Documentation

Overview

    Package crypto implements various cryptographic utilities used by libp2p. This includes a Public and Private key interface and key implementations for supported key algorithms.

    Index

    Constants

    View Source
    const (
    	// RSA is an enum for the supported RSA key type
    	RSA = iota
    	// Ed25519 is an enum for the supported Ed25519 key type
    	Ed25519
    	// Secp256k1 is an enum for the supported Secp256k1 key type
    	Secp256k1
    	// ECDSA is an enum for the supported ECDSA key type
    	ECDSA
    )
    View Source
    const WeakRsaKeyEnv = "LIBP2P_ALLOW_WEAK_RSA_KEYS"

      WeakRsaKeyEnv is an environment variable which, when set, lowers the minimum required bits of RSA keys to 512. This should be used exclusively in test situations.

      Variables

      View Source
      var (
      	// ErrNotECDSAPubKey is returned when the public key passed is not an ecdsa public key
      	ErrNotECDSAPubKey = errors.New("not an ecdsa public key")
      	// ErrNilSig is returned when the signature is nil
      	ErrNilSig = errors.New("sig is nil")
      	// ErrNilPrivateKey is returned when a nil private key is provided
      	ErrNilPrivateKey = errors.New("private key is nil")
      	// ErrNilPublicKey is returned when a nil public key is provided
      	ErrNilPublicKey = errors.New("public key is nil")
      	// ECDSACurve is the default ecdsa curve used
      	ECDSACurve = elliptic.P256()
      )
      View Source
      var (
      	// ErrBadKeyType is returned when a key is not supported
      	ErrBadKeyType = errors.New("invalid or unsupported key type")
      	// KeyTypes is a list of supported keys
      	KeyTypes = []int{
      		RSA,
      		Ed25519,
      		Secp256k1,
      		ECDSA,
      	}
      )
      View Source
      var ErrRsaKeyTooSmall error

        ErrRsaKeyTooSmall is returned when trying to generate or parse an RSA key that's smaller than MinRsaKeyBits bits. In test

        View Source
        var MinRsaKeyBits = 2048

          PrivKeyUnmarshallers is a map of unmarshallers by key type

            PubKeyUnmarshallers is a map of unmarshallers by key type

            Functions

            func ConfigDecodeKey

            func ConfigDecodeKey(b string) ([]byte, error)

              ConfigDecodeKey decodes from b64 (for config file) to a byte array that can be unmarshalled.

              func ConfigEncodeKey

              func ConfigEncodeKey(b []byte) string

                ConfigEncodeKey encodes a marshalled key to b64 (for config file).

                func ECDSAKeyPairFromKey

                func ECDSAKeyPairFromKey(priv *ecdsa.PrivateKey) (PrivKey, PubKey, error)

                  ECDSAKeyPairFromKey generates a new ecdsa private and public key from an input private key

                  func GenerateECDSAKeyPair

                  func GenerateECDSAKeyPair(src io.Reader) (PrivKey, PubKey, error)

                    GenerateECDSAKeyPair generates a new ecdsa private and public key

                    func GenerateECDSAKeyPairWithCurve

                    func GenerateECDSAKeyPairWithCurve(curve elliptic.Curve, src io.Reader) (PrivKey, PubKey, error)

                      GenerateECDSAKeyPairWithCurve generates a new ecdsa private and public key with a speicified curve

                      func GenerateEd25519Key

                      func GenerateEd25519Key(src io.Reader) (PrivKey, PubKey, error)

                        GenerateEd25519Key generates a new ed25519 private and public key pair.

                        func GenerateKeyPair

                        func GenerateKeyPair(typ, bits int) (PrivKey, PubKey, error)

                          GenerateKeyPair generates a private and public key

                          func GenerateKeyPairWithReader

                          func GenerateKeyPairWithReader(typ, bits int, src io.Reader) (PrivKey, PubKey, error)

                            GenerateKeyPairWithReader returns a keypair of the given type and bitsize

                            func GenerateRSAKeyPair

                            func GenerateRSAKeyPair(bits int, src io.Reader) (PrivKey, PubKey, error)

                              GenerateRSAKeyPair generates a new rsa private and public key

                              func GenerateSecp256k1Key

                              func GenerateSecp256k1Key(src io.Reader) (PrivKey, PubKey, error)

                                GenerateSecp256k1Key generates a new Secp256k1 private and public key pair

                                func KeyEqual

                                func KeyEqual(k1, k2 Key) bool

                                  KeyEqual checks whether two Keys are equivalent (have identical byte representations).

                                  func KeyPairFromStdKey

                                  func KeyPairFromStdKey(priv crypto.PrivateKey) (PrivKey, PubKey, error)

                                    KeyPairFromStdKey wraps standard library (and secp256k1) private keys in libp2p/go-libp2p-core/crypto keys

                                    func KeyStretcher

                                    func KeyStretcher(cipherType string, hashType string, secret []byte) (StretchedKeys, StretchedKeys)

                                      PENDING DEPRECATION: KeyStretcher() will be deprecated with secio; for new code, please use PBKDF2 (golang.org/x/crypto/pbkdf2) instead. KeyStretcher returns a set of keys for each party by stretching the shared key. (myIV, theirIV, myCipherKey, theirCipherKey, myMACKey, theirMACKey). This function accepts the following cipher types: - AES-128 - AES-256 The function will panic upon receiving an unknown cipherType

                                      func MarshalECDSAPrivateKey

                                      func MarshalECDSAPrivateKey(ePriv ECDSAPrivateKey) ([]byte, error)

                                        MarshalECDSAPrivateKey returns x509 bytes from a private key

                                        func MarshalECDSAPublicKey

                                        func MarshalECDSAPublicKey(ePub ECDSAPublicKey) ([]byte, error)

                                          MarshalECDSAPublicKey returns x509 bytes from a public key

                                          func MarshalPrivateKey

                                          func MarshalPrivateKey(k PrivKey) ([]byte, error)

                                            MarshalPrivateKey converts a key object into its protobuf serialized form.

                                            func MarshalPublicKey

                                            func MarshalPublicKey(k PubKey) ([]byte, error)

                                              MarshalPublicKey converts a public key object into a protobuf serialized public key

                                              func PrivKeyToStdKey

                                              func PrivKeyToStdKey(priv PrivKey) (crypto.PrivateKey, error)

                                                PrivKeyToStdKey converts libp2p/go-libp2p-core/crypto private keys to standard library (and secp256k1) private keys

                                                func PubKeyToStdKey

                                                func PubKeyToStdKey(pub PubKey) (crypto.PublicKey, error)

                                                  PubKeyToStdKey converts libp2p/go-libp2p-core/crypto private keys to standard library (and secp256k1) public keys

                                                  func PublicKeyToProto

                                                  func PublicKeyToProto(k PubKey) (*pb.PublicKey, error)

                                                    PublicKeyToProto converts a public key object into an unserialized protobuf PublicKey message.

                                                    Types

                                                    type ECDSAPrivateKey

                                                    type ECDSAPrivateKey struct {
                                                    	// contains filtered or unexported fields
                                                    }

                                                      ECDSAPrivateKey is an implementation of an ECDSA private key

                                                      func (*ECDSAPrivateKey) Bytes

                                                      func (ePriv *ECDSAPrivateKey) Bytes() ([]byte, error)

                                                        Bytes returns the private key as protobuf bytes

                                                        func (*ECDSAPrivateKey) Equals

                                                        func (ePriv *ECDSAPrivateKey) Equals(o Key) bool

                                                          Equals compares two private keys

                                                          func (*ECDSAPrivateKey) GetPublic

                                                          func (ePriv *ECDSAPrivateKey) GetPublic() PubKey

                                                            GetPublic returns a public key

                                                            func (*ECDSAPrivateKey) Raw

                                                            func (ePriv *ECDSAPrivateKey) Raw() ([]byte, error)

                                                              Raw returns x509 bytes from a private key

                                                              func (*ECDSAPrivateKey) Sign

                                                              func (ePriv *ECDSAPrivateKey) Sign(data []byte) ([]byte, error)

                                                                Sign returns the signature of the input data

                                                                func (*ECDSAPrivateKey) Type

                                                                func (ePriv *ECDSAPrivateKey) Type() pb.KeyType

                                                                  Type returns the key type

                                                                  type ECDSAPublicKey

                                                                  type ECDSAPublicKey struct {
                                                                  	// contains filtered or unexported fields
                                                                  }

                                                                    ECDSAPublicKey is an implementation of an ECDSA public key

                                                                    func (*ECDSAPublicKey) Bytes

                                                                    func (ePub *ECDSAPublicKey) Bytes() ([]byte, error)

                                                                      Bytes returns the public key as protobuf bytes

                                                                      func (*ECDSAPublicKey) Equals

                                                                      func (ePub *ECDSAPublicKey) Equals(o Key) bool

                                                                        Equals compares to public keys

                                                                        func (*ECDSAPublicKey) Raw

                                                                        func (ePub *ECDSAPublicKey) Raw() ([]byte, error)

                                                                          Raw returns x509 bytes from a public key

                                                                          func (*ECDSAPublicKey) Type

                                                                          func (ePub *ECDSAPublicKey) Type() pb.KeyType

                                                                            Type returns the key type

                                                                            func (*ECDSAPublicKey) Verify

                                                                            func (ePub *ECDSAPublicKey) Verify(data, sigBytes []byte) (bool, error)

                                                                              Verify compares data to a signature

                                                                              type ECDSASig

                                                                              type ECDSASig struct {
                                                                              	R, S *big.Int
                                                                              }

                                                                                ECDSASig holds the r and s values of an ECDSA signature

                                                                                type Ed25519PrivateKey

                                                                                type Ed25519PrivateKey struct {
                                                                                	// contains filtered or unexported fields
                                                                                }

                                                                                  Ed25519PrivateKey is an ed25519 private key.

                                                                                  func (*Ed25519PrivateKey) Bytes

                                                                                  func (k *Ed25519PrivateKey) Bytes() ([]byte, error)

                                                                                    Bytes marshals an ed25519 private key to protobuf bytes.

                                                                                    func (*Ed25519PrivateKey) Equals

                                                                                    func (k *Ed25519PrivateKey) Equals(o Key) bool

                                                                                      Equals compares two ed25519 private keys.

                                                                                      func (*Ed25519PrivateKey) GetPublic

                                                                                      func (k *Ed25519PrivateKey) GetPublic() PubKey

                                                                                        GetPublic returns an ed25519 public key from a private key.

                                                                                        func (*Ed25519PrivateKey) Raw

                                                                                        func (k *Ed25519PrivateKey) Raw() ([]byte, error)

                                                                                          Raw private key bytes.

                                                                                          func (*Ed25519PrivateKey) Sign

                                                                                          func (k *Ed25519PrivateKey) Sign(msg []byte) ([]byte, error)

                                                                                            Sign returns a signature from an input message.

                                                                                            func (*Ed25519PrivateKey) Type

                                                                                            func (k *Ed25519PrivateKey) Type() pb.KeyType

                                                                                              Type of the private key (Ed25519).

                                                                                              type Ed25519PublicKey

                                                                                              type Ed25519PublicKey struct {
                                                                                              	// contains filtered or unexported fields
                                                                                              }

                                                                                                Ed25519PublicKey is an ed25519 public key.

                                                                                                func (*Ed25519PublicKey) Bytes

                                                                                                func (k *Ed25519PublicKey) Bytes() ([]byte, error)

                                                                                                  Bytes returns a ed25519 public key as protobuf bytes.

                                                                                                  func (*Ed25519PublicKey) Equals

                                                                                                  func (k *Ed25519PublicKey) Equals(o Key) bool

                                                                                                    Equals compares two ed25519 public keys.

                                                                                                    func (*Ed25519PublicKey) Raw

                                                                                                    func (k *Ed25519PublicKey) Raw() ([]byte, error)

                                                                                                      Raw public key bytes.

                                                                                                      func (*Ed25519PublicKey) Type

                                                                                                      func (k *Ed25519PublicKey) Type() pb.KeyType

                                                                                                        Type of the public key (Ed25519).

                                                                                                        func (*Ed25519PublicKey) Verify

                                                                                                        func (k *Ed25519PublicKey) Verify(data []byte, sig []byte) (bool, error)

                                                                                                          Verify checks a signature agains the input data.

                                                                                                          type GenSharedKey

                                                                                                          type GenSharedKey func([]byte) ([]byte, error)

                                                                                                            GenSharedKey generates the shared key from a given private key

                                                                                                            func GenerateEKeyPair

                                                                                                            func GenerateEKeyPair(curveName string) ([]byte, GenSharedKey, error)

                                                                                                              GenerateEKeyPair returns an ephemeral public key and returns a function that will compute the shared secret key. Used in the identify module.

                                                                                                              Focuses only on ECDH now, but can be made more general in the future.

                                                                                                              type Key

                                                                                                              type Key interface {
                                                                                                              	// Bytes returns a serialized, storeable representation of this key
                                                                                                              	// DEPRECATED in favor of Marshal / Unmarshal
                                                                                                              	Bytes() ([]byte, error)
                                                                                                              
                                                                                                              	// Equals checks whether two PubKeys are the same
                                                                                                              	Equals(Key) bool
                                                                                                              
                                                                                                              	// Raw returns the raw bytes of the key (not wrapped in the
                                                                                                              	// libp2p-crypto protobuf).
                                                                                                              	//
                                                                                                              	// This function is the inverse of {Priv,Pub}KeyUnmarshaler.
                                                                                                              	Raw() ([]byte, error)
                                                                                                              
                                                                                                              	// Type returns the protobof key type.
                                                                                                              	Type() pb.KeyType
                                                                                                              }

                                                                                                                Key represents a crypto key that can be compared to another key

                                                                                                                type PrivKey

                                                                                                                type PrivKey interface {
                                                                                                                	Key
                                                                                                                
                                                                                                                	// Cryptographically sign the given bytes
                                                                                                                	Sign([]byte) ([]byte, error)
                                                                                                                
                                                                                                                	// Return a public key paired with this private key
                                                                                                                	GetPublic() PubKey
                                                                                                                }

                                                                                                                  PrivKey represents a private key that can be used to generate a public key and sign data

                                                                                                                  func UnmarshalECDSAPrivateKey

                                                                                                                  func UnmarshalECDSAPrivateKey(data []byte) (PrivKey, error)

                                                                                                                    UnmarshalECDSAPrivateKey returns a private key from x509 bytes

                                                                                                                    func UnmarshalEd25519PrivateKey

                                                                                                                    func UnmarshalEd25519PrivateKey(data []byte) (PrivKey, error)

                                                                                                                      UnmarshalEd25519PrivateKey returns a private key from input bytes.

                                                                                                                      func UnmarshalPrivateKey

                                                                                                                      func UnmarshalPrivateKey(data []byte) (PrivKey, error)

                                                                                                                        UnmarshalPrivateKey converts a protobuf serialized private key into its representative object

                                                                                                                        func UnmarshalRsaPrivateKey

                                                                                                                        func UnmarshalRsaPrivateKey(b []byte) (PrivKey, error)

                                                                                                                          UnmarshalRsaPrivateKey returns a private key from the input x509 bytes

                                                                                                                          func UnmarshalSecp256k1PrivateKey

                                                                                                                          func UnmarshalSecp256k1PrivateKey(data []byte) (PrivKey, error)

                                                                                                                            UnmarshalSecp256k1PrivateKey returns a private key from bytes

                                                                                                                            type PrivKeyUnmarshaller

                                                                                                                            type PrivKeyUnmarshaller func(data []byte) (PrivKey, error)

                                                                                                                              PrivKeyUnmarshaller is a func that creates a PrivKey from a given slice of bytes

                                                                                                                              type PubKey

                                                                                                                              type PubKey interface {
                                                                                                                              	Key
                                                                                                                              
                                                                                                                              	// Verify that 'sig' is the signed hash of 'data'
                                                                                                                              	Verify(data []byte, sig []byte) (bool, error)
                                                                                                                              }

                                                                                                                                PubKey is a public key that can be used to verifiy data signed with the corresponding private key

                                                                                                                                func PublicKeyFromProto

                                                                                                                                func PublicKeyFromProto(pmes *pb.PublicKey) (PubKey, error)

                                                                                                                                  PublicKeyFromProto converts an unserialized protobuf PublicKey message into its representative object.

