diffie_hellman_exchange

package module

v0.0.0-...-5a2899c Latest Latest Go to latest Published: Dec 28, 2021 License: Apache-2.0 Imports: 9 Imported by: 0

README ¶

Diffie Hellman Exchange

A simple but fastidious attempt to write a diffie-hellman key exchange utility that could be used as transport upgraders in distributed systems.

If you are trying to use this in a traditional n tier computing environment, you are crazy and use well tested default secure channels that are available with every library on the face of earth.

All the keys are Serializable allowing you to transport them as you wish. Transport is out of scope for this project.

Id reconciliation

This handshake creates a new Elliptic curve key(based on the curve you specify). If you want to use this with some other systems with different identity mechanisms,

You may want to add a signature whenever you are transferring this public key. Use your default curve to add a sign to the public key you would be transferring.

Wire support

Usually only Public keys are transferred, so the library provides marshal and unmarshal support for them.

Symmetric Encryption - AES GCM

After a common secret key is agreed upon, the lib also provides some AES utils for encrypting and decrypting any random content you want.

Usage

Refer the tests for usage. You may also want to refer the interface for clarity on the methods supported.

Documentation ¶

Index ¶

Variables
type AESDecrypter
- func NewAESDecrypter(secret []byte) *AESDecrypter
- func (ad *AESDecrypter) Decrypt(cipherText []byte) ([]byte, error)
type AESEncrypter
- func NewAESEncrypter(secret []byte) *AESEncrypter
- func (ae *AESEncrypter) Encrypt(content []byte) ([]byte, error)
- func (ae *AESEncrypter) GetDecrypter() SymmetricDecrypter
type DHExchanger
- func NewEllipticCurveExchanger(c elliptic.Curve) (DHExchanger, error)
type EllipticCurve
type Point
type SymmetricDecrypter
type SymmetricEncrypter

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrInvalidPrivateKey           = errors.New("invalid private key")
	ErrInvalidPublicKey            = errors.New("invalid public key")
	ErrInvalidCurve                = errors.New("invalid elliptic curve")
	ErrPrivateKeyCurveIncompatible = errors.New("private key curve incompatible")
)

View Source

var (
	ErrMalformedCipherText = errors.New("malformed cipher text") // Error when cipher text is malformed
)

Functions ¶

This section is empty.

Types ¶

type AESDecrypter ¶

type AESDecrypter struct {
	SecretKey []byte
}

AESDecrypter is a type that does AES GCM Decryption.

func NewAESDecrypter ¶

func NewAESDecrypter(secret []byte) *AESDecrypter

NewAESDecrypter returns a new AESDecrypter

func (*AESDecrypter) Decrypt ¶

func (ad *AESDecrypter) Decrypt(cipherText []byte) ([]byte, error)

type AESEncrypter ¶

type AESEncrypter struct {
	SecretKey []byte
	Decrypter SymmetricDecrypter
}

AESEncrypter is a type that does AES GCM Encryption.

func NewAESEncrypter ¶

func NewAESEncrypter(secret []byte) *AESEncrypter

NewAESEncrypter returns a new AESEncrypter

func (*AESEncrypter) Encrypt ¶

func (ae *AESEncrypter) Encrypt(content []byte) ([]byte, error)

Encrypt just encrypts the content.

func (*AESEncrypter) GetDecrypter ¶

func (ae *AESEncrypter) GetDecrypter() SymmetricDecrypter

GetDecrypter returns a SymmetricDecrypter pertinent to the Encryption algorithm used.

type DHExchanger ¶

type DHExchanger interface {

	// NewRandomKeyPair generates a new key pair for use.
	NewRandomKeyPair() (crypto.PrivateKey, crypto.PublicKey, error)

	// MarshalPublic encodes the key to byte array suitable for transport.
	MarshalPublic(key crypto.PublicKey) ([]byte, error)

	// UnMarshalPublic just assembles back your Marshalled public key
	UnMarshalPublic([]byte) (crypto.PublicKey, error)

	// AgreeOnSecret agrees on a common secret between the transacting parties.
	AgreeOnSecret(selfPrivate crypto.PrivateKey, otherPublic crypto.PublicKey) ([]byte, error)

	// GetEncrypter returns the SymmetricEncrypter which could be used for encrypting and decrypting
	// custom application level messages.
	GetEncrypter(agreedKey []byte) SymmetricEncrypter

	// PublicKey is derived from the given private key.
	PublicKey(private crypto.PrivateKey) (crypto.PublicKey, error)

	// Check checks whether the given public key is on the elliptic curve.
	Check(peersPublic crypto.PublicKey) (err error)
}

DHExchanger is a wrapper of sorts that gives us all the functionality required for a diffie-hellman key agreement.

func NewEllipticCurveExchanger ¶

func NewEllipticCurveExchanger(c elliptic.Curve) (DHExchanger, error)

NewEllipticCurveExchanger creates a new DHExchanger with generic elliptic.Curve implementations.

type EllipticCurve ¶

type EllipticCurve struct {
	// contains filtered or unexported fields
}

func (*EllipticCurve) AgreeOnSecret ¶

func (ec *EllipticCurve) AgreeOnSecret(selfPrivate crypto.PrivateKey, otherPublic crypto.PublicKey) ([]byte, error)

AgreeOnSecret agrees on a common secret between the transacting parties.

func (*EllipticCurve) Check ¶

func (ec *EllipticCurve) Check(peersPublic crypto.PublicKey) (err error)

Check checks whether the given public key is on the elliptic curve.

func (*EllipticCurve) GetEncrypter ¶

func (ec *EllipticCurve) GetEncrypter(agreedKey []byte) SymmetricEncrypter

GetEncrypter returns the SymmetricEncrypter which could be used for encrypting and decrypting custom application level messages.

func (*EllipticCurve) MarshalPublic ¶

func (ec *EllipticCurve) MarshalPublic(key crypto.PublicKey) ([]byte, error)

MarshalPublic encodes the key to byte array suitable for transport.

func (*EllipticCurve) NewRandomKeyPair ¶

func (ec *EllipticCurve) NewRandomKeyPair() (crypto.PrivateKey, crypto.PublicKey, error)

NewRandomKeyPair generates a new key pair for use.

func (*EllipticCurve) PublicKey ¶

func (ec *EllipticCurve) PublicKey(private crypto.PrivateKey) (crypto.PublicKey, error)

PublicKey is derived from the given private key.

func (*EllipticCurve) UnMarshalPublic ¶

func (ec *EllipticCurve) UnMarshalPublic(b []byte) (crypto.PublicKey, error)

UnMarshalPublic just assembles back your Marshalled public key

type Point ¶

type Point struct {
	X, Y *big.Int
}

Point represents a generic elliptic curve Point with a X and a Y coordinate.

type SymmetricDecrypter ¶

type SymmetricDecrypter interface {
	// Decrypt just decrypts the encrypted chunk
	Decrypt(encryptedContent []byte) ([]byte, error)
}

SymmetricDecrypter is a type that should be implemented by all "Symmetric" curves and algorithms.

type SymmetricEncrypter ¶

type SymmetricEncrypter interface {
	// Encrypt just encrypts the content.
	Encrypt(content []byte) ([]byte, error)

	// GetDecrypter returns a SymmetricDecrypter pertinent to the
	// Encryption algorithm used.
	GetDecrypter() SymmetricDecrypter
}

SymmetricEncrypter is a type that should be implemented by all "Symmetric" curves and algorithms. Since the Decryption process is dependent on type of encryption, SymmetricEncrypter should return a SymmetricDecrypter on demand.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL