ecies

package module
v0.0.0-...-c83b947 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 24, 2017 License: BSD-3-Clause Imports: 14 Imported by: 0

README

smartbox-ecies-go

A go implementation of ECIES with support for stream and AEAD symmetric encryption

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrImport                     = fmt.Errorf("ecies: failed to import key")
	ErrInvalidCurve               = fmt.Errorf("ecies: invalid elliptic curve")
	ErrInvalidParams              = fmt.Errorf("ecies: invalid ECIES parameters")
	ErrInvalidPublicKey           = fmt.Errorf("ecies: invalid public key")
	ErrSharedKeyIsPointAtInfinity = fmt.Errorf("ecies: shared key is point at infinity")
	ErrSharedKeyTooBig            = fmt.Errorf("ecies: shared key params are too big")
)
View Source 
var (
	ErrKeyDataTooLong = fmt.Errorf("ecies: can't supply requested key data")
	ErrSharedTooLong  = fmt.Errorf("ecies: shared secret is too long")
	ErrInvalidMessage = fmt.Errorf("ecies: invalid message")
)
View Source 
var (
	ErrUnsupportedECDHAlgorithm   = fmt.Errorf("ecies: unsupported ECDH algorithm")
	ErrUnsupportedECIESParameters = fmt.Errorf("ecies: unsupported ECIES parameters")
)
View Source 
var (
	ECIES_AES128_SHA256 = &ECIESParams{
		Hash:                sha256.New,
		HashAlgo:            crypto.SHA256,
		Cipher:              aes.NewCipher,
		BlockSize:           aes.BlockSize,
		KeyLen:              32,
		SymmetricCipherMode: GCMCipherMode,
	}

	ECIES_AES256_SHA256 = &ECIESParams{
		Hash:                sha256.New,
		HashAlgo:            crypto.SHA256,
		Cipher:              aes.NewCipher,
		BlockSize:           aes.BlockSize,
		KeyLen:              32,
		SymmetricCipherMode: GCMCipherMode,
	}

	ECIES_AES256_SHA384 = &ECIESParams{
		Hash:                sha512.New384,
		HashAlgo:            crypto.SHA384,
		Cipher:              aes.NewCipher,
		BlockSize:           aes.BlockSize,
		KeyLen:              32,
		SymmetricCipherMode: GCMCipherMode,
	}

	ECIES_AES256_SHA512 = &ECIESParams{
		Hash:                sha512.New,
		HashAlgo:            crypto.SHA512,
		Cipher:              aes.NewCipher,
		BlockSize:           aes.BlockSize,
		KeyLen:              32,
		SymmetricCipherMode: GCMCipherMode,
	}
)
View Source 
var (
	CTRCipherMode = SymmetricCipherMode{
		Encryptor: CTREncrypt,
		Decryptor: CTRDecrypt,
	}
	CFBCipherMode = SymmetricCipherMode{
		Encryptor: CFBEncrypt,
		Decryptor: CFBDecrypt,
	}
)
View Source 
var CBCCipherMode = SymmetricCipherMode{
	Encryptor: CBCEncrypt,
	Decryptor: CBCDecrypt,
}
View Source 
var GCMCipherMode = SymmetricCipherMode{
	Encryptor: GCMEncrypt,
	Decryptor: GCMDecrypt,
}

Functions

func AddParamsForCurve 

func AddParamsForCurve(curve elliptic.Curve, params *ECIESParams)

func CBCDecrypt 

func CBCDecrypt(rand io.Reader, params *ECIESParams, key, ciphertext, authenticationData []byte) ([]byte, error)

CBCDecrypt performs Cipher Block Chaining (CBC) decryption using the block cipher specified in the parameters

func CBCEncrypt 

func CBCEncrypt(rand io.Reader, params *ECIESParams, key, plaintext, authenticationData []byte) ([]byte, error)

CBCEncrypt performs Cipher Block Chaining (CBC) encryption using the block cipher specified in the parameters

func CFBDecrypt 

func CFBDecrypt(rand io.Reader, params *ECIESParams, key, ciphertext, authenticationData []byte) ([]byte, error)

