Version: v0.3.0 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Jul 3, 2020 License: Apache-2.0 Imports: 5 Imported by: 3



Package commitments implements a cryptographic commitment.

Commitment scheme is as follows: T = HMAC(fixedKey, "Key Transparency Commitment" || 16 byte nonce || message) message is defined as: len(userID) || userID || data



This section is empty.


View Source
var (

	// ErrInvalidCommitment occurs when the commitment doesn't match the profile.
	ErrInvalidCommitment = errors.New("invalid commitment")


func Commit

func Commit(userID string, data, nonce []byte) []byte

Commit makes a cryptographic commitment under a specific userID to data.

func GenCommitmentKey

func GenCommitmentKey() ([]byte, error)

GenCommitmentKey generates a commitment key for use in Commit. This key must be kept secret in order to prevent an adversary from learning what data has been committed to by a commitment. To unseal and verify a commitment, provide this key, along with the data under commitment to the client.

In Key Transparency, the user generates this key, creates a commitment, and signs it. The user uploads the signed commitment along with this key and the associated data to the server in order for the server to reveal the associated data to senders. This commitment scheme keeps the associated data from leeking to anyone that has not explicitly requested it from the server.

func Verify

func Verify(userID string, commitment, data, nonce []byte) error

Verify customizes a commitment with a userID.


This section is empty.

Source Files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL