e2e

package

v0.0.9 Latest Latest Go to latest Published: Dec 6, 2023 License: BSD-2-Clause Imports: 24 Imported by: 24

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

gitlab.com/elixxir/crypto

Links

Open Source Insights

Documentation ¶

Overview ¶

Packagee 2e contains functions used in the end-to-end encryption algorithm, including the end-to-end key rotation.

Index ¶

Constants
Variables
func Crypt(key Key, fingerprint format.Fingerprint, msg []byte) []byte
func DecryptAES256(key, ciphertext []byte) ([]byte, error)
func DecryptAES256WithIV(key []byte, iv [AESBlockSize]byte, ciphertext []byte) ([]byte, error)
func DeriveKeyFingerprint(dhkey *cyclic.Int, keyNum uint32, salts ...[]byte) format.Fingerprint
func EncryptAES256(key, plaintext []byte) ([]byte, error)
func EncryptAES256WithIV(key []byte, iv [AESBlockSize]byte, plaintext []byte) ([]byte, error)
func GenerateConnectionFingerprint(sendFp, receiveFp []byte) []byte
func GenerateKeyTTL(key *large.Int, min uint16, max uint16, params TTLParams) (uint16, uint32)
func IsUnencrypted(m format.Message) (bool, *id.ID)
func KeyGen(currentUser *id.ID, users []*id.ID, grp *cyclic.Group) []*cyclic.Int
func MakeRelationshipFingerprint(pubkeyA, pubkeyB *cyclic.Int, sender, receiver *id.ID) []byte
func Pad(msg []byte, encMsgLen int) (encMsg []byte, err error)
func SetUnencrypted(payload []byte, uid *id.ID) ([]byte, format.Fingerprint)
func Unpad(encMsg []byte) (msg []byte, err error)
type Key
- func DeriveKey(basekey *cyclic.Int, keyNum uint32, salts ...[]byte) Key
type KeyResidue
- func NewKeyResidue(key Key) KeyResidue
- func UnmarshalKeyResidue(b []byte) (KeyResidue, error)
- func (kr KeyResidue) Marshal() []byte
- func (kr KeyResidue) MarshalJSON() ([]byte, error)
- func (kr KeyResidue) String() string
- func (kr KeyResidue) StringVerbose() string
- func (kr *KeyResidue) UnmarshalJSON(data []byte) error
type MessageID
- func NewMessageID(relationshipFingerprint []byte, conversationID uint64) MessageID
- func UnmarshalMessageID(b []byte) (MessageID, error)
- func (mid MessageID) Marshal() []byte
- func (mid MessageID) String() string
- func (mid MessageID) StringVerbose() string
type SendReport
type TTLParams

Constants ¶

View Source

const AES256KeyLen = 32

View Source

const AESBlockSize = aes.BlockSize

View Source

const KeyLen = 32

View Source

const (
	KeyResidueLength = 32
)

KeyResidue generation constants.

View Source

const MessageIDLen = 32

View Source

const MinPaddingLen = MinPaddingStringLen + NumFixedPaddingLen

View Source

const MinPaddingStringLen = 8

See length checking in RFC 3447 7.2.1-1

View Source

const NumFixedPaddingLen = 3

View Source

const ReKeyStr = "REKEY"

Variables ¶

View Source

var ErrBadArgs = errors.New("Key and/or plaintext/ciphertext are nil")

View Source

var ErrBadCiphertext = errors.New("Ciphertext is nil, empty or is not multiple of blocksize")

View Source

var ErrBadPadding = errors.New("Bad padding in plaintext")

View Source

var ErrBadPlaintext = errors.New("Plaintext is nil, empty or is not padded to blocksize")

Error case messages

View Source

var ErrCantPad = errors.New("Error while padding plaintext")

View Source

var ErrCantUnpad = errors.New("Error while unpadding plaintext")

View Source

var ErrCiphertextTooShort = errors.New("Ciphertext is too short (< 32 bytes)")

View Source

var ErrEncMessageLength = errors.New("encoded message less than min. padding length")

View Source

var ErrMessageTooLong = errors.New("message too long")

Error case messages

View Source

var ErrPaddingContainsZero = errors.New("padding string contains a zero")

View Source

var ErrPaddingPrefix = errors.New("padding prefix invalid")

View Source

var ErrPaddingTerminator = errors.New("padding terminator invalid")

Functions ¶

func Crypt ¶

func Crypt(key Key, fingerprint format.Fingerprint, msg []byte) []byte

Crypt uses XChaCha20 to encrypt or decrypt a message with the passed key using the fingerprint as a nonce

func DecryptAES256 ¶

func DecryptAES256(key, ciphertext []byte) ([]byte, error)

DecryptAES256 decrypts a ciphertext using AES256 with the passed key Ciphertext is assumed to start with the IV Key can have any size, as internally it is hashed to generate the actual key Key and ciphertext can't be nil nor empty Padding and IV are removed internally Returns decrypted plaintext if no error, otherwise nil and err

func DecryptAES256WithIV ¶

func DecryptAES256WithIV(key []byte, iv [AESBlockSize]byte, ciphertext []byte) ([]byte, error)

DecryptAES256WithIV decrypts a ciphertext using AES256 with the passed key and IV Ciphertext is assumed to not have the IV, and to be padded Key can have any size, as internally it is hashed to generate the actual key IV must be 16 bytes, and it is recommended to be the MSBs of the key fingerprint Key and ciphertext can't be nil nor empty Padding is removed internally Returns decrypted plaintext if no error, otherwise nil and err

func DeriveKeyFingerprint ¶

func DeriveKeyFingerprint(dhkey *cyclic.Int, keyNum uint32, salts ...[]byte) format.Fingerprint

func EncryptAES256 ¶

func EncryptAES256(key, plaintext []byte) ([]byte, error)

EncryptAES256 encrypts the plaintext using AES256 with the passed key Plaintext is assumed to be unpadded, as padding is added internally Key can have any size, as internally it is hashed to generate the actual key Key and plaintext can't be nil nor empty IV is generated internally and returned as first 16 bytes of the ciphertext Returns ciphertext if no error, otherwise nil and err

func EncryptAES256WithIV ¶

func EncryptAES256WithIV(key []byte, iv [AESBlockSize]byte, plaintext []byte) ([]byte, error)

EncryptAES256WithIV encrypts the plaintext using AES256 with the passed key and IV Plaintext is assumed to be unpadded, as padding is added internally Key can have any size, as internally it is hashed to generate the actual key IV must be 16 bytes, and it is recommended to be the MSBs of the key fingerprint Key and plaintext can't be nil nor empty Returns ciphertext if no error, otherwise nil and err

func GenerateConnectionFingerprint ¶

func GenerateConnectionFingerprint(sendFp, receiveFp []byte) []byte

GenerateConnectionFingerprint that is the same on both sender and receiver side for E2e partners

func GenerateKeyTTL ¶

func GenerateKeyTTL(key *large.Int, min uint16, max uint16, params TTLParams) (uint16, uint32)

GenerateKeyTTL generates Key TTL and num keys given a key and a range. Returns fair key TTL (num keys before retrigger happens) and num keys (usage capacity)

func IsUnencrypted ¶

func IsUnencrypted(m format.Message) (bool, *id.ID)

IsUnencrypted determines if the message is unencrypted by comparing the hash of the message payload to the MAC. Returns true if the message is unencrypted and false otherwise. the highest bit of the recipient ID is stored in the highest bit of the MAC field. This is accounted for and the id is reassembled, with a presumed user type

func KeyGen ¶

func KeyGen(currentUser *id.ID, users []*id.ID,
	grp *cyclic.Group) []*cyclic.Int

KeyGen generates keys for all combinations of users for the current user

func MakeRelationshipFingerprint ¶

func MakeRelationshipFingerprint(pubkeyA, pubkeyB *cyclic.Int, sender,
	receiver *id.ID) []byte

creates a unique relationship fingerprint which can be used to ensure keys are unique and that message IDs are unique

func Pad ¶

func Pad(msg []byte, encMsgLen int) (encMsg []byte, err error)

PKCS 1.5 Pad using crypto.rand.Reader

func SetUnencrypted ¶

func SetUnencrypted(payload []byte, uid *id.ID) ([]byte, format.Fingerprint)

SetUnencrypted sets up the condition where the message would be determined to be unencrypted by setting the MAC to the hash of the message payload.

func Unpad ¶

func Unpad(encMsg []byte) (msg []byte, err error)

PKCS 1.5 Unpad (See RFC 3447 7.2.1 https://tools.ietf.org/html/rfc3447#section-7.2.1)

Types ¶

type Key ¶

type Key [KeyLen]byte

func DeriveKey ¶

func DeriveKey(basekey *cyclic.Int, keyNum uint32, salts ...[]byte) Key

derives a single key at position keynum using blake2B on the concatenation of the first half of the cyclic basekey and the keynum and the salts Key = H(First half of base key | keyNum | salt[0] | salt[1] | ...)

type KeyResidue ¶

type KeyResidue [KeyResidueLength]byte

KeyResidue is the residue of a Key. It represents a hash of the Key and a residue salt.

func NewKeyResidue ¶

func NewKeyResidue(key Key) KeyResidue

NewKeyResidue returns a residue of a Key. The residue is the hash of the key with the residueSalt.

func UnmarshalKeyResidue ¶

func UnmarshalKeyResidue(b []byte) (KeyResidue, error)

UnmarshalKeyResidue a KeyResidue from a byte slice binary format. Returns an error if the passed byte slice is the wrong length.

func (KeyResidue) Marshal ¶

func (kr KeyResidue) Marshal() []byte

Marshal returns the serialized KeyResidue into a binary format.

func (KeyResidue) MarshalJSON ¶

func (kr KeyResidue) MarshalJSON() ([]byte, error)

MarshalJSON marshals the KeyResidue into valid JSON. This function adheres to the json.Marshaler interface.

func (KeyResidue) String ¶

func (kr KeyResidue) String() string

String adheres to the stringer interface to return a truncated base64 encoded string of the KeyResidue.

func (KeyResidue) StringVerbose ¶

func (kr KeyResidue) StringVerbose() string

StringVerbose returns an un-truncated base64 encoding of the message iD.

func (*KeyResidue) UnmarshalJSON ¶

func (kr *KeyResidue) UnmarshalJSON(data []byte) error

UnmarshalJSON unmarshalls the JSON into the KeyResidue. This function adheres to the json.Unmarshaler interface.

type MessageID ¶

type MessageID [MessageIDLen]byte

func NewMessageID ¶

func NewMessageID(relationshipFingerprint []byte, conversationID uint64) MessageID

The message ID is probabilistically unique due to the uniqueness of the relationship fingerprint and the conversation ID

func UnmarshalMessageID ¶

func UnmarshalMessageID(b []byte) (MessageID, error)

Unmarshals a message id from a byte slice binary format. Returns an error if the passed byte slice is the wrong length

func (MessageID) Marshal ¶

func (mid MessageID) Marshal() []byte

Marshals the message ID into a binary format

func (MessageID) String ¶

func (mid MessageID) String() string

Adheres to the stringer interface to return a truncated base64 encoded string of the message ID

func (MessageID) StringVerbose ¶

func (mid MessageID) StringVerbose() string

Returns an un truncated base64 encoding of the message iD

type SendReport ¶

type SendReport struct {
	// RoundList is the list of rounds which the message payload
	// is sent.
	RoundList []id.Round

	// MessageId is the ID of the message sent.
	MessageId MessageID

	// SentTime is the time in which the message was sent.
	// More specifically it is when SendE2e is called.
	SentTime time.Time

	// KeyResidue is the residue of the key used for the first partition of the
	// message payload. The residue is a hash of the key and a salt.
	KeyResidue KeyResidue
}

SendReport is the report structure for e2e.Handler's SendE2e.

type TTLParams ¶

type TTLParams struct {
	TTLScalar  float64 // A scalar to convert a TTL key retrigger to max num keys that can be used
	MinNumKeys uint16  // The min. threshold number keys that can be used
}

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
auth
singleUse

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL