Back to godoc.org
go.cryptoscope.co/secretstream/secrethandshake

package secrethandshake

v1.2.2
Latest Go to latest
Published: Mar 6, 2020 | License: MIT | Module: go.cryptoscope.co/secretstream

Overview

Package secrethandshake is a Go implementation of Dominic Tarr's secret-handshake: https://github.com/auditdrivencrypto/secret-handshake

Two instances of go-shs can secretly shake hands over a connection.

The implementation is compatible with the JS implementation. Run `npm ci && go test -tags interop_nodejs`.

Index

Constants

const ChallengeLength = 64

ChallengeLength is the length of a challenge message in bytes

const ClientAuthLength = 16 + 32 + 64

ClientAuthLength is the length of a clientAuth message in bytes

const MACLength = 16

MACLength is the length of a MAC in bytes

const ServerAuthLength = 16 + 64

ServerAuthLength is the length of a serverAuth message in bytes

Variables

var ErrInvalidKeyPair = fmt.Errorf("secrethandshake/NewKeyPair: invalid public key")

func Client

func Client(state *State, conn io.ReadWriter) (err error)

Client shakes hands using the cryptographic identity specified in s using conn in the client role

func Server

func Server(state *State, conn io.ReadWriter) (err error)

Server shakes hands using the cryptographic identity specified in s using conn in the server role

type CurveKeyPair

type CurveKeyPair struct {
	Public [32]byte
	Secret [32]byte
}

CurveKeyPair is a keypair for use with github.com/agl/ed25519

type EdKeyPair

type EdKeyPair struct {
	Public ed25519.PublicKey
	Secret ed25519.PrivateKey
}

EdKeyPair is a keypair for use with github.com/agl/ed25519

func GenEdKeyPair

func GenEdKeyPair(r io.Reader) (*EdKeyPair, error)

GenEdKeyPair generates a ed25519 keyPair using the passed reader if r == nil it uses crypto/rand.Reader

func NewKeyPair

func NewKeyPair(public, secret []byte) (*EdKeyPair, error)

type ErrEncoding

type ErrEncoding struct {
	// contains filtered or unexported fields
}

func (ErrEncoding) Error

func (e ErrEncoding) Error() string

func (ErrEncoding) Unwrap

func (e ErrEncoding) Unwrap() error

Unwrap returns the cause

type ErrKeySize

type ErrKeySize struct {
	// contains filtered or unexported fields
}

func (ErrKeySize) Error

func (eks ErrKeySize) Error() string

type ErrProcessing

type ErrProcessing struct {
	// contains filtered or unexported fields
}

ErrProcessing is returned if I/O fails during the handshake TODO: supply Unwrap() for cause?

func (ErrProcessing) Error

func (e ErrProcessing) Error() string

func (ErrProcessing) Unwrap

func (e ErrProcessing) Unwrap() error

Unwrap returns the cause

type ErrProtocol

type ErrProtocol struct {
	// contains filtered or unexported fields
}

func (ErrProtocol) Error

func (e ErrProtocol) Error() string

type State

type State struct {
	// contains filtered or unexported fields
}

State is the state each peer holds during the handshake

func NewClientState

func NewClientState(appKey []byte, local EdKeyPair, remotePublic ed25519.PublicKey) (*State, error)

NewClientState initializes the state for the client side

func NewServerState

func NewServerState(appKey []byte, local EdKeyPair) (*State, error)

NewServerState initializes the state for the server side

func (*State) GetBoxstreamDecKeys

func (s *State) GetBoxstreamDecKeys() ([32]byte, [24]byte)

GetBoxstreamDecKeys returns the decryption key and nonce suitable for boxstream

func (*State) GetBoxstreamEncKeys

func (s *State) GetBoxstreamEncKeys() ([32]byte, [24]byte)

GetBoxstreamEncKeys returns the encryption key and nonce suitable for boxstream

func (*State) Remote

func (s *State) Remote() []byte

Remote returns the public key of the remote party

Documentation was rendered with GOOS=linux and GOARCH=amd64.

Jump to identifier

Keyboard shortcuts

? : This menu
f or F : Jump to identifier