art

package module
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 18, 2024 License: BSD-3-Clause Imports: 22 Imported by: 0

README

art

Implementation of the Asynchronous Ratcheting Tree data structure and associated protocols, based on the CCS'19 paper "On Ends-to-Ends Encrytpion" by Cohn-Gordon, et al.

Building

To build the command-line utilities, do:

make

There is a also a clean target to delete these built utilities:

make clean

Running

  1. Start with generating identity and ephemeral keys for the participants

    # Generating individually
./genpkey -keytype ek alice
./genpkey -keytype ik alice

# Generating in bulk
for name in alice bob cici dave; do for type in ik ek; do ./genpkey -keytype $type $name; done; done

    Move the certificates to data folder after generation.

    mv *.pem cmd/setup_group/data/

  2. Initiating Group Setup (initiator here = alice)

    ./setup_group -initiator alice ./cmd/setup_group/data/4.conf ./cmd/setup_group/data/alice-ik.pem

  3. For processing the setup message by another participant (participant here = bob, index = 2)

    ./process_setup_message -out-state bob-state.json 2 ./cmd/setup_group/data/bob-ek.pem ./cmd/setup_group/data/alice-ik-pub.pem 4.conf.dir/setup.msg

  4. Update Key: Cici updates her key (assuming Cici already has been setup as a member)

    ./update_key -update-file cici_update_key 3 cici-state.json

  5. Process Update Message: Bob applies the key update message sent by Cici in Step 4

    ./process_update_message 2 ./cmd/setup_group/data/bob-ek.pem bob-state.json cici_update_key

Documentation

Index

Constants

View Source 
const (
	PublicIKPEMTypeString  = "ED25519 PUBLIC KEY"
	PrivateIKPEMTypeString = "ED25519 PRIVATE KEY"
	PublicEKPEMTypeString  = "X25519 PUBLIC KEY"
	PrivateEKPEMTypeString = "X25519 PRIVATE KEY"
)
View Source 
const (
	PublicKeyFileMode  = 0440
	PrivateKeyFileMode = 0400
)
View Source 
const StageKeySize = 32

Variables

This section is empty.

Functions

func CoPath 

func CoPath(root *PublicNode, idx int, copathNodes []*ecdh.PublicKey) []*ecdh.PublicKey

func DHKeyGen 

func DHKeyGen() (*ecdh.PrivateKey, error)

func DeriveLeafKey 

func DeriveLeafKey(ekPath string, suk *ecdh.PublicKey) (*ecdh.PrivateKey, error)

func DeriveLeafKeyOrFail 

func DeriveLeafKeyOrFail(privKeyFile string, setupKey *ecdh.PublicKey) *ecdh.PrivateKey

func DeriveStageKey 

func DeriveStageKey(skInfo *StageKeyInfo) ([]byte, error)

prev sk, current tk, IDs, Public Tree

func GetPublicKeys 

func GetPublicKeys(pathKeys []*ecdh.PrivateKey) []*ecdh.PublicKey

func KeyExchange 

func KeyExchange(sk *ecdh.PrivateKey, pk *ecdh.PublicKey) ([]byte, error)

the unauthenticated KeyExchange is just SUK^ek or EK^suk

func KeyExchangeKeyGen 

func KeyExchangeKeyGen() (*ecdh.PrivateKey, error)

func MarshalPrivateEKToDER 

func MarshalPrivateEKToDER(key *ecdh.PrivateKey) ([]byte, error)

func MarshalPrivateEKToPEM 

func MarshalPrivateEKToPEM(key *ecdh.PrivateKey) ([]byte, error)

func MarshalPrivateEKToRaw 

func MarshalPrivateEKToRaw(key *ecdh.PrivateKey) ([]byte, error)

func MarshalPrivateIKToDER 

func MarshalPrivateIKToDER(key ed25519.PrivateKey) ([]byte, error)

