Documentation
¶
Overview ¶
Package protectedcrypto implements cryptographic protocols over protected memory.
Index ¶
- Variables
- func ED25519Verify(publicKey ed25519.PublicKey, message, sig []byte) bool
- func SHA256HMAC(key, message, output []byte) []byte
- type Curve25519
- func (self *Curve25519) Generate() error
- func (self *Curve25519) PrivateKey() memprotect.Element
- func (self *Curve25519) PublicKey() *[32]byte
- func (self *Curve25519) Seal()
- func (self *Curve25519) SetSecure(privateKey memprotect.Element) error
- func (self *Curve25519) SharedSecret(myPublicKey, peerPublicKey *[32]byte) (myPublicKeyCopy *[32]byte, secret memprotect.Cell, err error)
- type Curve25519Ephemeral
- type Curve25519Ratchet
- func (self *Curve25519Ratchet) Advance() (int64, error)
- func (self *Curve25519Ratchet) Generate(startTime, ratchetTime int64) error
- func (self *Curve25519Ratchet) Generator() (memprotect.Curve25519RatchetGenerator, error)
- func (self *Curve25519Ratchet) PrivateKey() memprotect.Element
- func (self *Curve25519Ratchet) Seal()
- func (self *Curve25519Ratchet) SetSecure(privateKey memprotect.Element) error
- func (self *Curve25519Ratchet) SharedSecret(ratchetKey *[32]byte, peerPublicKey *[32]byte) (ratchetPublicKey *[32]byte, secret memprotect.Cell, err error)
- type Curve25519RatchetGenerator
- type Curve25519Rotating
- func (self *Curve25519Rotating) PublicKey() (PublicKey *[32]byte)
- func (self *Curve25519Rotating) Rotate() (PublicKey *[32]byte, err error)
- func (self *Curve25519Rotating) Seal()
- func (self *Curve25519Rotating) SharedSecret(myPublicKey, peerPublicKey *[32]byte) (myPublicKeyCopy *[32]byte, secret memprotect.Cell, err error)
- type ED25519
- func (self *ED25519) Generate() error
- func (self *ED25519) PrivateKey() memprotect.Element
- func (self *ED25519) PublicKey() (ed25519.PublicKey, error)
- func (self *ED25519) Seal()
- func (self *ED25519) SetSecure(privateKey memprotect.Element) error
- func (self *ED25519) Sign(message []byte) ([]byte, error)
- type RatchetKey
- type SecretCombiner
- type SymmetricKey
Constants ¶
This section is empty.
Variables ¶
View Source
var RandomSource = rand.Reader
Functions ¶
func ED25519Verify ¶
ED25519Verify is a convenience function that wraps ed25519.Verify.
func SHA256HMAC ¶
SHA256HMAC calculates a sha256 HMAC using the given input slices. key and output must be writeable. output must be 32byte long. The result is returned in output. The key may not be more then 64 bytes long for standard conforming operation.
Types ¶
type Curve25519 ¶
type Curve25519 struct {
// contains filtered or unexported fields
}
Curve25519Key returns an Curve25519 capable protected element.
func NewCurve25519 ¶
func NewCurve25519(engine memprotect.Engine, exportEngine ...memprotect.Engine) *Curve25519
func (*Curve25519) Generate ¶
func (self *Curve25519) Generate() error
func (*Curve25519) PrivateKey ¶
func (self *Curve25519) PrivateKey() memprotect.Element
func (*Curve25519) PublicKey ¶
func (self *Curve25519) PublicKey() *[32]byte
func (*Curve25519) Seal ¶
func (self *Curve25519) Seal()
func (*Curve25519) SetSecure ¶
func (self *Curve25519) SetSecure(privateKey memprotect.Element) error
func (*Curve25519) SharedSecret ¶
func (self *Curve25519) SharedSecret(myPublicKey, peerPublicKey *[32]byte) (myPublicKeyCopy *[32]byte, secret memprotect.Cell, err error)
type Curve25519Ephemeral ¶
type Curve25519Ephemeral struct {
// contains filtered or unexported fields
}
func NewCurve25519Ephemeral ¶
func NewCurve25519Ephemeral(exportEngine memprotect.Engine) *Curve25519Ephemeral
func (*Curve25519Ephemeral) SharedSecret ¶
func (self *Curve25519Ephemeral) SharedSecret(myPublicKey, peerPublicKey *[32]byte) (ephemeralPublicKey *[32]byte, secret memprotect.Cell, err error)
type Curve25519Ratchet ¶
type Curve25519Ratchet struct {
// contains filtered or unexported fields
}
func NewCurve25519Ratchet ¶
func NewCurve25519Ratchet(engine memprotect.Engine, exportEngine ...memprotect.Engine) *Curve25519Ratchet
func (*Curve25519Ratchet) Advance ¶
func (self *Curve25519Ratchet) Advance() (int64, error)
func (*Curve25519Ratchet) Generate ¶
func (self *Curve25519Ratchet) Generate(startTime, ratchetTime int64) error
Generate a new RatchetKey. If startTime is less or equal zero it'll be set to the current time.
