message

package
v0.0.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 9, 2015 License: BSD-2-Clause Imports: 14 Imported by: 9

Documentation

Overview

Package message implements repbin messages.

Index

Constants

View Source 
const (
	// DefaultTotalLength is the size of the message.
	DefaultTotalLength = BodyMaxLength + SignHeaderSize + KeyHeaderSize
	// DefaultPadToLength is the size of the body including random padding.
	DefaultPadToLength = 4096
	// DefaultHashCashBits is the minimum number of hashcash bits requried.
	DefaultHashCashBits = byte(23)
)
View Source 
const (
	// Curve25519KeySize defines how big a curve25519 key is.
	Curve25519KeySize = 32
	// SharedKeySize defines how long the shared secret is.
	SharedKeySize = 64
	// HMACKeySize is the size of the HMAC key.
	HMACKeySize = 32
	// SymmetricKeySize is the size of the symmetric encryption key (for AES-CTR).
	SymmetricKeySize = 32
	// NonceSize bytes of nonce.
	NonceSize = 32
	// PadKeySize is the size of the padding key.
	PadKeySize = 32
	// HMACSize is the size of the hmac output, we're using SHA256.
	HMACSize = 32
	// IVSize defines the length of the IV, calculated by hashing pubkeys and nonce.
	IVSize = aes.BlockSize
)
View Source 
const (
	// MsgTypeBlob signals a standard blob of data without special meaning.
	MsgTypeBlob = 0x01
	// MsgTypeList signals a list of other messages.
	MsgTypeList = 0x02
	// MsgTypeRepost signals a message that is sent to a reposter.
	MsgTypeRepost = 0x03
)
View Source 
const (
	// BodyMaxLength is the maximum length of the body that can be accepted.
	BodyMaxLength = 65535
	// MessageIDSize is the size of a MessageID.
	MessageIDSize = sha256.Size
	// SignHeaderSize is the size of the signature header.
	SignHeaderSize = 1 + ed25519.PublicKeySize + ed25519.SignatureSize + MessageIDSize + hashcash.NonceSize
	// KeyHeaderSize is the size of the key header (four curve25519 public keys for DH and nonce).
	KeyHeaderSize = 4*Curve25519KeySize + NonceSize

	// Version of this protocol.
	Version = 0x01
)
View Source 
const (
	// SignerPubKeySize is the size of a public key used for signing.
	SignerPubKeySize = ed25519.PublicKeySize
)
View Source 
const VersionID = "0.0.1 very alpha"

VersionID of this release.

Variables

View Source 
var (
	// ErrNoKeys is returned if no method for private key discovery is available.
	ErrNoKeys = errors.New("message: No private keys available")
	// ErrBadMessageID is returned when the message ID signed is different from the one calculated.
	ErrBadMessageID = errors.New("message: Unexpected message ID")
	// ErrBadSender is returned when another sender was expected.
	ErrBadSender = errors.New("message: Unexpected sender")
)
View Source 
var (
	// ErrIncompleteKeyPack is returned if a KeyPack cannot be filled.
	ErrIncompleteKeyPack = errors.New("message: incomplete keypack")
	// ErrMissingKey is returned if too few keys are used fro keypack construction.
	ErrMissingKey = errors.New("message: missing temporary pubkey")
)
View Source 
var (
	// ErrTooLong is returned if the message body is too big.
	ErrTooLong = errors.New("message: Content too long")
	// ErrTooShort is returned if the message is smaller than allowed.
	ErrTooShort = errors.New("message: Message too short")
	// ErrBadHMAC is returned if the HMAC does not verify.
	ErrBadHMAC = errors.New("message: Bad HMAC")
)
View Source 
var (
	// ErrNoKeyFound is returned if no key could be found.
	ErrNoKeyFound = errors.New("message: No signature key found in generation")
	// ErrBadVersion is returned if a message does not conform to the right version.
	ErrBadVersion = errors.New("message: Wrong version")
	// ErrHashCash is returned if not enough bits are produced by the ErrHashCash challenge.
	ErrHashCash = errors.New("message: Not enough HashCash bits")
	// ErrBadSignature is returned if the post signature does not verify.
	ErrBadSignature = errors.New("message: Signature verification failed")
)
View Source 
var (
	// ErrEnvelopeShort is returned if the envelope is too short to even contain a signature header.
	ErrEnvelopeShort = errors.New("message: Envelope too short")
)

Functions

func CalcKeys 

func CalcKeys(sharedSecret [SharedKeySize]byte) (hmacKey *[HMACKeySize]byte, symmetricKey *[SymmetricKeySize]byte)

CalcKeys generates the keys for hmac calculation and symmetric encryption from the shared secret.

func CalcMaxEmbedded 

func CalcMaxEmbedded(TotalLength int) int

CalcMaxEmbedded returns the maximum size of data that can be included in a message of TotalLength size.

func CalcMessageID 

func CalcMessageID(msg []byte) *[MessageIDSize]byte

CalcMessageID from raw message (skip signature part).

func CalcSharedSecret 

func CalcSharedSecret(myKeys, peerKeys *KeyPack, nonce *[NonceSize]byte, sending bool) (sharedSecret [SharedKeySize]byte)

CalcSharedSecret does a triple DH from the keypacks to generate the shared secret. myKeys needs to contain private keys, peerKeys only needs public keys Sending determines if one is sender or recipient of a message.

func GenIV 

func GenIV(d []byte) *[IVSize]byte

GenIV generates the IV by sha256 d. d should be the slice containing the pubkeys and nonce from the message.

func GenNonce 

func GenNonce() (*[NonceSize]byte, error)

GenNonce returns NonceSize random bytes.

func GenPad 

func GenPad(key *[PadKeySize]byte, length int) []byte

GenPad produces a slice of bytes with length int, filled with pseudo-random numbers generated from key using AES-CTR.

func GenPadKey 

func GenPadKey() (*[PadKeySize]byte, error)

GenPadKey generates a random value suitable for the padding generator.

func KeyIsHidden 

func KeyIsHidden(k *Curve25519Key) bool

KeyIsHidden returns true if key index should be hidden.

func KeyIsSync 

func KeyIsSync(k *Curve25519Key) bool

KeyIsSync returns true if messages for this key should be synced.

func PackKeyHeader 

func PackKeyHeader(senderKeys, peerKeys *KeyPack, nonce *[NonceSize]byte) *[KeyHeaderSize]byte

PackKeyHeader constructs the header from the KeyPacks and Nonce.

func RePad 

func RePad(msg []byte, padKey *[PadKeySize]byte, totalLength int) []byte

RePad adds the deterministic padding to a message.

Types

type Base64Message 

type Base64Message []byte

Base64Message is a message encoded in Base64.

func EncodeBase64 

func EncodeBase64(message []byte) Base64Message

EncodeBase64 encodes a message to base64.

func (Base64Message) Decode 

func (bm Base64Message) Decode() ([]byte, error)

Decode a base64 encoded message.

func (Base64Message) GetSignHeader 

func (bm Base64Message) GetSignHeader() (*[SignHeaderSize]byte, error)

GetSignHeader returns the signature header from an message.

type Curve25519Key 

type Curve25519Key [Curve25519KeySize]byte

Curve25519Key is a curve25519 public or private key.

func CalcPub 

func CalcPub(privateKey *Curve25519Key) *Curve25519Key

CalcPub generates a public key from a private key.

func GenLongTermKey 

func GenLongTermKey(hidden bool, sync bool) (*Curve25519Key, error)

GenLongTermKey returns a private key that is meant for long-term use and adheres to the hidden index rule. hidden means that the server should not allow index access without authentication. sync means that the server should not sync the message to other servers (it is not part of the global index).

func GenPubKey 

func GenPubKey(priv *Curve25519Key) *Curve25519Key

GenPubKey calculates the public key for a private key.

func GenRandomKey 

func GenRandomKey() (*Curve25519Key, error)

GenRandomKey generates a random key useable for temporary keys.

type DecryptBodyDef 

type DecryptBodyDef struct {
	IV           [IVSize]byte        // The IV to use. This is overkill since the key is unique anyways... anyways.
	SharedSecret [SharedKeySize]byte // The shared secret, calculate HMAC and Symmetric Key from this.
}

DecryptBodyDef contains parameters for decryption.

func (*DecryptBodyDef) DecryptBody 

func (bd *DecryptBodyDef) DecryptBody(data []byte) ([]byte, byte, error)

DecryptBody decrypts a body and verifies the hmac.