CFBDecrypt performs Cipher Feedback (CFB) decryption using the block cipher specified in the parameters

func CFBEncrypt 

func CFBEncrypt(rand io.Reader, params *ECIESParams, key, plaintext, authenticationData []byte) ([]byte, error)

CFBEncrypt performs Cipher Feedback (CFB) encryption using the block cipher specified in the parameters

func CTRDecrypt 

func CTRDecrypt(rand io.Reader, params *ECIESParams, key, ciphertext, authenticationData []byte) ([]byte, error)

CTRDecrypt carries out CTR decryption using the block cipher specified in the parameters

func CTREncrypt 

func CTREncrypt(rand io.Reader, params *ECIESParams, key, plaintext, authenticationData []byte) ([]byte, error)

CTREncrypt carries out CTR encryption using the block cipher specified in the parameters.

func ConcatKDF 

func ConcatKDF(hash hash.Hash, sharedSecret, sharedInformation1 []byte, derivedKeyLength int) (derivedKey []byte, err error)

ConcatKDF derives a symmetric key from a shared secret using a concatenation key derivation function using the `hash` hashing algorithm as the base and continuing until at least `derivedKeyLength` bytes is available See NIST SP 800-56 Concatenation Key Derivation Function (see section 5.8.1).

func Encrypt 

func Encrypt(rand io.Reader, pub *PublicKey, plaintext, sharedInformation1, sharedInformation2 []byte) (ciphertext []byte, err error)

Encrypt encrypts a message using ECIES as specified in SEC 1, 5.1.

sharedInformation1 and sharedInformation2 contain shared information that is not part of the resulting ciphertext. sharedInformation1 is fed into key derivation, sharedInformation2 is fed into the MAC. If the shared information parameters aren't being used, they should be nil.

func EncryptAEAD 

func EncryptAEAD(rand io.Reader, pub *PublicKey, plaintext []byte) (ciphertext []byte, err error)

Galois/Counter Mode is an AEAD (authenticated cipher) - i.e. it is already authenticated and does not require additional tagging to protect the message integrity

func GCMDecrypt 

func GCMDecrypt(rand io.Reader, params *ECIESParams, key, ciphertext, authenticationData []byte) (plaintext []byte, err error)

GCMDecrypt performs Galois/Counter Mode decryption using the block cipher specified in the parameters

func GCMEncrypt 

func GCMEncrypt(rand io.Reader, params *ECIESParams, key, plaintext, authenticationData []byte) (ciphertext []byte, err error)

GCMEncrypt performs Galois/Counter Mode encryption using the block cipher specified in the parameters

func GenerateIV 

func GenerateIV(length int, rand io.Reader) (iv []byte, err error)

Generate an initialisation vector for CTR mode.

func MaxSharedKeyLength 

func MaxSharedKeyLength(pub *PublicKey) int

MaxSharedKeyLength returns the maximum length of the shared key the public key can produce.

func MessageTag 

func MessageTag(hash func() hash.Hash, key, msg, shared []byte) []byte

MessageTag computes the MAC of a message (called the tag) as per SEC 1, 3.5.

func SymmetricBlockModeDecrypt 

func SymmetricBlockModeDecrypt(str func(cipher.Block, []byte) cipher.BlockMode, blockCipher cipher.Block, iv []byte, key, ciphertext []byte) []byte

Performs sysmmetric decryption using the specified block cipher

func SymmetricBlockModeEncrypt 

func SymmetricBlockModeEncrypt(str func(cipher.Block, []byte) cipher.BlockMode, blockCipher cipher.Block, iv []byte, key, plaintext []byte) (ciphertext []byte)

Performs sysmmetric encrypion using the specified block cipher

func SymmetricDecrypt 

func SymmetricDecrypt(rand io.Reader, params *ECIESParams, key, ciphertext, authenticationData []byte) ([]byte, error)

