whisper

package
v0.8.14 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 15, 2024 License: MIT Imports: 24 Imported by: 0

Documentation

Index

Examples

Constants

View Source 
const (
	APIVersion        = "v0.8.14"
	WireFormatVersion = byte(8)
)

Variables

View Source 
var ErrNoPrivateKey = errors.New("no private key")
View Source 
var ErrPrvKeyNotFound = errors.New("private key not found")
View Source 
var ErrPubKeyNotFound = errors.New("public key not found")
View Source 
var ErrPubPrvNotMatch = errors.New("public and private key not match")
View Source 
var ErrVersionMismatch = errors.New("whisper file format version mismatch")
View Source 
var ErrWrongPublicKey = errors.New("the public key from option -a doesn't belong to the private key")

Functions

func Decode added in v0.0.5 

func Decode(data []byte, conf Config) ([]byte, error)

func DecodeString added in v0.0.5 

func DecodeString(data string, conf Config) (string, error)

func Encode added in v0.0.5 

func Encode(data []byte, conf Config) ([]byte, error)

func EncodeString added in v0.0.5 

func EncodeString(data string, conf Config) (string, error)

func IsPassphraseRight added in v0.2.3 

func IsPassphraseRight(prv PrivateKey) (bool, error)

func ReadKey added in v0.4.0 

func ReadKey(unixPath string) ([]byte, error)

func SSHDir added in v0.4.0 

func SSHDir() (string, error)

Types

type AgentClient added in v0.3.13 

type AgentClient interface {
	Whisper(conf Config, in io.Reader, out io.Writer) error
	IsPassphraseRight(prv PrivateKey) (bool, error)
	IsServerRunning(version string) (bool, error)
	ClearCache() error
}

func NewAgentClient added in v0.3.13 

func NewAgentClient(addr string) AgentClient

type AgentError added in v0.5.1 

type AgentError struct {
	Type    AgentErrorType
	Message string
}

func (AgentError) Error added in v0.5.1 

func (e AgentError) Error() string

type AgentErrorType added in v0.5.1 

type AgentErrorType int
const (
	AgentErrorTypeOthers AgentErrorType = iota
	AgentErrorTypeSignMismatch
	AgentErrorTypeNotRecipient
)

type AgentReq added in v0.1.0 

type AgentReq struct {
	Version         string
	CheckPassphrase bool
	ClearCache      bool

	Config Config
}

type AgentRes added in v0.1.0 

type AgentRes struct {
	Running         bool
	PassphraseRight bool
	WrongPublicKey  bool
}

type AgentServer added in v0.1.0 

type AgentServer struct {
	Logger *slog.Logger
	// contains filtered or unexported fields
}

AgentServer is a tcp server that can be used to avoid inputting the passphrase every time. It will do the encryption and decryption for you, not the agent client. There's no way to get the raw private key from the tcp client, to do so you have to have root permission and dump the os memory. If the server restarts you have to send it to server again.

func NewAgentServer added in v0.1.0 

func NewAgentServer() *AgentServer

func (*AgentServer) Handle added in v0.1.0 

func (a *AgentServer) Handle(s io.ReadWriteCloser) error

func (*AgentServer) Listen added in v0.1.0 

func (a *AgentServer) Listen(l net.Listener)

Serve start a http server to avoid inputting the passphrase every time.

func (*AgentServer) Serve added in v0.1.0 

func (a *AgentServer) Serve(addr string)

Serve start a http server to avoid inputting the passphrase every time.

type Config added in v0.1.0 

type Config struct {
	// Gzip compression level
	GzipLevel int

	// For data decryption and signature signing.
	Private *PrivateKey

	// For signature checking and meta data prefixing.
	Sign *PublicKey

	// For data encryption of different recipients.
	// If the list is empty, it will be a decryption process.
	Public []PublicKey
}

func (Config) EncodeMeta added in v0.3.0 

func (c Config) EncodeMeta(out io.Writer) error

The meta format is: 

[version][flags][signer][key num][keyInfo1][keyInfo2]...

"version" is the whisper file format version. "flags" about the encoding, such as if gzip, base64 are enabled or not. "signer" is the signer's public key [PublicKey.ID] and [PublicKey.Selector]. "key num" is the num of recipients. "keyInfo1" is the first recipient's public key info. "keyInfo2" is the second recipient's public key info. ... The key info format is: [public key hash][public key meta].

func (Config) IsDecryption added in v0.4.0 

func (c Config) IsDecryption() bool

func (Config) Recipients added in v0.8.0 

func (c Config) Recipients() (bool, [][]byte, error)

type Meta added in v0.3.0 

type Meta struct {
	Gzip           bool
	Sign           bool
	LongPubKeyHash bool

	Sender *PublicKeyMeta

	// The key is the hash of the recipient's public key, value is the index of the recipient in the key list.
	Recipients map[string]Recipient
}

func DecodeMeta added in v0.3.0 

func DecodeMeta(in io.Reader) (*Meta, error)

DecodeMeta decodes the meta from the whisper file.

