README
¶
Oracle
Oracle is a go library that provides the following cryptographic functions:
- generate key-pairs
- encrypt messages
- decrypt messages
- sign messages
- validate messages
Oracle is the basic object that can perform these functions. It also has the concept of a Peer, which is public key. Useful for validating and encrypting.
Keys are Curve25519.
Oracle also provides a binary called goracle.
Documentation
¶
Index ¶
- Constants
- Variables
- func NewPeer(seed []byte) *peer
- func PeerFromHex(hexData []byte) (*peer, error)
- func PublicKeyFromHex(hexData []byte) (*ecdh.PublicKey, error)
- type CipherText
- func (c1 *CipherText) Clone(c2 *CipherText)
- func (ct *CipherText) From(pt *PlainText)
- func (ct *CipherText) GenerateSharedSecret(randomness io.Reader) error
- func (ct *CipherText) MarshalIon() ([]byte, error)
- func (ct *CipherText) MarshalPEM() ([]byte, error)
- func (ct *CipherText) UnmarshalIon(bin []byte) error
- func (ct *CipherText) UnmarshalPEM(data []byte) error
- type Config
- type Flarg
- type Message
- type Oracle
- func (o *Oracle) AddPeer(p Peer) error
- func (o *Oracle) AsMap() map[string]string
- func (o *Oracle) AsPeer() *peer
- func (o *Oracle) Bytes() []byte
- func (o *Oracle) Compose(subject string, body []byte) *PlainText
- func (o *Oracle) Decrypt(ct *CipherText) (*PlainText, error)
- func (o *Oracle) Encrypt(pt *PlainText, recipient Peer) (*CipherText, error)
- func (o *Oracle) Export(w io.Writer) error
- func (o *Oracle) GenerateKeys(rand io.Reader) error
- func (o *Oracle) Load(r io.Reader) error
- func (o *Oracle) Nickname() string
- func (o *Oracle) Peer(nick string) (Peer, error)
- func (o *Oracle) Peers() map[string]Peer
- func (o *Oracle) PrivateEncryptionKey() *ecdh.PrivateKey
- func (o *Oracle) PrivateSigningKey() ed25519.PrivateKey
- func (o *Oracle) Public() crypto.PublicKey
- func (o *Oracle) PublicEncryptionKey() *ecdh.PublicKey
- func (o *Oracle) PublicKeyAsHex() []byte
- func (o *Oracle) PublicSigningKey() ed25519.PublicKey
- func (o *Oracle) Randomness() io.Reader
- func (o *Oracle) Sign(pt *PlainText) error
- func (o *Oracle) Verify(pt *PlainText, sender Peer) bool
- type Peer
- type PlainText
- func (pt *PlainText) CipherText() ([]byte, error)
- func (pt *PlainText) Clone(p2 *PlainText)
- func (pt *PlainText) Digest() ([]byte, error)
- func (pt *PlainText) From(ct *CipherText)
- func (pt *PlainText) MarshalIon() ([]byte, error)
- func (pt *PlainText) MarshalPEM() ([]byte, error)
- func (pt *PlainText) PlainText() ([]byte, error)
- func (pt *PlainText) Sign(randy io.Reader, priv ed25519.PrivateKey) error
- func (pt *PlainText) String() string
- func (pt *PlainText) UnmarshalIon(bin []byte) error
- func (pt *PlainText) UnmarshalPEM(data []byte) error
- func (pt *PlainText) Verify(pub ed25519.PublicKey) bool
- type Self
Constants ¶
View Source
const GLOBAL_SALT = "oracle/v1"
Variables ¶
View Source
var ( ErrNotInitialized = errors.New("oracle has not been initialized") ErrInvalidConfig = errors.New("invalid config") )
View Source
var ErrKeysAlreadyExist = errors.New("crypto keys already exists")
View Source
var ErrNoEphemeralKey = errors.New("no ephemeral key")
View Source
var UniversalNonce []byte = make([]byte, chacha20poly1305.NonceSize)
View Source
var ZeroPrivateKey *ecdh.PrivateKey = new(ecdh.PrivateKey)
Functions ¶
func PeerFromHex ¶
Types ¶
type CipherText ¶
type CipherText struct {
Type string `json:"type" ion:"type"`
Headers map[string]string `json:"headers" ion:"headers"`
AdditionalData []byte `json:"aad" ion:"aad"`
CipherTextData []byte `json:"ciphertext" ion:"ciphertext"`
Signature []byte `json:"signature" ion:"signature"`
Nonce []byte `json:"nonce" ion:"nonce"`
EphemeralPublicKey []byte `json:"ephpub" ion:"ephpub"`
// contains filtered or unexported fields
}
CipherText includes payload and metadata for receiving and decrypting
func (*CipherText) Clone ¶ added in v0.1.0
func (c1 *CipherText) Clone(c2 *CipherText)
func (*CipherText) From ¶ added in v0.1.0
func (ct *CipherText) From(pt *PlainText)
create CipherText from PlainText This does _not_ peform encryption. you must handle PlainTextData and CipherTextData fields seperately.
func (*CipherText) GenerateSharedSecret ¶ added in v0.1.0
func (ct *CipherText) GenerateSharedSecret(randomness io.Reader) error
func (*CipherText) MarshalIon ¶ added in v0.1.0
func (ct *CipherText) MarshalIon() ([]byte, error)
func (*CipherText) MarshalPEM ¶
func (ct *CipherText) MarshalPEM() ([]byte, error)
func (*CipherText) UnmarshalIon ¶ added in v0.1.0
func (ct *CipherText) UnmarshalIon(bin []byte) error
func (*CipherText) UnmarshalPEM ¶
func (ct *CipherText) UnmarshalPEM(data []byte) error
type Config ¶
type Config struct {
Self Self `toml:"self" json:"self"`
Peers []map[string]string `toml:"peer" json:"peer"`
}
var ZeroConf Config
type Flarg ¶ added in v0.1.2
type Flarg struct {
Subcommand string
ConfigFile *os.File
Format string
InputStream io.Reader
OutputStream io.Writer
}
Flarg represents all the args and flags after normalization and validation
var NoFlarg Flarg
The NoFlarg Flarg is used in error conditions
type Message ¶ added in v0.1.0
type Message interface {
Digest() ([]byte, error)
//Validate() error
Sign(io.Reader, ed25519.PrivateKey)
Verify(ed25519.PublicKey) bool
Encrypt(io.Reader, ed25519.PublicKey) (*CipherText, error)
Decrypt(ed25519.PrivateKey) (*PlainText, error)
PlainText() ([]byte, error)
CipherText() ([]byte, error)
}
type Oracle ¶
type Oracle struct {
EncryptionPublicKey *ecdh.PublicKey
SigningPublicKey ed25519.PublicKey
// contains filtered or unexported fields
}
func (*Oracle) AddPeer ¶
Make an Oracle aware of a Peer, so it can encrypt messages or validate signatures
func (*Oracle) AsPeer ¶
func (o *Oracle) AsPeer() *peer
Export the Oracle as a Peer, ensuring only public information is exported
func (*Oracle) Decrypt ¶
func (o *Oracle) Decrypt(ct *CipherText) (*PlainText, error)
decrypt CipherText, returning PlainText
func (*Oracle) Encrypt ¶
func (o *Oracle) Encrypt(pt *PlainText, recipient Peer) (*CipherText, error)
encrypt PlaintText, returning CipherText
func (*Oracle) Export ¶
write an Oracle as a Config to an io.Writer @warning: includes Private key. This should be considered secret
func (*Oracle) Nickname ¶
an easy way to uniquely identify a Peer. Nickname is derived from PublicKey collisions are technically possible
func (*Oracle) PrivateEncryptionKey ¶ added in v0.1.2
func (o *Oracle) PrivateEncryptionKey() *ecdh.PrivateKey
func (*Oracle) PrivateSigningKey ¶ added in v0.1.2
func (o *Oracle) PrivateSigningKey() ed25519.PrivateKey
func (*Oracle) PublicEncryptionKey ¶ added in v0.1.2
func (*Oracle) PublicKeyAsHex ¶
func (*Oracle) PublicSigningKey ¶ added in v0.1.2
func (*Oracle) Randomness ¶ added in v0.1.2
type Peer ¶
type Peer interface {
crypto.PublicKey
encoding.BinaryMarshaler
encoding.BinaryUnmarshaler
json.Marshaler
json.Unmarshaler
//toml.Marshaler
//toml.Unmarshaler
MarshalHex() ([]byte, error)
UnmarshalHex(data []byte) error
Bytes() []byte
Public() crypto.PublicKey // returns signing key
SigningKey() ed25519.PublicKey
EncryptionKey() *ecdh.PublicKey
Nickname() string
AsMap() map[string]string
}
type PlainText ¶
type PlainText struct {
Type string `json:"type" ion:"type"`
Headers map[string]string `json:"headers" ion:"headers"`
AdditionalData []byte `json:"aad" ion:"aad"`
PlainTextData []byte `json:"plaintext" ion:"plaintext"`
Signature []byte `json:"signature" ion:"signature"`
Nonce []byte `json:"nonce" ion:"nonce"`
EphemeralPublicKey []byte `json:"ephpub" ion:"ephpub"`
// contains filtered or unexported fields
}
PlainText includes payload and metadata for encrypting and sending
func (*PlainText) CipherText ¶ added in v0.1.0
func (*PlainText) From ¶ added in v0.1.0
func (pt *PlainText) From(ct *CipherText)
func (*PlainText) MarshalIon ¶ added in v0.1.0
func (*PlainText) MarshalPEM ¶ added in v0.1.0
func (*PlainText) UnmarshalIon ¶ added in v0.1.0
func (*PlainText) UnmarshalPEM ¶ added in v0.1.0
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.