type EncryptBodyDef 

type EncryptBodyDef struct {
	IV           [IVSize]byte        // The IV to use. This is overkill since the key is unique anyways... anyways.
	SharedSecret [SharedKeySize]byte // The shared secret, calculate HMAC and Symmetric Key from this.
	TotalLength  int                 // Total size of body including padding.
	PadToLength  int                 // PadToLength will pad the body to PadToLength size of random padding before adding deterministic padding, if any.
	MessageType  byte
}

EncryptBodyDef contains parameters for body encryption.

func (*EncryptBodyDef) EncryptBody 

func (bd *EncryptBodyDef) EncryptBody(data []byte) (*EncryptedBody, error)

EncryptBody takes data and creates a body out of it.

type EncryptedBody 

type EncryptedBody struct {
	Encrypted            []byte           // First element.
	RandomPadding        []byte           // Second element.
	DeterministicPadding []byte           // Third element.
	PadKey               [PadKeySize]byte // Will be set if deterministic padding is appended.
	HMACSum              [HMACSize]byte   // The HMAC.
}

EncryptedBody contains the restuls of an encryption or parsing.

func (EncryptedBody) Bytes 

func (eb EncryptedBody) Bytes() []byte

Bytes returns the body as byteslice.

func (EncryptedBody) BytesNoPadding 

func (eb EncryptedBody) BytesNoPadding() []byte

BytesNoPadding returns the body as byteslice omitting deterministic padding.

type KeyPack 

type KeyPack struct {
	ConstantPubKey   *Curve25519Key // Public key: SenderConstantPubKey.
	ConstantPrivKey  *Curve25519Key // Private key of ConstantPubKey.
	TemporaryPubKey  *Curve25519Key // Public key: SenderTemporaryPubKey.
	TemporaryPrivKey *Curve25519Key // Private key of TemporaryPubKey.
}

KeyPack contains one side of keys.

func GenKeyPack 

func GenKeyPack(privateConstant *Curve25519Key, deterministic bool) (*KeyPack, error)

GenKeyPack generate a keypack. If privateConstant is nil, all keys will be ephemeral. If deterministic is true then the temporaryPrivKey will be generated from the constantPrivKey.

func GenReceiveKeys 

func GenReceiveKeys(publicConstant, publicTemporary *Curve25519Key) (*KeyPack, error)

GenReceiveKeys generates a KeyPack for the recipient unless public keys are available.

func GenSenderKeys 

func GenSenderKeys(privateConstant *Curve25519Key) (*KeyPack, error)

GenSenderKeys returns a keypack suitable for the sender. If PrivateConstant is nil, all keys will be ephemeral.

func ParseKeyHeader 

func ParseKeyHeader(keyHeader *[KeyHeaderSize]byte) (senderKeys, peerKeys *KeyPack, nonce *[NonceSize]byte)

ParseKeyHeader returns the KeyPacks and Nonce of a KeyHeader.

func (*KeyPack) FillKeys 

func (kp *KeyPack) FillKeys(deterministic bool) error

FillKeys constructs missing keys in a KeyPack. If deterministic==true then temporary keys are generated from the constant keys.

func (*KeyPack) MatchPrivate 

func (kp *KeyPack) MatchPrivate(constantPrivKey, temporaryPrivKey *Curve25519Key) bool

MatchPrivate tries to match given private key(s) to the KeyPack. Keys will be added to the keypack if a match is found.

type Message 

type Message struct {
	SignatureHeader *[SignHeaderSize]byte // Packet signature header.
	Header          *[KeyHeaderSize]byte  // Packed message header.
	Body            []byte                // Unpacked body.
}

Message is a full message.

func ParseMessage 

func ParseMessage(msg []byte) (*Message, error)

ParseMessage cuts a byteslice into a Message struct.

func (Message) Bytes 

func (msg Message) Bytes() []byte

Bytes converts a message struct into a byte slice.

func (Message) CalcMessageID 

func (msg Message) CalcMessageID() *[MessageIDSize]byte

CalcMessageID from encrypted body.

type MetaDataRecieve 

type MetaDataRecieve struct {
	SenderConstantPublicKey   *Curve25519Key      // Public key used by sender.
	ReceiveConstantPublicKey  *Curve25519Key      // Constant public key of recipient.
	ReceiveTemporaryPublicKey *Curve25519Key      // Temporary public key of recipient.
	MessageID                 [MessageIDSize]byte // MessageID as calculated.
	MessageType               byte                // MessageType of message.
}