SymmetricDecrypt decrypts the `ciphertext` bytes with a symmetric cipher specified by `params` using key `key` and optionally authenticates the message with `authenticationData` (for AEAD ciphers (GCM) only)

func SymmetricEncrypt 

func SymmetricEncrypt(rand io.Reader, params *ECIESParams, key, plaintext, authenticationData []byte) ([]byte, error)

SymmetricEncrypt encrypts the `plaintext` bytes with a symmetric cipher specified by `params` using key `key` and optionally authenticates the message with `authenticationData` (for AEAD ciphers (GCM) only)

func SymmetricStreamDecrypt 

func SymmetricStreamDecrypt(str func(cipher.Block, []byte) cipher.Stream, blockCipher cipher.Block, iv []byte, key, ciphertext []byte) (plaintext []byte)

Performs sysmmetric decryption using the specified stream cipher

func SymmetricStreamEncrypt 

func SymmetricStreamEncrypt(str func(cipher.Block, []byte) cipher.Stream, blockCipher cipher.Block, iv []byte, key, plaintext []byte) (ciphertext []byte)

Performs sysmmetric encrypion using the specified stream cipher

Types

type ECIESParams 

type ECIESParams struct {
	Hash                func() hash.Hash // hash function
	HashAlgo            crypto.Hash
	Cipher              func([]byte) (cipher.Block, error) // symmetric cipher
	BlockSize           int                                // block size of symmetric cipher
	KeyLen              int                                // length of symmetric key
	SymmetricCipherMode SymmetricCipherMode
}

func ParamsFromCurve 

func ParamsFromCurve(curve elliptic.Curve) (params *ECIESParams)

ParamsFromCurve selects parameters optimal for the selected elliptic curve. Only the curves P256, P384, and P512 are supported.

type PrivateKey 

type PrivateKey struct {
	PublicKey
	D *big.Int
}

PrivateKey is a representation of an elliptic curve private key.

func GenerateKey 

func GenerateKey(rand io.Reader, curve elliptic.Curve, params *ECIESParams) (prv *PrivateKey, err error)

Generate an elliptic curve public / private keypair. If params is nil, the recommended default parameters for the key will be chosen.

func ImportECDSA 

func ImportECDSA(prv *ecdsa.PrivateKey) *PrivateKey

Import an ECDSA private key as an ECIES private key.

func (*PrivateKey) Decrypt 

func (privateKey *PrivateKey) Decrypt(rand io.Reader, ciphertext, sharedInformation1, sharedInformation2 []byte) (plaintext []byte, err error)

Decrypt decrypts an ECIES ciphertext.

func (*PrivateKey) DecryptAEAD 

func (privateKey *PrivateKey) DecryptAEAD(rand io.Reader, ciphertext []byte) (plaintext []byte, err error)

Decryption in AEAD mode (w/o message tag)

func (*PrivateKey) ExportECDSA 

func (prv *PrivateKey) ExportECDSA() *ecdsa.PrivateKey

Export an ECIES private key as an ECDSA private key.

func (*PrivateKey) GenerateShared 

func (prv *PrivateKey) GenerateShared(pub *PublicKey, keyLength int) (sk []byte, err error)

ECDH key agreement method used to establish secret keys for encryption.

type PublicKey 

type PublicKey struct {
	X *big.Int
	Y *big.Int
	elliptic.Curve
	Params *ECIESParams
}

PublicKey is a representation of an elliptic curve public key.

func ImportECDSAPublic 

func ImportECDSAPublic(pub *ecdsa.PublicKey) *PublicKey

Import an ECDSA public key as an ECIES public key.

func (*PublicKey) ExportECDSA 

func (pub *PublicKey) ExportECDSA() *ecdsa.PublicKey

Export an ECIES public key as an ECDSA public key.

type SymmetricCipherMode 

type SymmetricCipherMode struct {
	Encryptor func(io.Reader, *ECIESParams, []byte, []byte, []byte) ([]byte, error)
	Decryptor func(io.Reader, *ECIESParams, []byte, []byte, []byte) ([]byte, error)
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.