

Verify will verify the signature with the public key

type KeyEd25519 

type KeyEd25519 struct {
}

KeyEd25519 is the ed25519 keytype

func (*KeyEd25519) CanDualKeyExchange 

func (k *KeyEd25519) CanDualKeyExchange() bool

CanDualKeyExchange returns true if the key(type) is able to be used for a dual key exchange

func (*KeyEd25519) CanEncrypt 

func (k *KeyEd25519) CanEncrypt() bool

CanEncrypt returns true if the key(type) is able to be used for encryption/decryption

func (*KeyEd25519) CanKeyExchange 

func (k *KeyEd25519) CanKeyExchange() bool

CanKeyExchange returns true if the key(type) is able to be used for key exchange

func (*KeyEd25519) Decrypt 

func (k *KeyEd25519) Decrypt(key PrivKey, txID string, message []byte) ([]byte, error)

Decrypt will decrypt the given bytes with the private key

func (*KeyEd25519) DualKeyExchange 

func (k *KeyEd25519) DualKeyExchange(pub PubKey) ([]byte, *TransactionID, error)

DualKeyExchange allows for a ECIES key exchange

func (*KeyEd25519) Encrypt 

func (k *KeyEd25519) Encrypt(key PubKey, message []byte) ([]byte, string, string, error)

Encrypt will encrypt the given bytes with the public key. Will return the ciphertext, a transaction ID (if needed), the crypto used and an error

func (*KeyEd25519) GenerateKeyPair 

func (k *KeyEd25519) GenerateKeyPair(r io.Reader) (*PrivKey, *PubKey, error)

GenerateKeyPair will generate a new keypair for this keytype. io.Reader can be deterministic if needed

func (*KeyEd25519) JWTHasValidSignMethod 

func (k *KeyEd25519) JWTHasValidSignMethod(token *jwt.Token) bool

JWTHasValidSignMethod will return true when this keytype has been used for signing the token

func (*KeyEd25519) JWTSignMethod 

func (k *KeyEd25519) JWTSignMethod() jwt.SigningMethod

JWTSignMethod will return the signing method used for this keytype

func (*KeyEd25519) KeyExchange 

func (k *KeyEd25519) KeyExchange(privK PrivKey, pubK PubKey) ([]byte, error)

KeyExchange allows for a key exchange (if possible in the keytype)

func (*KeyEd25519) ParsePrivateKeyData 

func (k *KeyEd25519) ParsePrivateKeyData(buf []byte) (interface{}, error)

ParsePrivateKeyData will parse a string representation of a key and returns the given key

func (*KeyEd25519) ParsePrivateKeyInterface 

func (k *KeyEd25519) ParsePrivateKeyInterface(key interface{}) ([]byte, error)

ParsePrivateKeyInterface will parse a interface and returns the key representation

func (*KeyEd25519) ParsePublicKeyData 

func (k *KeyEd25519) ParsePublicKeyData(buf []byte) (interface{}, error)

ParsePublicKeyData will parse a interface and returns the key representation

func (*KeyEd25519) ParsePublicKeyInterface 

func (k *KeyEd25519) ParsePublicKeyInterface(key interface{}) ([]byte, error)

ParsePublicKeyInterface will parse a interface and returns the key representation

func (*KeyEd25519) Sign 

func (k *KeyEd25519) Sign(reader io.Reader, key PrivKey, message []byte) ([]byte, error)

Sign will sign the given bytes with the private key

func (*KeyEd25519) String 

func (k *KeyEd25519) String() string

String returns a string representation of the key type ("rsa", "ecdsa", "ed25519" etc)

func (*KeyEd25519) Verify 

func (k *KeyEd25519) Verify(key PubKey, message []byte, sig []byte) (bool, error)

Verify will verify the signature with the public key

type KeyPair 

type KeyPair struct {
	Generator   string  `json:"generator"`   // The generator string that will generate the given keypair
	FingerPrint string  `json:"fingerprint"` // The sha1 fingerprint for this key
	PrivKey     PrivKey `json:"priv_key"`    // PEM encoded private key
	PubKey      PubKey  `json:"pub_key"`     // PEM encoded public key
}

KeyPair is a structure with key information

func CreateKeypair 

func CreateKeypair(kt KeyType, seed []byte) (*KeyPair, error)

CreateKeypair create a new keypair

type KeyRsa 

type KeyRsa struct {
	Type    string
	BitSize int
}

KeyRsa is the RSA keytype

func (*KeyRsa) CanDualKeyExchange 

func (k *KeyRsa) CanDualKeyExchange() bool

CanDualKeyExchange returns true if the key(type) is able to be used for a dual key exchange

func (*KeyRsa) CanEncrypt 

func (k *KeyRsa) CanEncrypt() bool

CanEncrypt returns true if the key(type) is able to be used for encryption/decryption

func (*KeyRsa) CanKeyExchange 

func (k *KeyRsa) CanKeyExchange() bool

CanKeyExchange returns true if the key(type) is able to be used for key exchange

func (*KeyRsa) Decrypt 

func (k *KeyRsa) Decrypt(key PrivKey, _ string, message []byte) ([]byte, error)