func MarshalPrivateIKToPEM 

func MarshalPrivateIKToPEM(key ed25519.PrivateKey) ([]byte, error)

func MarshalPrivateIKToRaw 

func MarshalPrivateIKToRaw(key ed25519.PrivateKey) ([]byte, error)

func MarshalPublicEKToDER 

func MarshalPublicEKToDER(key *ecdh.PublicKey) ([]byte, error)

func MarshalPublicEKToPEM 

func MarshalPublicEKToPEM(key *ecdh.PublicKey) ([]byte, error)

func MarshalPublicEKToRaw 

func MarshalPublicEKToRaw(key *ecdh.PublicKey) ([]byte, error)

func MarshalPublicIKToDER 

func MarshalPublicIKToDER(key ed25519.PublicKey) ([]byte, error)

func MarshalPublicIKToPEM 

func MarshalPublicIKToPEM(key ed25519.PublicKey) ([]byte, error)

func MarshalPublicIKToRaw 

func MarshalPublicIKToRaw(key ed25519.PublicKey) ([]byte, error)

func MarshallTreeState 

func MarshallTreeState(state *TreeState) *treeJson

func NewHMAC 

func NewHMAC(key []byte) hash.Hash

func PathNodeKeys 

func PathNodeKeys(leafKey *ecdh.PrivateKey, copathKeys []*ecdh.PublicKey) (
	[]*ecdh.PrivateKey, error)

func ReadPrivateEKFromFile 

func ReadPrivateEKFromFile(path string, encoding KeyEncoding) (*ecdh.PrivateKey, error)

func ReadPrivateIKFromFile 

func ReadPrivateIKFromFile(path string, encoding KeyEncoding) (ed25519.PrivateKey, error)

func ReadPublicEKFromFile 

func ReadPublicEKFromFile(path string, encoding KeyEncoding) (*ecdh.PublicKey, error)

func ReadPublicIKFromFile 

func ReadPublicIKFromFile(path string, encoding KeyEncoding) (ed25519.PublicKey, error)

func SetupGroup 

func SetupGroup(configFile, initiator string) (*TreeState, *SetupMessage)

func SignFile 

func SignFile(privIKFile string, msgFile string) ([]byte, error)

func UnmarshalPrivateEKFromDER 

func UnmarshalPrivateEKFromDER(derData []byte) (*ecdh.PrivateKey, error)

func UnmarshalPrivateEKFromPEM 

func UnmarshalPrivateEKFromPEM(pemData []byte) (*ecdh.PrivateKey, error)

func UnmarshalPrivateEKFromRaw 

func UnmarshalPrivateEKFromRaw(data []byte) (*ecdh.PrivateKey, error)

func UnmarshalPrivateIKFromDER 

func UnmarshalPrivateIKFromDER(derData []byte) (ed25519.PrivateKey, error)

func UnmarshalPrivateIKFromPEM 

func UnmarshalPrivateIKFromPEM(pemData []byte) (ed25519.PrivateKey, error)

func UnmarshalPrivateIKFromRaw 

func UnmarshalPrivateIKFromRaw(data []byte) (ed25519.PrivateKey, error)

func UnmarshalPrivateX25519FromRaw 

func UnmarshalPrivateX25519FromRaw(data []byte) (*ecdh.PrivateKey, error)

func UnmarshalPublicEKFromDER 

func UnmarshalPublicEKFromDER(derData []byte) (*ecdh.PublicKey, error)

func UnmarshalPublicEKFromPEM 

func UnmarshalPublicEKFromPEM(pemData []byte) (*ecdh.PublicKey, error)

func UnmarshalPublicEKFromRaw 

func UnmarshalPublicEKFromRaw(data []byte) (*ecdh.PublicKey, error)

func UnmarshalPublicIKFromDER 

func UnmarshalPublicIKFromDER(derData []byte) (ed25519.PublicKey, error)

