go_eccrypto

package module

v0.1.0 Latest Latest Go to latest Published: May 31, 2023 License: MIT Imports: 17 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/bittorrent/go-eccrypto

Links

Open Source Insights

README ¶

go-eccrypto

go Elliptic curve cryptography library

Implementation details

Only secp256k1 curve, only SHA-512 (KDF), HMAC-SHA-256 (HMAC) and AES-256-CBC for ECIES

Usage

const msg = "hello,world\n"
const pkHex = "048903aca62f342426d0595597bcd4b03519723c7292f231a5d40c02" +
	"d43c0f69309de7166e91d2fe7a479bcad8a4f611175b8a593178683518fcab05b8bf74dc09"
const privHex = "0abfa58854e585d9bb04a1ffad0f5ac507ac042e7aa69abbcf18f3103a936f6f"

cipherText, metadata, err := Encrypt(pkHex, []byte(msg))
decrypted, err := Decrypt(privHex, cipherText, metadata)

Encryption:

1. Use `Public key` and `Private Key` to derive the `Share Secret`.

2. Use `Share Secret` to do SHA512.

3. Generate 16 bytes random IV.

4. Take the value of the step2 as the first 32 bits as `encryptionKey`

5. Take the value of the step2 as the last 32 bits as `macKey`

6. Encrypt iv and encryptionKey with AES-256-CBC to get `ciphertext`。

Decryption:

1. Use `Public key` and `Private Key` to derive `Share Secret`

2. Use `Share Secret` to do SHA512.

3. Take the value of the step2 as the first 32 bits as `encryptionKey`.

4. Take the value of the step2 as the last 32 bits as `macKey`.

5. Verify whether the macKey same as input macKey.

6. Input iv、encryptionKey、ciphertext，and decrypt with AES-256-CBC.

Reference: https://en.wikipedia.org/wiki/Integrated_Encryption_Scheme https://github.com/bitchan/eccrypto

Documentation ¶

Index ¶

Constants
func Decrypt(privateKeyHex string, cipherText string, t *EciesMetadata) (string, error)
func PKCS5Padding(ciphertext []byte, blockSize int) []byte
func PKCS5UnPadding(plaintext []byte) []byte
type EciesMetadata
- func Encrypt(pubkeyHex string, plainbytes []byte) (string, *EciesMetadata, error)
type PrivateKey
type PublicKey
- func NewPublicKeyFromBytes(b []byte) (*PublicKey, error)
- func NewPublicKeyFromHex(s string) (*PublicKey, error)

Constants ¶

View Source

const (
	B        = iota
	KB int64 = 1 << (10 * iota)
	MB
	GB
	TB
)

View Source

const (
	ENCRYPTION_MODE_1 = "AES256"
)

Variables ¶

This section is empty.

Functions ¶

func Decrypt ¶

func Decrypt(privateKeyHex string, cipherText string, t *EciesMetadata) (string, error)

func PKCS5Padding ¶

func PKCS5Padding(ciphertext []byte, blockSize int) []byte

func PKCS5UnPadding ¶

func PKCS5UnPadding(plaintext []byte) []byte

Types ¶

type EciesMetadata ¶

type EciesMetadata struct {
	Iv             string `json:"iv"`
	EphemPublicKey string `json:"ephemPublicKey"`
	Mac            string `json:"mac"`
	Mode           string `json:"mode"`
}

func Encrypt ¶

func Encrypt(pubkeyHex string, plainbytes []byte) (string, *EciesMetadata, error)

type PrivateKey ¶

type PrivateKey struct {
	*PublicKey
	D *big.Int
}

PrivateKey is an instance of secp256k1 private key with nested public key

func GenerateKey ¶

func GenerateKey() (*PrivateKey, error)

GenerateKey generates secp256k1 key pair

func NewPrivateKeyFromBytes ¶

func NewPrivateKeyFromBytes(priv []byte) *PrivateKey

NewPrivateKeyFromBytes decodes private key raw bytes, computes public key and returns PrivateKey instance

func NewPrivateKeyFromHex ¶

func NewPrivateKeyFromHex(s string) (*PrivateKey, error)

NewPrivateKeyFromHex decodes hex form of private key raw bytes, computes public key and returns PrivateKey instance

func (*PrivateKey) Bytes ¶

func (k *PrivateKey) Bytes() []byte

Bytes returns private key raw bytes

func (*PrivateKey) ECDH ¶

func (k *PrivateKey) ECDH(pub *PublicKey) ([]byte, error)

ECDH derives shared secret; Must not be used as crypto key, it increases chances to perform successful key restoration attack

func (*PrivateKey) Encapsulate ¶

func (k *PrivateKey) Encapsulate(pub *PublicKey) ([]byte, error)

Encapsulate encapsulates key by using Key Encapsulation Mechanism and returns symmetric key; can be safely used as crypto key

func (*PrivateKey) Equals ¶

func (k *PrivateKey) Equals(priv *PrivateKey) bool

Equals compares two private keys with constant time (to resist timing attacks)

func (*PrivateKey) Hex ¶

func (k *PrivateKey) Hex() string

Hex returns private key bytes in hex form

type PublicKey ¶

type PublicKey struct {
	elliptic.Curve
	X, Y *big.Int
}

PublicKey instance with nested elliptic.Curve interface (secp256k1 instance in our case)

func NewPublicKeyFromBytes ¶

func NewPublicKeyFromBytes(b []byte) (*PublicKey, error)

NewPublicKeyFromBytes decodes public key raw bytes and returns PublicKey instance; Supports both compressed and uncompressed public keys

func NewPublicKeyFromHex ¶

func NewPublicKeyFromHex(s string) (*PublicKey, error)

NewPublicKeyFromHex decodes hex form of public key raw bytes and returns PublicKey instance

func (*PublicKey) Bytes ¶

func (k *PublicKey) Bytes(compressed bool) []byte

Bytes returns public key raw bytes; Could be optionally compressed by dropping Y part

func (*PublicKey) Decapsulate ¶

func (k *PublicKey) Decapsulate(priv *PrivateKey) ([]byte, error)

Decapsulate decapsulates key by using Key Encapsulation Mechanism and returns symmetric key; can be safely used as crypto key

func (*PublicKey) Equals ¶

func (k *PublicKey) Equals(pub *PublicKey) bool

Equals compares two public keys with constant time (to resist timing attacks)

func (*PublicKey) Hex ¶

func (k *PublicKey) Hex(compressed bool) string

Hex returns public key bytes in hex form

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL