kex

package
v1.0.0-41 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 28, 2015 License: BSD-3-Clause, BSD-3-Clause Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	StartKexMsg    MsgName = "startkex"
	StartRevKexMsg         = "startrevkex"
	HelloMsg               = "hello"
	PleaseSignMsg          = "pleasesign"
	DoneMsg                = "done"
	CancelMsg              = "cancel"
)

These are the valid message names for kex.

Variables

View Source 
var ErrMACMismatch = errors.New("Computed HMAC doesn't match message HMAC")

ErrMACMismatch is returned when a MAC fails.

View Source 
var ErrProtocolEOF = errors.New("EOF")

ErrProtocolEOF is returned by Receive when the message body has the EOF flag set.

View Source 
var ErrStrongIDMismatch = errors.New("Strong session ID (I) mismatch between message and receiver")

ErrStrongIDMismatch is returned when the strong session ID (I) in a message fails to match the receiver's strong session ID.

View Source 
var ErrWeakIDMismatch = errors.New("Weak session ID (w) mismatch between message and receiver")

ErrWeakIDMismatch is returned when the weak session ID (w) in a message fails to match the receiver's weak session ID.

View Source 
var HelloTimeout = 5 * time.Minute

HelloTimeout is the time the kex protocol will wait for the hello message from the existing sibling device. It is long because it might take the user a while to access the existing device.

View Source 
var IntraTimeout = 1 * time.Minute

IntraTimeout is the time the kex protocol will wait for messages once the key exchange has begun.

View Source 
var PollDuration = 20 * time.Second

PollDuration is the long poll duration for a kex/receive api call.

View Source 
var StartTimeout = 1 * time.Second

StartTimeout is the duration the existing sibling device will wait for a start message. It is very short because the message should be on the server already. If there are no messages waiting, then the secret phrase is likely incorrect.

Functions

This section is empty.

Types

type Body 

type Body struct {
	Name MsgName
	Args MsgArgs
	Mac  []byte
	EOF  bool
}

Body is the message body.

func BodyDecode 

func BodyDecode(data string) (*Body, error)

BodyDecode takes a base64-encoded msgpack and turns it into a message body.

func (*Body) Encode 

func (b *Body) Encode() (string, error)

Encode transforms a message body into a base64-encoded msgpack.

func (*Body) UnmarshalJSON 

func (b *Body) UnmarshalJSON(data []byte) error

UnmarshalJSON implements the json.Unmarshaler interface.

type Direction 

type Direction int

Direction of the message. From device X to device Y, or from device Y to device X. 

const (
	// DirectionYtoX is for messages intended for device X from device Y
	DirectionYtoX Direction = 1
	// DirectionXtoY is for messages intended for device Y from device X
	DirectionXtoY = 2
)

type Handler 

type Handler interface {
	StartKexSession(m *Meta, id StrongID) error
	StartReverseKexSession(m *Meta) error
	Hello(m *Meta, devID keybase1.DeviceID, devKeyID keybase1.KID) error
	PleaseSign(m *Meta, eddsa libkb.NaclSigningKeyPublic, sig, devType, devDesc string) error
	Done(m *Meta) error
	Cancel(m *Meta) error
}

Handler is the key exchange protocol interface. Anything receiving kex messages will implement this, as well as anything sending kex messages.

type Meta 

type Meta struct {
	UID       keybase1.UID
	WeakID    WeakID   `json:"w"` // `w` in doc
	StrongID  StrongID `json:"I"` // `I` in doc
	Sender    keybase1.DeviceID
	Receiver  keybase1.DeviceID
	Seqno     int
	Direction Direction `json:"dir"`
}

Meta is the metadata that is sent with every kex message.

func NewMeta 

func NewMeta(uid keybase1.UID, strong StrongID, sender, receiver keybase1.DeviceID, dir Direction) *Meta

NewMeta creates a new Meta object. Its main utility is creating the WeakID based off of the StrongID.

func (*Meta) Swap 

func (m *Meta) Swap()

Swap exchanges Sender and Receiver.

type Msg 

type Msg struct {
	Meta
	Body *Body `json:"msg"`
}

Msg is a kex message.

func NewMsg 

func NewMsg(mt *Meta, body *Body) *Msg

NewMsg creates a kex message from metadata and a body.

func (*Msg) Args 

func (m *Msg) Args() MsgArgs

Args returns the message arguments.

func (*Msg) CheckMAC 

func (m *Msg) CheckMAC(secret SecretKey) (bool, error)

CheckMAC verifies that the existing MAC matches the computed MAC.

func (*Msg) MacSum 

func (m *Msg) MacSum(secret SecretKey) ([]byte, error)

MacSum calculates the MAC for a message. It removes the existing MAC from the message for the calculation, then puts it back in place.

func (*Msg) Name 

func (m *Msg) Name() MsgName

Name returns the name of the message.

func (*Msg) String 

func (m *Msg) String() string

String returns a string summary of the message.

type MsgArgs 

type MsgArgs struct {
	StrongID   StrongID
	DeviceID   keybase1.DeviceID
	DevKeyID   keybase1.KID
	SigningKey libkb.NaclSigningKeyPublic
	Sig        string
	DevType    string
	DevDesc    string
}

MsgArgs contains the union of all the args for the kex message protocol interface. Many of the fields are optional depending on the message.

