Documentation
¶
Overview ¶
Example ¶
// some plain text sentence := []byte("hello world") // create two principals alice := delphi.NewPrincipal(rand.Reader) bob := delphi.NewPrincipal(rand.Reader) // create a message for bob, from alice msg := delphi.ComposeMessage(rand.Reader, delphi.PlainMessage, sentence) msg.SenderKey = alice.PublicKey() // add some metadata (this becomes AAD) msg.Headers["foo"] = "bar" msg.Headers["bing"] = "bat" // encrypt message err := msg.Encrypt(rand.Reader, alice, bob.PublicKey(), nil) fmt.Println("should be nil", err) // decrpyt message err = bob.Decrypt(msg, nil) fmt.Println("should be nil", err) // is decrypted text same as plain text? diff := slices.Compare(sentence, msg.PlainText) fmt.Println("should be 0", diff) // has the metadata survived? foo, ok := msg.Headers["foo"] fmt.Println("should be true", ok) fmt.Println(foo)
Output: should be nil <nil> should be nil <nil> should be 0 0 should be true true bar
Index ¶
- Constants
- Variables
- func NewSubKey(randy io.Reader) subKey
- type Certifier
- type Cipherer
- type CryptOpts
- type Decrypter
- type Encrypter
- type EncrypterOpts
- type KV
- type Key
- func (k Key) Bytes() []byte
- func (k Key) Encryption() subKey
- func (k Key) Equal(j Key) bool
- func (k Key) From(b []byte) Key
- func (k Key) IsZero() bool
- func (k Key) MarshalBinary() ([]byte, error)
- func (k Key) MarshalJSON() ([]byte, error)
- func (k Key) MarshalText() ([]byte, error)
- func (k Key) Signing() subKey
- func (k Key) ToHex() string
- func (k Key) ToInt64() int64
- func (k *Key) UnmarshalBinary(b []byte) error
- func (k *Key) UnmarshalJSON(b []byte) error
- type KeyPair
- type Message
- func (msg *Message) Digest() ([]byte, error)
- func (msg *Message) Encrypt(randy io.Reader, encrypter Encrypter, recipient Peer, opts EncrypterOpts) error
- func (msg *Message) Encrypted() bool
- func (msg *Message) Ephemeral() crypto.PublicKey
- func (msg *Message) FromPEM(p pem.Block) error
- func (msg *Message) Plain() bool
- func (msg *Message) Read(b []byte) (int, error)
- func (msg *Message) RecipientEncryption() crypto.PublicKey
- func (msg *Message) Sender() crypto.PublicKey
- func (msg *Message) Sign(randy io.Reader, signer crypto.Signer) error
- func (msg *Message) Signatory() crypto.PublicKey
- func (msg *Message) String() string
- func (msg *Message) ToPEM() pem.Block
- func (msg *Message) Valid() bool
- func (msg *Message) Verify() bool
- func (msg *Message) Write(b []byte) (int, error)
- type Nonce
- type Peer
- type Principal
- func (p Principal) Assert(randy io.Reader) (*Message, error)
- func (p Principal) ComposeMessage(randy io.Reader, body []byte) *Message
- func (p Principal) Decrypt(msg *Message, _ crypto.DecrypterOpts) error
- func (p Principal) Encrypt(randy io.Reader, msg *Message, recipient Key, _ any) error
- func (p Principal) Equal(p2 crypto.PublicKey) bool
- func (Principal) From(b []byte) (Principal, error)
- func (p Principal) MarshalBinary() ([]byte, error)
- func (p Principal) MarshalPEM() (pem.Block, error)
- func (p Principal) Nickname() string
- func (p Principal) PrivateKey() Key
- func (p Principal) Public() crypto.PublicKey
- func (p Principal) PublicKey() Key
- func (p Principal) Sign(_ io.Reader, digest []byte, _ crypto.SignerOpts) ([]byte, error)
- func (p *Principal) UnmarshalBinary(b []byte) error
- func (p *Principal) UnmarshalPEM(b pem.Block) error
- func (p Principal) Verify(delphiPubKey crypto.PublicKey, digest []byte, sig []byte) bool
- type Subject
- type Verifier
Examples ¶
Constants ¶
const GLOBAL_SALT = "oracle/v1"
const Keyspace = "delphi"
the prefix for header keys
const NonceSize = chacha20poly1305.NonceSize
const SubKeySize = 32
const Version = "v1"
Variables ¶
var ErrBadKey = errors.New("bad key")
var ErrDecryptionFailed = errors.New("decryption failed")
var ErrDelphi = errors.New("delphi")
var ErrEncryptionFailed = errors.New("encryption failed")
var ErrInvalidMsg = pear.Defer("invalid message")
var ErrNoEphemeralKey = errors.New("no ephemeral key")
var ErrNoMsg = pear.Defer("no message")
var ErrNoNonce = pear.Defer("zero value nonce")
var ErrNoSender = pear.Defer("no sender")
var ErrNoSign = pear.Defer("could not sign message")
var ErrNoValid = pear.Defer("no valid signature")
var ErrNotImplemented = errors.New("not implemented")
var UniversalNonce []byte = make([]byte, chacha20poly1305.NonceSize)
Functions ¶
Types ¶
type Certifier ¶
type Certifier interface { crypto.PrivateKey crypto.Signer Verifier }
a Certifier can produce and verify signatures
type Cipherer ¶
type Cipherer interface { crypto.PrivateKey Encrypter Decrypter }
a Cipherer can encrypt and decrypt a Message
type Decrypter ¶ added in v0.0.4
type Decrypter interface {
Decrypt(*Message, crypto.DecrypterOpts) error
}
type EncrypterOpts ¶ added in v0.0.4
type EncrypterOpts = any
type KV ¶ added in v0.1.1
a KV is a simple map with some super powers useful to us
func (KV) LexicalOrder ¶ added in v0.2.0
LexicolOrder ranges through a KV in lexical order
func (KV) MarshalBinary ¶ added in v0.2.0
func (*KV) UnmarshalBinary ¶ added in v0.2.0
type Key ¶ added in v0.0.5
type Key [2]subKey
a Key is two (specifically one encryption and one signing) keys
func KeyFromBytes ¶ added in v0.0.3
func KeyFromHex ¶ added in v0.0.5
func (Key) Encryption ¶ added in v0.0.5
func (k Key) Encryption() subKey
func (Key) MarshalBinary ¶ added in v0.3.16
func (Key) MarshalJSON ¶ added in v0.3.16
func (Key) MarshalText ¶ added in v0.1.1
func (*Key) UnmarshalBinary ¶ added in v0.3.16
func (*Key) UnmarshalJSON ¶ added in v0.2.0
type KeyPair ¶ added in v0.0.5
type KeyPair [2]Key
a KeyPair is two [Key]s. One public, one private
func NewKeyPair ¶ added in v0.0.4
NewKeyPair generates valid ed25519 and X25519 keys
type Message ¶
type Message struct { Subject Subject `msgpack:"subj" json:"subj"` RecipientKey Key `msgpack:"to" json:"to"` SenderKey Key `msgpack:"from" json:"from"` Headers KV `msgpack:"hdrs" json:"hdrs"` // additional authenticated data (AAD) Eph []byte `msgpack:"eph" json:"eph"` Nonce Nonce `msgpack:"nonce" json:"nonce"` CipherText []byte `msgpack:"ciph" json:"ciph"` PlainText []byte `msgpack:"plain" json:"plain"` Sig []byte `msgpack:"sig" json:"sig"` // contains filtered or unexported fields }
a Message is a message that represents either plain text or cipher text, encapsulating all data and metadata necessary to perform cryptographic operations.
func ComposeMessage ¶ added in v0.3.16
ComposeMessage creates a new Message. If you pass in a source of randomness, it will have a Nonce.
func NewMessage ¶
func NewMessage() *Message
func (*Message) Digest ¶ added in v0.0.3
Digest returns a hash of the Message fields which should be hashed.
func (*Message) Encrypt ¶
func (msg *Message) Encrypt(randy io.Reader, encrypter Encrypter, recipient Peer, opts EncrypterOpts) error
Encrypt encrypts a message to a Peer
func (*Message) RecipientEncryption ¶ added in v0.1.1
RecipientEncryption() returns the recipient as a public encryption key (ECDH)
func (*Message) Sender ¶ added in v0.0.5
Sender() returns the sender as a public encryption key (ECDH)
func (*Message) Signatory ¶ added in v0.0.4
Signatory() returns the public signing key of the sender (X25519)
type Nonce ¶ added in v0.0.3
A Nonce is a random value with a reasonably high chance of being globally unqiue.
func NonceFromBytes ¶ added in v0.3.0
type Peer ¶ added in v0.3.0
type Peer = Key
A Peer is the public portion of a Principal, which is a public-private key pair.
type Principal ¶
type Principal = KeyPair
A Principal contains cryptographic key material and can sign, verify, encrypt, and decrypt [Message]s.
func NewPrincipal ¶
NewPrincipal creates a new Principal
func (Principal) ComposeMessage ¶ added in v0.3.0
func (Principal) Decrypt ¶ added in v0.0.5
func (p Principal) Decrypt(msg *Message, _ crypto.DecrypterOpts) error
Decrypt decrypts a Message
func (Principal) MarshalBinary ¶ added in v0.0.5
func (Principal) Nickname ¶ added in v0.3.0
A Nickname is a very memorable string for humans only. It has weak uniqueness that is good enough for some uses.