func UnmarshalPublicIKFromPEM 

func UnmarshalPublicIKFromPEM(pemData []byte) (ed25519.PublicKey, error)

func UnmarshalPublicIKFromRaw 

func UnmarshalPublicIKFromRaw(data []byte) (ed25519.PublicKey, error)

func UnmarshallPublicKeys 

func UnmarshallPublicKeys(pathKeys [][]byte) []*ecdh.PublicKey

func UpdateCoPathNodes 

func UpdateCoPathNodes(index int, state *TreeState) []*ecdh.PrivateKey

func UpdateKey 

func UpdateKey(index int, treeStateFile string) (*UpdateMessage,
	*TreeState, *ed25519.PrivateKey)

func VerifyMessageSignature 

func VerifyMessageSignature(publicKeyPath, msgFile, sigFile string)

func VerifySignature 

func VerifySignature(pkPath, msgFile, sigFile string) (bool, error)

func WritePrivateEKToFile 

func WritePrivateEKToFile(key *ecdh.PrivateKey, path string, encoding KeyEncoding) error

func WritePrivateIKToFile 

func WritePrivateIKToFile(key ed25519.PrivateKey, path string, encoding KeyEncoding) error

func WritePublicEKToFile 

func WritePublicEKToFile(key *ecdh.PublicKey, path string, encoding KeyEncoding) error

func WritePublicIKToFile 

func WritePublicIKToFile(key ed25519.PublicKey, path string, encoding KeyEncoding) error

Types

type Group 

type Group struct {
	// contains filtered or unexported fields
}

type KeyEncoding 

type KeyEncoding int
const (
	EncodingUnknown KeyEncoding = iota
	EncodingRaw
	EncodingDER
	EncodingPEM
)

func StringToKeyEncoding 

func StringToKeyEncoding(keyform string) (KeyEncoding, error)

type Member 

type Member struct {
	// contains filtered or unexported fields
}

type Node 

type Node struct {
	// contains filtered or unexported fields
}

func CreateTree 

func CreateTree(leafKeys []*ecdh.PrivateKey) (*Node, error)

func UnmarshalKeysToPrivateTree 

func UnmarshalKeysToPrivateTree(marshalledKeys [][]byte) (*Node, error)

constructing a private tree from a level-order list of marshalled keys

func (*Node) GetSk 

func (Node *Node) GetSk() *ecdh.PrivateKey

func (*Node) MarshalKeys 

func (node *Node) MarshalKeys() ([][]byte, error)

*** *** Helper functions for private trees *** ***

func (*Node) PublicKeys 

func (node *Node) PublicKeys() *PublicNode

type PublicNode 

type PublicNode struct {
	Left   *PublicNode
	Right  *PublicNode
	Height int // a height of zero indicates a leaf node
	// contains filtered or unexported fields
}

func UnmarshalKeysToPublicTree 

func UnmarshalKeysToPublicTree(marshalledKeys [][]byte) (*PublicNode, error)

constructing a public tree from a level-order list of marshalled keys

func UpdatePublicTree 

func UpdatePublicTree(pathKeys []*ecdh.PublicKey, root *PublicNode,
	idx int) *PublicNode

update the full tree with the new leaf and path keys

func (*PublicNode) GetPk 

func (publicNode *PublicNode) GetPk() *ecdh.PublicKey

func (*PublicNode) MarshalKeys 

func (publicNode *PublicNode) MarshalKeys() ([][]byte, error)

MarshalKeys marshals the public keys level-by-level, starting at the root.