Decrypt will decrypt the given bytes with the private key

func (*KeyRsa) DualKeyExchange 

func (k *KeyRsa) DualKeyExchange(_ PubKey) ([]byte, *TransactionID, error)

DualKeyExchange allows for a ECIES key exchange

func (*KeyRsa) Encrypt 

func (k *KeyRsa) Encrypt(key PubKey, message []byte) ([]byte, string, string, error)

Encrypt will encrypt the given bytes with the public key. Will return the ciphertext, a transaction ID (if needed), the crypto used and an error

func (*KeyRsa) GenerateKeyPair 

func (k *KeyRsa) GenerateKeyPair(r io.Reader) (*PrivKey, *PubKey, error)

GenerateKeyPair will generate a new keypair for this keytype. io.Reader can be deterministic if needed

func (*KeyRsa) JWTHasValidSignMethod 

func (k *KeyRsa) JWTHasValidSignMethod(token *jwt.Token) bool

JWTHasValidSignMethod will return true when this keytype has been used for signing the token

func (*KeyRsa) JWTSignMethod 

func (k *KeyRsa) JWTSignMethod() jwt.SigningMethod

JWTSignMethod will return the signing method used for this keytype

func (*KeyRsa) KeyExchange 

func (k *KeyRsa) KeyExchange(_ PrivKey, _ PubKey) ([]byte, error)

KeyExchange allows for a key exchange (if possible in the keytype)

func (*KeyRsa) ParsePrivateKeyData 

func (k *KeyRsa) ParsePrivateKeyData(buf []byte) (interface{}, error)

ParsePrivateKeyData will parse a string representation of a key and returns the given key

func (*KeyRsa) ParsePrivateKeyInterface 

func (k *KeyRsa) ParsePrivateKeyInterface(key interface{}) ([]byte, error)

ParsePrivateKeyInterface will parse a interface and returns the key representation

func (*KeyRsa) ParsePublicKeyData 

func (k *KeyRsa) ParsePublicKeyData(buf []byte) (interface{}, error)

ParsePublicKeyData will parse a interface and returns the key representation

func (*KeyRsa) ParsePublicKeyInterface 

func (k *KeyRsa) ParsePublicKeyInterface(key interface{}) ([]byte, error)

ParsePublicKeyInterface will parse a interface and returns the key representation

func (*KeyRsa) Sign 

func (k *KeyRsa) Sign(_ io.Reader, key PrivKey, message []byte) ([]byte, error)

Sign will sign the given bytes with the private key

func (*KeyRsa) String 

func (k *KeyRsa) String() string

String returns a string representation of the key type ("rsa", "ecdsa", "ed25519" etc)

func (*KeyRsa) Verify 

func (k *KeyRsa) Verify(key PubKey, message []byte, sig []byte) (bool, error)

Verify will verify the signature with the public key

type KeyType 

type KeyType interface {
	// CanEncrypt returns true if the key(type) is able to be used for encryption/decryption
	CanEncrypt() bool
	// CanKeyExchange returns true if the key(type) is able to be used for key exchange
	CanKeyExchange() bool
	// CanDualKeyExchange returns true if the key(type) is able to be used for a dual key exchange
	CanDualKeyExchange() bool

	// String returns a string representation of the key type ("rsa", "ecdsa", "ed25519" etc)
	String() string

	// ParsePrivateKeyData will parse a string representation of a key and returns the given key
	ParsePrivateKeyData([]byte) (interface{}, error)
	// ParsePrivateKeyInterface will parse a interface and returns the key representation
	ParsePrivateKeyInterface(interface{}) ([]byte, error)
	// ParsePublicKeyData will parse a interface and returns the key representation
	ParsePublicKeyData([]byte) (interface{}, error)
	// ParsePublicKeyInterface will parse a interface and returns the key representation
	ParsePublicKeyInterface(interface{}) ([]byte, error)

	// GenerateKeyPair will generate a new keypair for this keytype. io.Reader can be deterministic if needed
	GenerateKeyPair(io.Reader) (*PrivKey, *PubKey, error)

	// JWTSignMethod will return the signing method used for this keytype
	JWTSignMethod() jwt.SigningMethod
	// JWTHasValidSignMethod will return true when this keytype has been used for signing the token
	JWTHasValidSignMethod(*jwt.Token) bool

	// Encrypt will encrypt the given bytes with the public key. Will return the ciphertext, a transaction ID (if needed), the crypto used and an error
	Encrypt(PubKey, []byte) ([]byte, string, string, error)
	// Decrypt will decrypt the given bytes with the private key
	Decrypt(PrivKey, string, []byte) ([]byte, error)

