auth

Documentation

Index

• Constants
• func CreateNegotiationFingerprint(partnerDhPubKey *cyclic.Int, partnerSidhPubKey *sidh.PublicKey) []byte
• func Crypt(key, vector, msg []byte) (crypt []byte)
• func Decrypt(myPrivKey, partnerPubKey *cyclic.Int, ecrPayload, MAC []byte, ...) (success bool, payload []byte)
• func Encrypt(myPrivKey, partnerPubKey *cyclic.Int, payload []byte, grp *cyclic.Group) (ecrPayload, mac []byte)
• func MakeAuthKey(myPrivKey, partnerPubKey *cyclic.Int, grp *cyclic.Group) (Key []byte, Vector []byte)
• func MakeMac(baseKey, encryptedPayload []byte) []byte
• func MakeOwnershipProof(myHistoricalPrivKey, partnerHistoricalPubKey *cyclic.Int, grp *cyclic.Group) []byte
• func MakeOwnershipProofFP(ownershipProof []byte) format.Fingerprint
• func MakeRequestFingerprint(publicKey *cyclic.Int) format.Fingerprint
• func SetRequestFingerprint(m format.Message, partnerPublicKey *cyclic.Int)
• func VerifyMac(baseKey, encryptedPayload, mac []byte) bool
• func VerifyOwnershipProof(myHistoricalPrivKey, partnerHistoricalPubKey *cyclic.Int, grp *cyclic.Group, ...) bool

Constants

const NegotiationFingerprintLen = 32

const NonceLength = chacha20.NonceSizeX

Required length of the nonce within XChaCha20

Functions

func CreateNegotiationFingerprint

func CreateNegotiationFingerprint(partnerDhPubKey *cyclic.Int,
	partnerSidhPubKey *sidh.PublicKey) []byte

CreateNegotiationFingerprint creates a fingerprint for a re-authentication negotiation from the partner's DH public key and SIDH public key.

func Crypt

func Crypt(key, vector, msg []byte) (crypt []byte)

Crypt XChaCha20 encrypts or decrypts a message with the passed key and vector

func Decrypt

func Decrypt(myPrivKey, partnerPubKey *cyclic.Int, ecrPayload, MAC []byte,
	grp *cyclic.Group) (success bool, payload []byte)

Decrypts the payload for use in authenticated channels and provides a MAC on this encrypted payload

func Encrypt

func Encrypt(myPrivKey, partnerPubKey *cyclic.Int, payload []byte,
	grp *cyclic.Group) (ecrPayload, mac []byte)

Encrypts the payload for use in authenticated channels and provides a MAC on this encrypted payload

func MakeAuthKey

func MakeAuthKey(myPrivKey, partnerPubKey *cyclic.Int,
	grp *cyclic.Group) (Key []byte, Vector []byte)

MakeAuthKey generates a one-off key to be used to encrypt payloads for an authenticated channel

func MakeMac

func MakeMac(baseKey, encryptedPayload []byte) []byte

MakeMac returns the MAC for the given payload.

func MakeOwnershipProof

func MakeOwnershipProof(myHistoricalPrivKey, partnerHistoricalPubKey *cyclic.Int,
	grp *cyclic.Group) []byte

Ownership proofs allow users to build short proofs they own public DH keys

func MakeOwnershipProofFP

func MakeOwnershipProofFP(ownershipProof []byte) format.Fingerprint

Ownership proofs allow users to build short proofs they own public DH keys

func MakeRequestFingerprint

func MakeRequestFingerprint(publicKey *cyclic.Int) format.Fingerprint

creates a valid auth request fingerprint from a public key

func SetRequestFingerprint

func SetRequestFingerprint(m format.Message, partnerPublicKey *cyclic.Int)

Sets the message as an authenticated channel creation message

func VerifyMac

func VerifyMac(baseKey, encryptedPayload, mac []byte) bool

VerifyMac ensures that the provided MAC matches the provided payload information. Returns true if they match.

func VerifyOwnershipProof

func VerifyOwnershipProof(myHistoricalPrivKey, partnerHistoricalPubKey *cyclic.Int,
	grp *cyclic.Group, proof []byte) bool

verifies that an ownership proof is valid