                                                                                                                                  func UnmarshalECDSAPublicKey

                                                                                                                                  func UnmarshalECDSAPublicKey(data []byte) (PubKey, error)

                                                                                                                                    UnmarshalECDSAPublicKey returns the public key from x509 bytes

                                                                                                                                    func UnmarshalEd25519PublicKey

                                                                                                                                    func UnmarshalEd25519PublicKey(data []byte) (PubKey, error)

                                                                                                                                      UnmarshalEd25519PublicKey returns a public key from input bytes.

                                                                                                                                      func UnmarshalPublicKey

                                                                                                                                      func UnmarshalPublicKey(data []byte) (PubKey, error)

                                                                                                                                        UnmarshalPublicKey converts a protobuf serialized public key into its representative object

                                                                                                                                        func UnmarshalRsaPublicKey

                                                                                                                                        func UnmarshalRsaPublicKey(b []byte) (PubKey, error)

                                                                                                                                          UnmarshalRsaPublicKey returns a public key from the input x509 bytes

                                                                                                                                          func UnmarshalSecp256k1PublicKey

                                                                                                                                          func UnmarshalSecp256k1PublicKey(data []byte) (PubKey, error)

                                                                                                                                            UnmarshalSecp256k1PublicKey returns a public key from bytes

                                                                                                                                            type PubKeyUnmarshaller

                                                                                                                                            type PubKeyUnmarshaller func(data []byte) (PubKey, error)

                                                                                                                                              PubKeyUnmarshaller is a func that creates a PubKey from a given slice of bytes

                                                                                                                                              type RsaPrivateKey

                                                                                                                                              type RsaPrivateKey struct {
                                                                                                                                              	// contains filtered or unexported fields
                                                                                                                                              }

                                                                                                                                                RsaPrivateKey is an rsa private key

                                                                                                                                                func (*RsaPrivateKey) Bytes

                                                                                                                                                func (sk *RsaPrivateKey) Bytes() ([]byte, error)

                                                                                                                                                  Bytes returns protobuf bytes from a private key

                                                                                                                                                  func (*RsaPrivateKey) Equals

                                                                                                                                                  func (sk *RsaPrivateKey) Equals(k Key) bool

                                                                                                                                                    Equals checks whether this key is equal to another

                                                                                                                                                    func (*RsaPrivateKey) GetPublic

                                                                                                                                                    func (sk *RsaPrivateKey) GetPublic() PubKey

                                                                                                                                                      GetPublic returns a public key

                                                                                                                                                      func (*RsaPrivateKey) Raw

                                                                                                                                                      func (sk *RsaPrivateKey) Raw() ([]byte, error)

                                                                                                                                                      func (*RsaPrivateKey) Sign

                                                                                                                                                      func (sk *RsaPrivateKey) Sign(message []byte) ([]byte, error)

                                                                                                                                                        Sign returns a signature of the input data

                                                                                                                                                        func (*RsaPrivateKey) Type

                                                                                                                                                        func (sk *RsaPrivateKey) Type() pb.KeyType

                                                                                                                                                        type RsaPublicKey

                                                                                                                                                        type RsaPublicKey struct {
                                                                                                                                                        	// contains filtered or unexported fields
                                                                                                                                                        }

                                                                                                                                                          RsaPublicKey is an rsa public key

                                                                                                                                                          func (*RsaPublicKey) Bytes

                                                                                                                                                          func (pk *RsaPublicKey) Bytes() ([]byte, error)

                                                                                                                                                            Bytes returns protobuf bytes of a public key

                                                                                                                                                            func (*RsaPublicKey) Equals

                                                                                                                                                            func (pk *RsaPublicKey) Equals(k Key) bool

                                                                                                                                                              Equals checks whether this key is equal to another

                                                                                                                                                              func (*RsaPublicKey) Raw

                                                                                                                                                              func (pk *RsaPublicKey) Raw() ([]byte, error)