	// Sign will sign the given bytes with the private key
	Sign(io.Reader, PrivKey, []byte) ([]byte, error)
	// Verify will verify the signature with the public key
	Verify(PubKey, []byte, []byte) (bool, error)

	// KeyExchange allows for a key exchange (if possible in the keytype)
	KeyExchange(privK PrivKey, pubK PubKey) ([]byte, error)
	// DualKeyExchange allows for a ECIES key exchange
	DualKeyExchange(_ PubKey) ([]byte, *TransactionID, error)
}

KeyType is an interface that each key type should implement.

func FindKeyType 

func FindKeyType(typ string) (KeyType, error)

FindKeyType finds the keytype based on the given string

func NewEcdsaKey 

func NewEcdsaKey(curve elliptic.Curve) KeyType

NewEcdsaKey creates a new keytype based on the given curve

func NewEd25519Key 

func NewEd25519Key() KeyType

NewEd25519Key will return the keytype of ed25519. There is only a single curve here.

func NewRsaKey 

func NewRsaKey(bits int) KeyType

NewRsaKey will return a keytype based on the number of bits

type PrivKey 

type PrivKey struct {
	Type KeyType     // structure of the key
	S    string      // String representation <type> <PEM key>
	B    []byte      // Byte representation of string
	K    interface{} // Key interface{}
}

PrivKey is a structure containing a private key in multiple formats

func PrivateKeyFromInterface 

func PrivateKeyFromInterface(kt KeyType, key interface{}) (*PrivKey, error)

PrivateKeyFromInterface creates a new key based on an interface{} (like rsa.PrivateKey)

func PrivateKeyFromString 

func PrivateKeyFromString(data string) (*PrivKey, error)

PrivateKeyFromString creates a new private key based on the string data "<type> <key>"

func (*PrivKey) MarshalJSON 

func (pk *PrivKey) MarshalJSON() ([]byte, error)

MarshalJSON marshals a key into bytes

func (*PrivKey) String 

func (pk *PrivKey) String() string

Strings returns the key in a textual representation

func (*PrivKey) UnmarshalJSON 

func (pk *PrivKey) UnmarshalJSON(b []byte) error

UnmarshalJSON unmarshals bytes into a key

type PubKey 

type PubKey struct {
	Type        KeyType     // Type of the the private key
	S           string      // String representation <type> <PEM key> <description>
	B           []byte      // Byte representation of string
	K           interface{} // Key interface{}
	Description string      // Optional description
}

PubKey is a structure containing a public key in multiple formats

func PublicKeyFromInterface 

func PublicKeyFromInterface(kt KeyType, key interface{}) (*PubKey, error)

PublicKeyFromInterface creates a new key based on an interface{} (like rsa.PublicKey)

func PublicKeyFromString 

func PublicKeyFromString(data string) (*PubKey, error)

PublicKeyFromString creates a new public key based on the string data "<type> <key> <description>"

func (*PubKey) Fingerprint 

func (pk *PubKey) Fingerprint() string

Fingerprint return the fingerprint of the key

func (*PubKey) MarshalJSON 

func (pk *PubKey) MarshalJSON() ([]byte, error)

MarshalJSON marshals a key into bytes

func (*PubKey) String 

func (pk *PubKey) String() string

String converts a key to "<type> <key> <description>"

func (*PubKey) UnmarshalJSON 

func (pk *PubKey) UnmarshalJSON(b []byte) error

UnmarshalJSON unmarshals bytes into a key

type SigningMethodEdDSA 

type SigningMethodEdDSA struct{}

SigningMethodEdDSA ed25519 signing method for JWT token signing

func (*SigningMethodEdDSA) Alg 

func (m *SigningMethodEdDSA) Alg() string

Alg returns the algorithm used

func (*SigningMethodEdDSA) Sign 

func (m *SigningMethodEdDSA) Sign(signingString string, key interface{}) (str string, err error)

Sign wil sign a string

func (*SigningMethodEdDSA) Verify 

func (m *SigningMethodEdDSA) Verify(signingString string, signature string, key interface{}) error

Verify will verify a signature

type TransactionID 

type TransactionID struct {
	P []byte
	R []byte
}

TransactionID is a structure that holds the P and R value that is needed to verify the dual key signature

func DualKeyExchange 

func DualKeyExchange(pub PubKey) ([]byte, *TransactionID, error)

DualKeyExchange is a Dual DH key exchange that uses an intermediate key. This key is randomized and provide a way for alice and bob to communicate through a non-deterministic DH. It returns the (shared) secret, a transaction ID that needs to be send over to the other user.

func TxIDFromString 

func TxIDFromString(s string) (*TransactionID, error)

TxIDFromString converts a hexadecimal presentation into a TransactionID

func (TransactionID) ToHex 

func (txID TransactionID) ToHex() string

ToHex converts a transaction ID to a hexadecimal representation

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.