MetaDataRecieve contains data from decryption

type MetaDataSend 

type MetaDataSend struct {
	MessageID              [MessageIDSize]byte // MessageID of the message (calculated from header+body).
	PadKey                 *[PadKeySize]byte   // Will be set if deterministic padding is appended and meaningful.
	MessageKey             *Curve25519Key      // Will be set if ephemeral recipient keys are used.
	ReceiverConstantPubKey *Curve25519Key
}

MetaDataSend contains metadata for the message.

type Receiver 

type Receiver struct {
	SenderPublicKey            *Curve25519Key // Optional. If set, verify for message.
	ReceiveConstantPrivateKey  *Curve25519Key // Optional. Will use callback if not set.
	ReceiveTemporaryPrivateKey *Curve25519Key // Optional. Will try to generate from ReceiveConstantPrivateKey, then Callback.
	// KeyCallBack is an optional function to get private keys. It takes a public key as parameter and expects the private key or nil as return.
	KeyCallBack func(*Curve25519Key) *Curve25519Key
	// HashCashBits is the minimum number of hashcash bits required. Will be set to default if missing.
	HashCashBits byte
}

Receiver defines receiver functionality.

func (Receiver) Decrypt 

func (receiver Receiver) Decrypt(encMessage []byte) (message []byte, meta *MetaDataRecieve, err error)

Decrypt applies decryption & verification to a messsage.

type Sender 

type Sender struct {
	Signer                    *SignKeyPair   // Optional, autogenerated when missing.
	SenderPrivateKey          *Curve25519Key // Optional. Use ephemeral key if missing.
	ReceiveConstantPublicKey  *Curve25519Key // Optional. Constant public key of receiver, ephemeral keys will be used if missing.
	ReceiveTemporaryPublicKey *Curve25519Key // MUST be set IF ReceiveConstantPublicKey is set.
	// TotalLength is the total size of body including padding.
	// Set to default if missing if 0.
	TotalLength int
	// PadToLength will pad the body to PadToLength size of random padding before adding deterministic padding, if any.
	// Set to default if missing if 0.
	PadToLength int
	// HashCashBits is the minimum number of hashcash bits required. Will be set to default if missing.
	HashCashBits byte
}

Sender defines sender behavior

func (Sender) Encrypt 

func (sender Sender) Encrypt(messageType byte, message []byte) (encMessage []byte, meta *MetaDataSend, err error)

Encrypt encrypts a message.

func (Sender) EncryptRepost 

func (sender Sender) EncryptRepost(messageType byte, message []byte) (rewrapMessage []byte, meta *MetaDataSend, err error)

EncryptRepost encrypts a message for reposting, meaning that the deterministic padding is thrown away and there is no encoding.

type SignKeyPair 

type SignKeyPair struct {
	PublicKey  *[SignerPubKeySize]byte
	PrivateKey *[ed25519.PrivateKeySize]byte
	Nonce      [hashcash.NonceSize]byte // HashCash nonce
	Bits       byte                     // Bits in hashcash
}

SignKeyPair represents a signature key pair.

func GenKey 

func GenKey(bits byte) (keypair *SignKeyPair, err error)

GenKey calculates a keypair fit for signing, including hashcahs

func (*SignKeyPair) Marshal 

func (keypair *SignKeyPair) Marshal() []byte

Marshal a keypair into a byte slice.

func (*SignKeyPair) Sign 

func (keypair *SignKeyPair) Sign(msgID [MessageIDSize]byte) *[SignHeaderSize]byte

Sign a messageid.

func (SignKeyPair) Unmarshal 

func (keypair SignKeyPair) Unmarshal(d []byte) (*SignKeyPair, error)

Unmarshal d into keypair.

type SignatureDetails 

type SignatureDetails struct {
	MsgID         [MessageIDSize]byte      // MsgID of the message (sha256(KeyHeader|Body))
	PublicKey     [SignerPubKeySize]byte   // Public key of signer
	HashCashNonce [hashcash.NonceSize]byte // The HashCash nonce
	HashCashBits  byte                     // HashCash bits
}

SignatureDetails contains the fields of the signature header (minus signature itself).

func VerifySignature 

func VerifySignature(header [SignHeaderSize]byte, minbits byte) (details *SignatureDetails, err error)

VerifySignature verifies a signature header. It checks if the version, signatures and hashcash are correct.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.