Documentation ¶
Index ¶
- Variables
- func Encrypt(rand io.Reader, pub *ecdsa.PublicKey, msg, s1, s2 []byte) (ct []byte, err error)
- func MarshalPublicKey(k *ecdsa.PublicKey) []byte
- func UnmarshalPublicKey(curve elliptic.Curve, b []byte, k *ecdsa.PublicKey) error
- type CipherText
- type ECIES
- func (ci *ECIES) Decrypt(ct, s1, s2 []byte) (msg []byte, err error)
- func (ci *ECIES) DeriveSecretKeyringMaterial(pub *ecdsa.PublicKey, s1 []byte) (skm *SecretKeyringMaterial, err error)
- func (ci *ECIES) Encrypt(rand io.Reader, pub *ecdsa.PublicKey, msg, s1, s2 []byte) (ct []byte, err error)
- func (ci *ECIES) EncryptToCipherText(rand io.Reader, pub *ecdsa.PublicKey, msg, s1, s2 []byte) (ct *CipherText, err error)
- func (ci *ECIES) GenerateShared(pub *ecdsa.PublicKey, skLen, macLen int) (sk []byte, err error)
- func (ci *ECIES) MaxSharedKeyLength() int
- func (ci *ECIES) Params() *Params
- func (ci *ECIES) PrivateKey() *ecdsa.PrivateKey
- func (ci *ECIES) PublicKey() *ecdsa.PublicKey
- type EncryptedAuthenticatedMessage
- type NewCipherFun
- type NewHashFun
- type Params
- type SecretKeyringMaterial
Constants ¶
This section is empty.
Variables ¶
var ( ErrImport = fmt.Errorf("ecies: failed to import key") ErrInvalidCurve = fmt.Errorf("ecies: invalid elliptic curve") ErrInvalidParams = fmt.Errorf("ecies: invalid ECIES parameters") ErrInvalidPublicKey = fmt.Errorf("ecies: invalid public key") ErrKeyDataTooLong = fmt.Errorf("ecies: can't supply requested key data") ErrInvalidMessage = fmt.Errorf("ecies: invalid message") ErrUnsupportedECIESParameters = fmt.Errorf("ecies: unsupported ECIES parameters") )
Errors returned by the package
var ( // Aes128Sha256Params using AES128 and HMAC-SHA-256-16 Aes128Sha256Params = &Params{ NewHash: sha256.New, hashAlgo: crypto.SHA256, NewCipher: aes.NewCipher, BlockSize: aes.BlockSize, KeyLen: 16, } // Aes256Sha256Params using AES256 and HMAC-SHA-256-32 Aes256Sha256Params = &Params{ NewHash: sha256.New, hashAlgo: crypto.SHA256, NewCipher: aes.NewCipher, BlockSize: aes.BlockSize, KeyLen: 32, } // Aes256Sha384Params using AES256 and HMAC-SHA-384-48 Aes256Sha384Params = &Params{ NewHash: sha512.New384, hashAlgo: crypto.SHA384, NewCipher: aes.NewCipher, BlockSize: aes.BlockSize, KeyLen: 32, } // Aes256Sha512Params using AES256 and HMAC-SHA-512-64 Aes256Sha512Params = &Params{ NewHash: sha512.New, hashAlgo: crypto.SHA512, NewCipher: aes.NewCipher, BlockSize: aes.BlockSize, KeyLen: 32, } // DefaultParams holds default parameters for the default curve DefaultParams = ParamsFromCurve(DefaultCurve) )
var ( // DefaultCurve is an instance of the secp256k1 curve DefaultCurve = ethcrypto.S256() )
Functions ¶
func Encrypt ¶
Encrypt encrypts a message using ECIES as specified in SEC 1, 5.1.
s1 and s2 contain shared information that is not part of the resulting ciphertext. s1 is fed into key derivation, s2 is fed into the MAC. If the shared information parameters aren't being used, they should be nil.
func MarshalPublicKey ¶
MarshalPublicKey converts public key into the uncompressed form specified in section 4.3.6 of ANSI X9.62.
Types ¶
type CipherText ¶
type CipherText struct { EphemeralPublicKey *ecdsa.PublicKey *EncryptedAuthenticatedMessage }
CipherText holds parts of encrypted message
func (*CipherText) Marshal ¶
func (ct *CipherText) Marshal() ([]byte, error)
Marshal converts parts of encrypted message into byte slice.
type ECIES ¶
type ECIES struct {
// contains filtered or unexported fields
}
ECIES implements Elliptic Curve Integrated Encryption Scheme
func Must ¶
Must is a helper that wraps a call to a function returning (*ECIES, error) and panics if the error is non-nil. It is intended for use in variable initializations such as
var e = ecies.Must(ecies.NewGenerate(ecies.DefaultCurve, rand.Reader))
func New ¶
func New(prv *ecdsa.PrivateKey) (*ECIES, error)
New creates an instance of ECIES from specified private key, it tries automatically select appropriate parameters for encryption scheme.
func NewGenerate ¶
NewGenerate creates an instance of ECIES by generating a public and private key pair for specified elliptic curve, and selecting default parameters for encryption scheme.
func NewWithParams ¶
func NewWithParams(prv *ecdsa.PrivateKey, params *Params) (*ECIES, error)
NewWithParams creates an instance of ECIES from specified private key and params. If params is nil, the recommended default parameters for the encryption scheme will be chosen.
func (*ECIES) DeriveSecretKeyringMaterial ¶
func (ci *ECIES) DeriveSecretKeyringMaterial(pub *ecdsa.PublicKey, s1 []byte) (skm *SecretKeyringMaterial, err error)
DeriveSecretKeyringMaterial derives secret keyring material by computing shared secret from private and public keys and passing it as a parameter to the KDF.
func (*ECIES) Encrypt ¶
func (ci *ECIES) Encrypt(rand io.Reader, pub *ecdsa.PublicKey, msg, s1, s2 []byte) (ct []byte, err error)
Encrypt encrypts a message using ECIES as specified in SEC 1, 5.1.
s1 and s2 contain shared information that is not part of the resulting ciphertext. s1 is fed into key derivation, s2 is fed into the MAC. If the shared information parameters aren't being used, they should be nil.
func (*ECIES) EncryptToCipherText ¶
func (ci *ECIES) EncryptToCipherText(rand io.Reader, pub *ecdsa.PublicKey, msg, s1, s2 []byte) (ct *CipherText, err error)
EncryptToCipherText encrypts a message using ECIES as specified in SEC 1, 5.1. Instead of bytes it returns all the parts of encrypted message.
s1 and s2 contain shared information that is not part of the resulting ciphertext. s1 is fed into key derivation, s2 is fed into the MAC. If the shared information parameters aren't being used, they should be nil.
func (*ECIES) GenerateShared ¶
GenerateShared generates shared secret keys for encryption using ECDH key agreement protocol.
func (*ECIES) MaxSharedKeyLength ¶
MaxSharedKeyLength returns the maximum length of the shared key the internal public key can produce.
func (*ECIES) PrivateKey ¶
func (ci *ECIES) PrivateKey() *ecdsa.PrivateKey
PrivateKey returns pointer to the internal private key.
type EncryptedAuthenticatedMessage ¶
EncryptedAuthenticatedMessage holds the encrypted message and HMAC
type NewCipherFun ¶
NewCipherFun is a function type that creates and returns a new cipher.Block The key argument should be the AES key, either 16, 24, or 32 bytes to select AES-128, AES-192, or AES-256.
type NewHashFun ¶
NewHashFun is a function type that returns a new hash.Hash computing the checksum.
type Params ¶
type Params struct { NewHash NewHashFun // hash function NewCipher NewCipherFun // symmetric cipher BlockSize int // block size of symmetric cipher KeyLen int // length of symmetric key // contains filtered or unexported fields }
Params holds all the parameters of selected encryption scheme
func ParamsFromCurve ¶
ParamsFromCurve selects parameters optimal for the selected elliptic curve. Only the curves P256, P384, and P512 are supported.
func (*Params) DecryptAuth ¶
func (p *Params) DecryptAuth(skm *SecretKeyringMaterial, eam *EncryptedAuthenticatedMessage, s2 []byte) (msg []byte, err error)
DecryptAuth checks encrypted message HMAC and if it's valid decrypts the message s2 contains shared information that is not part of the ciphertext, it's fed into the MAC. If the shared information parameters aren't being used, they should be nil.
func (*Params) EncryptAuth ¶
func (p *Params) EncryptAuth(rand io.Reader, skm *SecretKeyringMaterial, msg, s2 []byte) (eam *EncryptedAuthenticatedMessage, err error)
EncryptAuth encrypts message using provided secret keyring material and returns encrypted message with the HMAC s2 contains shared information that is not part of the resulting ciphertext, it's fed into the MAC. If the shared information parameters aren't being used, they should be nil.
type SecretKeyringMaterial ¶
SecretKeyringMaterial hold the encryption key and MAC key