type MsgList 

type MsgList []*Msg

MsgList is an array of messages that can sort by seqno.

func (MsgList) Len 

func (m MsgList) Len() int

func (MsgList) Less 

func (m MsgList) Less(a, b int) bool

func (MsgList) Swap 

func (m MsgList) Swap(a, b int)

type MsgName 

type MsgName string

MsgName is for message names.

type Receiver 

type Receiver struct {
	Msgs chan *Msg

	libkb.Contextified
	// contains filtered or unexported fields
}

Receiver gets kex messages from the server and routes them to a kex Handler.

func NewReceiver 

func NewReceiver(dir Direction, secret *Secret, sessToken, sessCsrf string, g *libkb.GlobalContext) *Receiver

NewReceiver creates a Receiver that will route messages to the provided handler. It will receive messages for the specified direction.

func (*Receiver) APIArgs 

func (r *Receiver) APIArgs() (token, csrf string)

func (*Receiver) Cancel 

func (r *Receiver) Cancel() error

Cancel stops the reciever.

func (*Receiver) Next 

func (r *Receiver) Next(name MsgName, timeout time.Duration) (*Msg, error)

Next gets messages from the message channel, looking for one that matches name. If none are received for the duration of timeout, it will return libkb.ErrTimeout. If the channel is closed, it will return ErrProtocolEOF.

func (*Receiver) Poll 

func (r *Receiver) Poll(m *Meta)

Poll calls Receive until it gets ErrProtocolEOF.

func (*Receiver) Receive 

func (r *Receiver) Receive(m *Meta) (int, error)

Receive gets the next set of messages from the server and routes them to the handler. It returns the number of messages it received successfully.

type Secret 

type Secret struct {
	// contains filtered or unexported fields
}

Secret generates kex shared secrets.

func NewSecret 

func NewSecret(username string) (*Secret, error)

NewSecret creates a new random secret for a user.

func SecretFromPhrase 

func SecretFromPhrase(username, phrase string) (*Secret, error)

SecretFromPhrase creates a secret for a user give a secret phrase.

func (*Secret) Phrase 

func (s *Secret) Phrase() string

Phrase returns the random words that generate the secret.

func (*Secret) Secret 

func (s *Secret) Secret() SecretKey

Secret returns the secret key.

func (*Secret) StrongID 

func (s *Secret) StrongID() StrongID

StrongID returns the strong session id.

func (*Secret) StrongIDSlice 

func (s *Secret) StrongIDSlice() []byte

StrongIDSlice returns StrongID as a byte slice for convenience.

func (*Secret) WeakID 

func (s *Secret) WeakID() WeakID

WeakID returns the weak session id.

func (*Secret) WeakIDSlice 

func (s *Secret) WeakIDSlice() []byte

WeakIDSlice returns WeakID as a byte slice for convenience.

type SecretKey 

type SecretKey [32]byte

SecretKey is the shared secret key type.

type Sender 

type Sender struct {
	libkb.Contextified
	// contains filtered or unexported fields
}

Sender is an implementation of the kex Handler interface that sends messages to the api server.

func NewSender 

func NewSender(dir Direction, secret SecretKey, sessToken, sessCsrf string, gc *libkb.GlobalContext) *Sender

NewSender creates a Sender for the given message direction.

func (*Sender) APIArgs 

func (s *Sender) APIArgs() (token, csrf string)

func (*Sender) Cancel 

func (s *Sender) Cancel(m *Meta) error

Cancel sends the Cancel message to the server.

func (*Sender) CorruptStartKexSession 

func (s *Sender) CorruptStartKexSession(m *Meta, id StrongID) error

CorruptStartKexSession sends a startkex message with a corrupted MAC. This is for testing, clearly. It's an exposed function since only an engine test can test this.

func (*Sender) Done 

func (s *Sender) Done(m *Meta) error

Done sends the Done message to the server.

func (*Sender) Hello 

func (s *Sender) Hello(m *Meta, devID keybase1.DeviceID, devKeyID keybase1.KID) error

Hello sends the Hello message to the server.

func (*Sender) PleaseSign 

func (s *Sender) PleaseSign(m *Meta, eddsa libkb.NaclSigningKeyPublic, sig, devType, devDesc string) error

PleaseSign sends the PleaseSign message to the server.

func (*Sender) StartKexSession 

func (s *Sender) StartKexSession(m *Meta, id StrongID) error

StartKexSession sends the StartKexSession message to the server.

func (*Sender) StartReverseKexSession 

func (s *Sender) StartReverseKexSession(m *Meta) error

StartReverseKexSession sends the StartReverseKexSession message to the server.

type StrongID 

type StrongID [32]byte

StrongID is the strong session id type.

func (StrongID) String 

func (s StrongID) String() string

String returns a hex encoding of StrongID.

func (*StrongID) UnmarshalJSON 

func (s *StrongID) UnmarshalJSON(data []byte) error

UnmarshalJSON implements the json.Unmarshaler interface.

type WeakID 

type WeakID [16]byte

WeakID is the weak session id type.

func (WeakID) String 

func (w WeakID) String() string

String returns a hex encoding of WeakID.

func (*WeakID) UnmarshalJSON 

func (w *WeakID) UnmarshalJSON(data []byte) error

UnmarshalJSON implements the json.Unmarshaler interface.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.