func (*PublicNode) UpdatePk 

func (publicNode *PublicNode) UpdatePk(newPK *ecdh.PublicKey)

type SetupMessage 

type SetupMessage struct {
	IKeys    [][]byte `json:"iKeys"`
	EKeys    [][]byte `json:"eKeys"`
	Suk      []byte   `json:"suk"`
	TreeKeys [][]byte `json:"treeKeys"`
}

func (*SetupMessage) Decode 

func (sm *SetupMessage) Decode(file *os.File)

func (*SetupMessage) DeriveStageKey 

func (sm *SetupMessage) DeriveStageKey(treeSecret *ecdh.PrivateKey) []byte

func (*SetupMessage) GetPublicTree 

func (sm *SetupMessage) GetPublicTree() *PublicNode

func (*SetupMessage) GetSetupKey 

func (sm *SetupMessage) GetSetupKey() *ecdh.PublicKey

func (*SetupMessage) Read 

func (sm *SetupMessage) Read(msgFilePath string)

func (*SetupMessage) Save 

func (sm *SetupMessage) Save(fileName string)

func (*SetupMessage) SaveSign 

func (sm *SetupMessage) SaveSign(sigFile, msgFile, privIKFile string)

TODO: why is this part of the SetupMessage struct?

type StageKeyInfo 

type StageKeyInfo struct {
	PrevStageKey  []byte
	TreeSecretKey []byte
	TreeKeys      [][]byte
	IKeys         [][]byte
}

func (*StageKeyInfo) GetIKM 

func (skInfo *StageKeyInfo) GetIKM() []byte

func (*StageKeyInfo) GetInfo 

func (skInfo *StageKeyInfo) GetInfo() []byte

type TreeState 

type TreeState struct {
	// TODO: maybe add a tracker for the stage number to ensure updates
	// are processed in the correct order
	PublicTree *PublicNode
	Sk         ed25519.PrivateKey
	Lk         *ecdh.PrivateKey
	IKeys      [][]byte
}

func ProcessSetupMessage 

func ProcessSetupMessage(index int, privEKFile, setupMsgFile, initiatorPubIKFile,
	sigFile string) *TreeState

func ProcessUpdateMessage 

func ProcessUpdateMessage(index int, treeStateFile, updateMsgFile, macFile string) *TreeState

func ReadTreeState 

func ReadTreeState(treeStateFile string) *TreeState

func UnMarshallTreeState 

func UnMarshallTreeState(tree *treeJson) *TreeState

func (*TreeState) DeriveStageKey 

func (state *TreeState) DeriveStageKey(treeSecret *ecdh.PrivateKey)

func (*TreeState) DeriveTreeKey 

func (treeState *TreeState) DeriveTreeKey(index int) *ecdh.PrivateKey

func (*TreeState) Read 

func (treeState *TreeState) Read(treeStateFile string)

func (*TreeState) Save 

func (treeState *TreeState) Save(fileName string)

func (*TreeState) SaveStageKey 

func (treeState *TreeState) SaveStageKey(fileName string)

func (*TreeState) StageKey 

func (treeState *TreeState) StageKey() ed25519.PrivateKey

func (*TreeState) UnMarshallTreeState 

func (treeState *TreeState) UnMarshallTreeState(tree *treeJson)

type UpdateMessage 

type UpdateMessage struct {
	Idx            int
	PathPublicKeys [][]byte
}

func CreateUpdateMessage 

func CreateUpdateMessage(index int, pathKeys []*ecdh.PrivateKey) UpdateMessage

func (*UpdateMessage) Decode 

func (um *UpdateMessage) Decode(file *os.File)

func (*UpdateMessage) Read 

func (um *UpdateMessage) Read(msgFilePath string)

func (*UpdateMessage) Save 

func (um *UpdateMessage) Save(fileName string)

func (*UpdateMessage) SaveMac 

func (um *UpdateMessage) SaveMac(sk ed25519.PrivateKey, macFile string)

func (*UpdateMessage) VerifyUpdateMessage 

func (um *UpdateMessage) VerifyUpdateMessage(sk ed25519.PrivateKey,
	macFile string)

verify the message signature with the current stage key

Source Files

View all Source files

Directories

Path Synopsis
cmd
genpkey
pkeyutl
process_setup_message
process_update_message
processmsg
setup_group
update_key
internal
jsonutl

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.