utils

package
v1.0.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 2, 2026 License: MIT Imports: 9 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// MaxVectorLength is the maximum allowed length for vectors (e.g., SLSS secret, TDD factors).
	MaxVectorLength = 1 << 20 // 1M elements

	// MaxMatrixElements is the maximum allowed number of elements in a matrix.
	MaxMatrixElements = 1 << 24 // 16M elements

	// MaxTensorElements is the maximum allowed number of elements in a tensor.
	MaxTensorElements = 1 << 26 // 64M elements

	// MaxFactorCount is the maximum allowed number of factors (e.g., TDD rank).
	MaxFactorCount = 1000

	// MaxMessageSize is the maximum allowed message size in bytes.
	MaxMessageSize = 1 << 20 // 1MB

	// MaxPayloadLength is the maximum allowed payload length for serialized data.
	MaxPayloadLength = 1 << 28 // 256MB

	// MaxWalkLength is the maximum allowed walk length for EGRW.
	MaxWalkLength = 1 << 16 // 64K steps
)

Maximum allowed lengths for various data types to prevent DoS via large allocations.

View Source 
const (
	// MaxHashConcatInputSize prevents integer overflow and collision attacks in HashConcat.
	// Each input must be <= 100MB. This provides safe encoding while remaining reasonable.
	MaxHashConcatInputSize = 100 * 1024 * 1024
)

Variables

View Source 
var (
	// ErrOverflow indicates an integer overflow occurred.
	ErrOverflow = errors.New("integer overflow")

	// ErrExceedsLimit indicates a value exceeds the allowed limit.
	ErrExceedsLimit = errors.New("value exceeds allowed limit")

	// ErrInvalidLength indicates an invalid length value.
	ErrInvalidLength = errors.New("invalid length")
)
View Source 
var RandReader io.Reader = rand.Reader

Functions

func CheckLength added in v1.0.1 

func CheckLength(length, maxAllowed int) error

CheckLength validates that length is within [0, maxAllowed].

func CheckPositive added in v1.0.1 

func CheckPositive(value int, name string) error

CheckPositive validates that value is > 0.

func ConstantTimeEqual 

func ConstantTimeEqual(a, b []byte) bool

ConstantTimeEqual compares two byte slices in constant time. It returns true if the slices are equal, false otherwise. This function leaks only the length of the slices.

func ConstantTimeSelect 

func ConstantTimeSelect(condition int, a, b []byte) []byte

ConstantTimeSelect returns a if condition is 1, b if condition is 0. condition must be 0 or 1. a and b must have the same length.

func HashConcat 

func HashConcat(inputs ...[]byte) []byte

HashConcat computes the SHA3-256 hash of the concatenation of multiple byte slices. Each slice is prefixed with its length (4 bytes, little-endian) to ensure unique encoding. SECURITY: Validates input sizes to prevent integer overflow and hash collisions.

func HashWithDomain 

func HashWithDomain(domain string, data []byte) []byte

HashWithDomain computes a domain-separated SHA3-256 hash. It prefixes the data with the length of the domain string and the domain string itself. This prevents collisions between different uses of the hash function. Panics if domain is longer than 255 bytes.

func RandomInt 

func RandomInt(max int) (int, error)

RandomInt generates a cryptographically secure random integer in [0, max). It uses rejection sampling to ensure a uniform distribution.

func SHA3256 

func SHA3256(input []byte) []byte

SHA3256 computes the SHA3-256 cryptographic hash of the input. It returns a 32-byte hash.

func SafeMakeByteSlice added in v1.0.1 

func SafeMakeByteSlice(count, maxAllowed int) ([]byte, error)

SafeMakeByteSlice creates a byte slice with bounds checking.

func SafeMakeInt32Slice added in v1.0.1 

func SafeMakeInt32Slice(count, maxAllowed int) ([]int32, error)

SafeMakeInt32Slice creates an int32 slice with bounds checking. Returns error if count is negative, exceeds maxAllowed, or would cause overflow.

func SafeMakeIntSlice added in v1.0.1 

func SafeMakeIntSlice(count, maxAllowed int) ([]int, error)

SafeMakeIntSlice creates an int slice with bounds checking.

func SafeMultiply added in v1.0.1 

func SafeMultiply(a, b int) (int, error)

SafeMultiply multiplies two non-negative integers and returns an error if overflow occurs.

func SafeMultiply3 added in v1.0.1 

func SafeMultiply3(a, b, c int) (int, error)

SafeMultiply3 multiplies three non-negative integers and returns an error if overflow occurs.

func SafeReadLength added in v1.0.1 

func SafeReadLength(data []byte, offset, maxAllowed int) (length int, newOffset int, err error)

SafeReadLength reads a uint32 length from data at offset, validates it, and returns the value. Returns error if not enough bytes available or length exceeds maxAllowed.

func SampleGaussianVector 

func SampleGaussianVector(seed []byte, n int, sigma float64) []int32

SampleGaussianVector samples a vector of integers from a discrete Gaussian distribution. It uses the Box-Muller transform on uniform random bytes generated from a seed via SHAKE256. The result is rounded to the nearest integer.

func SampleVectorZq 

func SampleVectorZq(seed []byte, n, q int) []int32

SampleVectorZq samples a uniform random vector in Z_q^n. It uses rejection sampling on bytes generated from a seed via SHAKE256. This ensures the distribution is uniform modulo q.

func SecureRandomBytes 

func SecureRandomBytes(n int) ([]byte, error)

SecureRandomBytes generates n cryptographically secure random bytes. It uses crypto/rand, which relies on the operating system's CSPRNG.

func Shake256 

func Shake256(input []byte, outputLen int) []byte

Shake256 computes the SHAKE256 extendable output function (XOF). It takes an input byte slice and generates an output of the specified length. This is used for generating pseudo-random bytes from a seed.

func Shake256Into 

func Shake256Into(input []byte, output []byte)

Shake256Into computes SHAKE256 and writes the output into the provided buffer.

func Shake256WithDomain 

func Shake256WithDomain(domain string, data []byte, outputLen int) []byte

Shake256WithDomain computes SHAKE256 with domain separation. It works like HashWithDomain but produces an output of arbitrary length. Panics if domain is longer than 255 bytes.

func ValidateSeedEntropy 

func ValidateSeedEntropy(seed []byte) error

ValidateSeedEntropy checks if a seed has sufficient entropy. It performs basic statistical tests to reject obviously weak seeds (e.g., all zeros, sequential). This is a sanity check, not a rigorous randomness test.

func ValidateSliceAccess added in v1.0.1 

func ValidateSliceAccess(data []byte, offset, size int) error

ValidateSliceAccess checks that accessing data[offset:offset+size] is safe.

func Zeroize 

func Zeroize(b []byte)

Zeroize overwrites a byte slice with zeros. This is used to clear sensitive data from memory. Uses runtime.KeepAlive to prevent compiler optimization from eliminating the stores.

func ZeroizeInt32 

func ZeroizeInt32(s []int32)

ZeroizeInt32 overwrites an int32 slice with zeros. Uses runtime.KeepAlive to prevent compiler optimization from eliminating the stores.

func ZeroizeInt8 

func ZeroizeInt8(s []int8)

ZeroizeInt8 overwrites an int8 slice with zeros.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.