                                                                                                                                                              func (*RsaPublicKey) Type

                                                                                                                                                              func (pk *RsaPublicKey) Type() pb.KeyType

                                                                                                                                                              func (*RsaPublicKey) Verify

                                                                                                                                                              func (pk *RsaPublicKey) Verify(data, sig []byte) (bool, error)

                                                                                                                                                                Verify compares a signature against input data

                                                                                                                                                                type Secp256k1PrivateKey

                                                                                                                                                                type Secp256k1PrivateKey btcec.PrivateKey

                                                                                                                                                                  Secp256k1PrivateKey is an Secp256k1 private key

                                                                                                                                                                  func (*Secp256k1PrivateKey) Bytes

                                                                                                                                                                  func (k *Secp256k1PrivateKey) Bytes() ([]byte, error)

                                                                                                                                                                    Bytes returns protobuf bytes from a private key

                                                                                                                                                                    func (*Secp256k1PrivateKey) Equals

                                                                                                                                                                    func (k *Secp256k1PrivateKey) Equals(o Key) bool

                                                                                                                                                                      Equals compares two private keys

                                                                                                                                                                      func (*Secp256k1PrivateKey) GetPublic

                                                                                                                                                                      func (k *Secp256k1PrivateKey) GetPublic() PubKey

                                                                                                                                                                        GetPublic returns a public key

                                                                                                                                                                        func (*Secp256k1PrivateKey) Raw

                                                                                                                                                                        func (k *Secp256k1PrivateKey) Raw() ([]byte, error)

                                                                                                                                                                          Raw returns the bytes of the key

                                                                                                                                                                          func (*Secp256k1PrivateKey) Sign

                                                                                                                                                                          func (k *Secp256k1PrivateKey) Sign(data []byte) ([]byte, error)

                                                                                                                                                                            Sign returns a signature from input data

                                                                                                                                                                            func (*Secp256k1PrivateKey) Type

                                                                                                                                                                            func (k *Secp256k1PrivateKey) Type() pb.KeyType

                                                                                                                                                                              Type returns the private key type

                                                                                                                                                                              type Secp256k1PublicKey

                                                                                                                                                                              type Secp256k1PublicKey btcec.PublicKey

                                                                                                                                                                                Secp256k1PublicKey is an Secp256k1 public key

                                                                                                                                                                                func (*Secp256k1PublicKey) Bytes

                                                                                                                                                                                func (k *Secp256k1PublicKey) Bytes() ([]byte, error)

                                                                                                                                                                                  Bytes returns protobuf bytes from a public key

                                                                                                                                                                                  func (*Secp256k1PublicKey) Equals

                                                                                                                                                                                  func (k *Secp256k1PublicKey) Equals(o Key) bool

                                                                                                                                                                                    Equals compares two public keys

                                                                                                                                                                                    func (*Secp256k1PublicKey) Raw

                                                                                                                                                                                    func (k *Secp256k1PublicKey) Raw() ([]byte, error)

                                                                                                                                                                                      Raw returns the bytes of the key

                                                                                                                                                                                      func (*Secp256k1PublicKey) Type

                                                                                                                                                                                      func (k *Secp256k1PublicKey) Type() pb.KeyType

                                                                                                                                                                                        Type returns the public key type

                                                                                                                                                                                        func (*Secp256k1PublicKey) Verify

                                                                                                                                                                                        func (k *Secp256k1PublicKey) Verify(data []byte, sigStr []byte) (bool, error)

                                                                                                                                                                                          Verify compares a signature against the input data

                                                                                                                                                                                          type StretchedKeys

                                                                                                                                                                                          type StretchedKeys struct {
                                                                                                                                                                                          	IV        []byte
                                                                                                                                                                                          	MacKey    []byte
                                                                                                                                                                                          	CipherKey []byte
                                                                                                                                                                                          }

                                                                                                                                                                                            StretchedKeys ...

                                                                                                                                                                                            Directories

                                                                                                                                                                                            Path Synopsis