Documentation
¶
Index ¶
- func SetLogger(l Logger)
- type BoxKey
- func (k BoxKey) Box(receiver ksaltpack.BoxPublicKey, nonce ksaltpack.Nonce, msg []byte) []byte
- func (k BoxKey) GetPublicKey() ksaltpack.BoxPublicKey
- func (k BoxKey) Precompute(peer ksaltpack.BoxPublicKey) ksaltpack.BoxPrecomputedSharedKey
- func (k BoxKey) Unbox(sender ksaltpack.BoxPublicKey, nonce ksaltpack.Nonce, msg []byte) ([]byte, error)
- type BoxPublicKey
- type ContextLogger
- type LogLevel
- type Logger
- type Mode
- type Saltpack
- func (s *Saltpack) ArmorBrand() string
- func (s *Saltpack) Armored() bool
- func (s *Saltpack) CreateEphemeralKey() (ksaltpack.BoxSecretKey, error)
- func (s *Saltpack) GetAllBoxSecretKeys() []ksaltpack.BoxSecretKey
- func (s *Saltpack) ImportBoxEphemeralKey(kid []byte) ksaltpack.BoxPublicKey
- func (s *Saltpack) LookupBoxPublicKey(kid []byte) ksaltpack.BoxPublicKey
- func (s *Saltpack) LookupBoxSecretKey(kids [][]byte) (int, ksaltpack.BoxSecretKey)
- func (s *Saltpack) LookupSigningPublicKey(b []byte) ksaltpack.SigningPublicKey
- func (s *Saltpack) Mode() Mode
- func (s *Saltpack) NewOpenStream(r io.Reader) (io.Reader, keyup.ID, error)
- func (s *Saltpack) NewSealStream(w io.Writer, sender keyup.Key, recipients ...keyup.PublicKey) (io.WriteCloser, error)
- func (s *Saltpack) NewSignStream(w io.Writer, key *keyup.SignKey, detached bool) (io.WriteCloser, error)
- func (s *Saltpack) NewSigncryptOpenStream(r io.Reader) (io.Reader, keyup.ID, error)
- func (s *Saltpack) NewSigncryptStream(w io.Writer, sender keyup.Key, recipients ...keyup.PublicKey) (io.WriteCloser, error)
- func (s *Saltpack) NewVerifyArmoredStream(r io.Reader) (io.Reader, keyup.SignPublicKey, error)
- func (s *Saltpack) NewVerifyStream(r io.Reader) (io.Reader, keyup.SignPublicKey, error)
- func (s *Saltpack) Open(b []byte) ([]byte, keyup.ID, error)
- func (s *Saltpack) Seal(b []byte, sender keyup.Key, recipients ...keyup.PublicKey) ([]byte, error)
- func (s *Saltpack) SetArmorBrand(brand string)
- func (s *Saltpack) SetArmored(b bool)
- func (s *Saltpack) SetMode(m Mode)
- func (s *Saltpack) Sign(b []byte, key *keyup.SignKey) ([]byte, error)
- func (s *Saltpack) SignDetached(b []byte, key *keyup.SignKey) ([]byte, error)
- func (s *Saltpack) Signcrypt(b []byte, sender keyup.Key, recipients ...keyup.PublicKey) ([]byte, error)
- func (s *Saltpack) SigncryptOpen(b []byte) ([]byte, keyup.ID, error)
- func (s *Saltpack) Verify(b []byte) ([]byte, keyup.SignPublicKey, error)
- func (s *Saltpack) VerifyDetached(sig []byte, b []byte) (keyup.SignPublicKey, error)
- type SignKey
- type SignPublicKey
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type BoxKey ¶
type BoxKey struct {
ksaltpack.BoxSecretKey
// contains filtered or unexported fields
}
BoxKey is a wrapper for keyup.BoxKey to support a ksaltpack.BoxKey.
func (BoxKey) GetPublicKey ¶
func (k BoxKey) GetPublicKey() ksaltpack.BoxPublicKey
GetPublicKey (for ksaltpack.BoxSecretKey)
func (BoxKey) Precompute ¶
func (k BoxKey) Precompute(peer ksaltpack.BoxPublicKey) ksaltpack.BoxPrecomputedSharedKey
Precompute (for ksaltpack.BoxSecretKey)
type BoxPublicKey ¶
type BoxPublicKey struct {
ksaltpack.BoxPublicKey
// contains filtered or unexported fields
}
BoxPublicKey is a wrapper for keyup.BoxPublicKey to support a ksaltpack.BoxPublicKey.
func NewBoxPublicKey ¶
func NewBoxPublicKey(pk keyup.BoxPublicKey) *BoxPublicKey
NewBoxPublicKey from byte array.
func (*BoxPublicKey) CreateEphemeralKey ¶
func (p *BoxPublicKey) CreateEphemeralKey() (ksaltpack.BoxSecretKey, error)
CreateEphemeralKey (for ksaltpack.BoxPublicKey)
func (*BoxPublicKey) HideIdentity ¶
func (p *BoxPublicKey) HideIdentity() bool
HideIdentity (for ksaltpack.BoxPublicKey)
func (*BoxPublicKey) ToKID ¶
func (p *BoxPublicKey) ToKID() []byte
ToKID (for ksaltpack.BoxPublicKey)
func (*BoxPublicKey) ToRawBoxKeyPointer ¶
func (p *BoxPublicKey) ToRawBoxKeyPointer() *ksaltpack.RawBoxKey
ToRawBoxKeyPointer (for ksaltpack.BoxPublicKey)
type ContextLogger ¶ added in v0.4.13
type ContextLogger interface {
Debugf(ctx context.Context, format string, args ...interface{})
Infof(ctx context.Context, format string, args ...interface{})
Warningf(ctx context.Context, format string, args ...interface{})
Errorf(ctx context.Context, format string, args ...interface{})
}
ContextLogger interface used in this package with request context.
func NewContextLogger ¶ added in v0.4.13
func NewContextLogger(lev LogLevel) ContextLogger
NewContextLogger ...
type Logger ¶
type Logger interface {
Debugf(format string, args ...interface{})
Infof(format string, args ...interface{})
Warningf(format string, args ...interface{})
Errorf(format string, args ...interface{})
}
Logger interface used in this package.
type Mode ¶ added in v0.4.13
type Mode string
Mode for encyption (signcrypt, encrypt)
const ( // SigncryptMode https://saltpack.org/signcryption-format. // Recipients can't forge the message (non-repudiability). SigncryptMode Mode = "signcrypt" // EncryptMode see https://saltpack.org/encryption-format-v2. // Recipients can forge the message (repudiability). EncryptMode Mode = "encrypt" )
type Saltpack ¶
type Saltpack struct {
// contains filtered or unexported fields
}
Saltpack provider.
func NewSaltpack ¶
NewSaltpack creates a new keyup.CryptoProvider using Saltpack. The default mode is Signcryption, see https://saltpack.org/signcryption-format.
Example ¶
alice := keyup.GenerateKey()
bob := keyup.GenerateKey()
// Sigchain store
scs := keyup.NewSigchainStore(keyup.NewMem())
// Alice's keystore, save alice's key
ksa := keyup.NewKeystore()
ksa.SetKeyring(keyring.NewMem())
ksa.SetSigchainStore(scs)
if err := ksa.SaveKey(alice, true, time.Now()); err != nil {
log.Fatal(err)
}
spa := NewSaltpack(ksa)
msg := []byte("Hey bob, it's alice. The passcode is 12345.")
// Alice encrypts
encrypted, err := spa.Seal(msg, alice, bob.PublicKey())
if err != nil {
log.Fatal(err)
}
// Bob's keystore, save bob's key and alice's public key
ksb := keyup.NewKeystore()
ksb.SetKeyring(keyring.NewMem())
ksb.SetSigchainStore(scs)
spb := NewSaltpack(ksb)
if err := ksb.SaveKey(bob, true, time.Now()); err != nil {
log.Fatal(err)
}
// Bob decrypts
out, sender, err := spb.Open(encrypted)
if err != nil {
log.Fatal(err)
}
if sender != alice.ID() {
log.Fatalf("Sender not alice")
}
fmt.Printf("%s\n", string(out))
Output: Hey bob, it's alice. The passcode is 12345.
func (*Saltpack) ArmorBrand ¶ added in v0.4.13
ArmorBrand ...
func (*Saltpack) CreateEphemeralKey ¶
func (s *Saltpack) CreateEphemeralKey() (ksaltpack.BoxSecretKey, error)
CreateEphemeralKey creates a random ephemeral key.