func (*Curve25519Ratchet) Generator ¶
func (self *Curve25519Ratchet) Generator() (memprotect.Curve25519RatchetGenerator, error)
func (*Curve25519Ratchet) PrivateKey ¶
func (self *Curve25519Ratchet) PrivateKey() memprotect.Element
func (*Curve25519Ratchet) Seal ¶
func (self *Curve25519Ratchet) Seal()
func (*Curve25519Ratchet) SetSecure ¶
func (self *Curve25519Ratchet) SetSecure(privateKey memprotect.Element) error
func (*Curve25519Ratchet) SharedSecret ¶
func (self *Curve25519Ratchet) SharedSecret(ratchetKey *[32]byte, peerPublicKey *[32]byte) (ratchetPublicKey *[32]byte, secret memprotect.Cell, err error)
type Curve25519RatchetGenerator ¶
type Curve25519RatchetGenerator struct {
// contains filtered or unexported fields
}
Curve25519RatchetGenerator allows future public key generation without being locked into the same memory as the origin key. That allows concurrent execution with the main Curve25519Ratchet.
func (*Curve25519RatchetGenerator) PublicKeys ¶
func (self *Curve25519RatchetGenerator) PublicKeys(count int) *types.RatchetPublicKey
PublicKeys generates count number future public keys for the ratchet. It destroys the memory after calculation and cannot be called again.
type Curve25519Rotating ¶
type Curve25519Rotating struct {
// contains filtered or unexported fields
}
func NewCurve25519Rotating ¶
func NewCurve25519Rotating(timeToExpire int64, engine memprotect.Engine, exportEngine ...memprotect.Engine) (*Curve25519Rotating, error)
func (*Curve25519Rotating) PublicKey ¶
func (self *Curve25519Rotating) PublicKey() (PublicKey *[32]byte)
func (*Curve25519Rotating) Rotate ¶
func (self *Curve25519Rotating) Rotate() (PublicKey *[32]byte, err error)
func (*Curve25519Rotating) Seal ¶
func (self *Curve25519Rotating) Seal()
func (*Curve25519Rotating) SharedSecret ¶
func (self *Curve25519Rotating) SharedSecret(myPublicKey, peerPublicKey *[32]byte) (myPublicKeyCopy *[32]byte, secret memprotect.Cell, err error)
type ED25519 ¶
type ED25519 struct {
// contains filtered or unexported fields
}
ED25519 returns an ED25519 capable protected element.
func NewED25519 ¶
func NewED25519(engine memprotect.Engine) *ED25519
func (*ED25519) PrivateKey ¶
func (self *ED25519) PrivateKey() memprotect.Element
type RatchetKey ¶
type RatchetKey struct {
StartTime int64 // StartTime points at the time at which PrivateKey was generated.
RatchetTime int64 // RatchetType is the time between ratchet advances.
RatchetConstant [32]byte
RatchetGenerator [32]byte
RatchetBase [32]byte // 1. RatchetBase = sha256HMAC(RatchetBase, RatchetConstant)
PrivateKey [32]byte // 2. PrivateKey = sha256HMAC(RatchetBase, RatchetGenerator)
PublicKey [32]byte // PublicKey of PrivateKey
PreviousPrivateKey [32]byte // Previous private key.
PreviousPublicKey [32]byte // Previous public key.
TempKey [32]byte // Just for secure storage.
HasPrevious bool // True if a previous keypair exists.
}
type SecretCombiner ¶
type SecretCombiner struct {
// contains filtered or unexported fields
}
func NewSecretCombiner ¶
func NewSecretCombiner(exportEngine memprotect.Engine) *SecretCombiner
func (*SecretCombiner) Combine ¶
func (self *SecretCombiner) Combine(secret1, secret2 []byte) (combinedSecret memprotect.Cell)
Combine two secrets.
type SymmetricKey ¶
type SymmetricKey struct {
// contains filtered or unexported fields
}
SymmetricKey is a memory protected symmetric key.
func NewSymmetricKey ¶
func NewSymmetricKey(engine memprotect.Engine) (*SymmetricKey, error)
func (*SymmetricKey) Bytes ¶
func (self *SymmetricKey) Bytes() ([]byte, error)
Returns the byteslice containing the key. Requires calling Seal after use.
func (*SymmetricKey) Destroy ¶
func (self *SymmetricKey) Destroy()
func (*SymmetricKey) Seal ¶
func (self *SymmetricKey) Seal()
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.