func PeakMeta added in v0.4.0 

func PeakMeta(in io.ReadCloser) (*Meta, io.ReadCloser, error)

PeakMeta read the meta data from the input stream, and return the unread input stream.

func (*Meta) FindSSHPrivateKey added in v0.4.0 

func (m *Meta) FindSSHPrivateKey() (string, error)

FindSSHPrivateKey find the private key that matches the recipients' public key in the ~/.ssh folder.

func (Meta) GetIndex added in v0.3.0 

func (m Meta) GetIndex(p PrivateKey) (int, error)

GetIndex returns the index of the encrypted secret that the p can decrypt.

func (Meta) HasPubKey added in v0.3.0 

func (m Meta) HasPubKey(p PublicKey) (bool, error)

func (Meta) HashSize added in v0.3.0 

func (m Meta) HashSize() int

func (Meta) String added in v0.5.1 

func (m Meta) String() string

type MetaFlag added in v0.3.0 

type MetaFlag byte
const (
	MetaGzip MetaFlag = 1 << iota
	MetaSign
	MetaLongPubKeyHash // If set, the hash size will be [sha1.Size], or it will be 4 bytes
)

type PrivateKey added in v0.0.5 

type PrivateKey struct {
	Data []byte

	// Passphrase is used to decrypt the [PrivateKey.Data]
	Passphrase string
}

type PublicKey added in v0.0.5 

type PublicKey struct {
	Data []byte

	Meta PublicKeyMeta
}

func FetchPublicKey added in v0.4.0 

func FetchPublicKey(location string) (*PublicKey, error)

FetchPublicKey from github id or a remote url.

func (PublicKey) Select added in v0.3.0 

func (k PublicKey) Select() ([]byte, error)

Select the line in Data contains the Selector.

type PublicKeyMeta added in v0.8.0 

type PublicKeyMeta struct {
	// A public ID for the public key, it can be a https url or github id.
	ID string

	// Uses to select the specific key in the URL file.
	// The line contains the Selector substring will be selected.
	Selector string
}

func NewPublicKeyMeta added in v0.8.0 

func NewPublicKeyMeta(m string) PublicKeyMeta

func (PublicKeyMeta) String added in v0.8.0 

func (k PublicKeyMeta) String() string

type Recipient added in v0.8.0 

type Recipient struct {
	Index int
	Meta  PublicKeyMeta
}

type Whisper added in v0.3.0 

type Whisper struct {
	// contains filtered or unexported fields
}

Whisper is a data encryption and decryption file format. The whisper file extension is ".wsp".

func New added in v0.0.4 

func New(conf Config) *Whisper

New encoder and decoder pair. The encoding process: 

data -> gzip -> cipher -> sign -> meta -> base64

The sign, gzip, base64 are optional.

Decoding is the reverse as the encoding. It will still decode the whole data even the signature check fails, it will return secure.ErrSignNotMatch error.

Example 
package main

import (
	"fmt"
	"os"
	"path/filepath"

	whisper "github.com/ysmood/whisper/lib"
	"github.com/ysmood/whisper/lib/secure"
)

func main() {
	recipient01, recipient01Pub := keyPair("id_ed25519_01", "test")
	recipient02, recipient02Pub := keyPair("id_ed25519_02", "") // no passphrase

	// Encrypt the message that can be decrypted by both recipient01 and recipient02.
	encrypted, _ := whisper.EncodeString("hello world!", whisper.Config{
		Public: []whisper.PublicKey{recipient01Pub, recipient02Pub},
	})

	decrypted01, _ := whisper.DecodeString(encrypted, whisper.Config{Private: &recipient01})
	decrypted02, _ := whisper.DecodeString(encrypted, whisper.Config{Private: &recipient02})

	fmt.Println(len(encrypted), decrypted01, decrypted02)

}

func keyPair(privateKeyName, passphrase string) (whisper.PrivateKey, whisper.PublicKey) {
	prv, err := os.ReadFile(filepath.FromSlash("secure/test_data/" + privateKeyName))
	if err != nil {
		panic(err)
	}

	pub, err := os.ReadFile(filepath.FromSlash("secure/test_data/" + privateKeyName + secure.PUB_KEY_EXT))
	if err != nil {
		panic(err)
	}

	return whisper.PrivateKey{prv, passphrase}, whisper.PublicKey{Data: pub}
}

Output:

240 hello world! hello world!

func (*Whisper) Decoder added in v0.3.0 

func (w *Whisper) Decoder(in io.Reader) (io.ReadCloser, error)

Decoder decrypt data stream from the in as whisper file format.

func (*Whisper) Encoder added in v0.3.0 

func (w *Whisper) Encoder(out io.Writer) (io.WriteCloser, error)

Encoder encrypt data stream to the out as whisper file format.

func (*Whisper) Handle added in v0.4.0 

func (w *Whisper) Handle(input io.ReadCloser, output io.WriteCloser) error

Source Files

View all Source files

Directories

Path Synopsis
Package secure makes encrypted data can only be decrypted by selected recipients.
 Package secure makes encrypted data can only be decrypted by selected recipients.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.