func (*Saltpack) GetAllBoxSecretKeys ¶
func (s *Saltpack) GetAllBoxSecretKeys() []ksaltpack.BoxSecretKey
GetAllBoxSecretKeys returns all keys, needed if we want to support "hidden" receivers via trial and error.
func (*Saltpack) ImportBoxEphemeralKey ¶
func (s *Saltpack) ImportBoxEphemeralKey(kid []byte) ksaltpack.BoxPublicKey
ImportBoxEphemeralKey imports the ephemeral key into BoxPublicKey format. This key has never been seen before, so will be ephemeral.
func (*Saltpack) LookupBoxPublicKey ¶
func (s *Saltpack) LookupBoxPublicKey(kid []byte) ksaltpack.BoxPublicKey
LookupBoxPublicKey returns a public key given the specified key ID. For most cases, the key ID will be the key itself.
func (*Saltpack) LookupBoxSecretKey ¶
func (s *Saltpack) LookupBoxSecretKey(kids [][]byte) (int, ksaltpack.BoxSecretKey)
LookupBoxSecretKey looks in the Keyring for the secret key corresponding to one of the given Key IDs. Returns the index and the key on success, or -1 and nil on failure.
func (*Saltpack) LookupSigningPublicKey ¶
func (s *Saltpack) LookupSigningPublicKey(b []byte) ksaltpack.SigningPublicKey
LookupSigningPublicKey (for ksaltpack.SigKeyring)
func (*Saltpack) NewOpenStream ¶
NewOpenStream returns a io.Reader capable of decrypting data.
func (*Saltpack) NewSealStream ¶
func (s *Saltpack) NewSealStream(w io.Writer, sender keyup.Key, recipients ...keyup.PublicKey) (io.WriteCloser, error)
NewSealStream returns an io.Writer capable of encrypting data.
func (*Saltpack) NewSignStream ¶
func (s *Saltpack) NewSignStream(w io.Writer, key *keyup.SignKey, detached bool) (io.WriteCloser, error)
NewSignStream ...
func (*Saltpack) NewSigncryptOpenStream ¶ added in v0.4.13
NewSigncryptOpenStream ...
func (*Saltpack) NewSigncryptStream ¶ added in v0.4.13
func (s *Saltpack) NewSigncryptStream(w io.Writer, sender keyup.Key, recipients ...keyup.PublicKey) (io.WriteCloser, error)
NewSigncryptStream ...
func (*Saltpack) NewVerifyArmoredStream ¶
NewVerifyArmoredStream ...
func (*Saltpack) NewVerifyStream ¶
NewVerifyStream ...
func (*Saltpack) SetArmorBrand ¶
SetArmorBrand sets the armor brand (if armored).
func (*Saltpack) SetArmored ¶
SetArmored to set whether data is armored.
func (*Saltpack) SignDetached ¶
SignDetached (for keyup.CryptoProvider)
func (*Saltpack) Signcrypt ¶ added in v0.4.13
func (s *Saltpack) Signcrypt(b []byte, sender keyup.Key, recipients ...keyup.PublicKey) ([]byte, error)
Signcrypt ...
func (*Saltpack) SigncryptOpen ¶ added in v0.4.13
SigncryptOpen ...
func (*Saltpack) VerifyDetached ¶
VerifyDetached (for keyup.CryptoProvider)
type SignKey ¶
type SignKey struct {
ksaltpack.SigningSecretKey
// contains filtered or unexported fields
}
SignKey is a wrapper for
func NewSignKey ¶
NewSignKey creates SigningSecretKey from a keyup.SignKey.
func (*SignKey) GetPublicKey ¶
func (k *SignKey) GetPublicKey() ksaltpack.SigningPublicKey
GetPublicKey (for ksaltpack.SigningSecretKey)
type SignPublicKey ¶
type SignPublicKey struct {
ksaltpack.SigningPublicKey
// contains filtered or unexported fields
}
SignPublicKey is a wrapper for keyup.SignPublicKey.
func NewSignPublicKey ¶
func NewSignPublicKey(pk keyup.SignPublicKey) *SignPublicKey
NewSignPublicKey creates SignPublicKey for keyup.SignPublicKey.
func (SignPublicKey) ToKID ¶
func (k SignPublicKey) ToKID() []byte
ToKID (for ksaltpack.SigningPublicKey)
Source Files