Affected by 
README
¶
server/cryptography
Overview
Server-side cryptographic helpers and key management. Implements signing, encryption, and key derivation utilities. Key routines cover cryptography test within the cryptography subsystem.
Go Files
cryptography.go– Provides server-side crypto primitives and helpers.cryptography_test.go(tests) – Tests crypto helper correctness.
Documentation
¶
Index ¶
- Variables
- func AgeDecrypt(recipientPrivateKey string, ciphertext []byte) ([]byte, error)
- func AgeEncrypt(recipientPublicKey string, plaintext []byte) ([]byte, error)
- func AgeKeyExFromImplant(serverPrivateKey string, implantPrivateKey string, ciphertext []byte) ([]byte, error)
- func Decrypt(key [chacha20poly1305.KeySize]byte, ciphertext []byte) ([]byte, error)
- func Encrypt(key [chacha20poly1305.KeySize]byte, plaintext []byte) ([]byte, error)
- func KeyFromBytes(data []byte) ([chacha20poly1305.KeySize]byte, error)
- func MinisignServerPrivateKey() *minisign.PrivateKey
- func MinisignServerPublicKey() string
- func MinisignServerSign(message []byte) string
- func RandomSymmetricKey() [chacha20poly1305.KeySize]byte
- type AgeKeyPair
- type CipherContext
Constants ¶
This section is empty.
Variables ¶
Functions ¶
func AgeDecrypt ¶ added in v1.5.40
AgeDecrypt - Decrypt using Curve 25519 + ChaCha20Poly1305
func AgeEncrypt ¶ added in v1.5.40
AgeEncrypt - Encrypt using Nacl Box
func AgeKeyExFromImplant ¶ added in v1.5.40
func AgeKeyExFromImplant(serverPrivateKey string, implantPrivateKey string, ciphertext []byte) ([]byte, error)
AgeKeyPairFromImplant - Decrypt the session key from an implant
func Decrypt ¶ added in v1.5.0
Decrypt - Decrypt using chacha20poly1305 https://pkg.go.dev/golang.org/x/crypto/chacha20poly1305
func Encrypt ¶ added in v1.5.0
Encrypt - Encrypt using chacha20poly1305 https://pkg.go.dev/golang.org/x/crypto/chacha20poly1305
func KeyFromBytes ¶ added in v1.5.0
func KeyFromBytes(data []byte) ([chacha20poly1305.KeySize]byte, error)
KeyFromBytes - Convert to fixed length buffer
func MinisignServerPrivateKey ¶ added in v1.5.0
func MinisignServerPrivateKey() *minisign.PrivateKey
MinisignServerPrivateKey - Get the server's minisign key pair
func MinisignServerPublicKey ¶ added in v1.5.0
func MinisignServerPublicKey() string
MinisignServerPublicKey - Get the server's minisign public key string
func MinisignServerSign ¶ added in v1.5.0
MinisignServerSign - Sign a message with the server's minisign private key
func RandomSymmetricKey ¶ added in v1.6.0
func RandomSymmetricKey() [chacha20poly1305.KeySize]byte
RandomSymmetricKey - Generate random ID of randomIDSize bytes
Types ¶
type AgeKeyPair ¶ added in v1.5.40
AgeKeyPair - Holds the public/private key pair
func AgeServerKeyPair ¶ added in v1.6.0
func AgeServerKeyPair() *AgeKeyPair
AgeServerKeyPair - Get teh server's ECC key pair
func RandomAgeKeyPair ¶ added in v1.5.40
func RandomAgeKeyPair() (*AgeKeyPair, error)
RandomAgeKeyPair - Generate a random Curve 25519 key pair
func (*AgeKeyPair) PrivateKey ¶ added in v1.5.40
func (e *AgeKeyPair) PrivateKey() string
PrivateBase64 - Base64 encoded private key
func (*AgeKeyPair) PublicKey ¶ added in v1.5.40
func (e *AgeKeyPair) PublicKey() *age.X25519Recipient
PublicKey - Return the parsed public key
type CipherContext ¶ added in v1.5.0
type CipherContext struct {
Key [chacha20poly1305.KeySize]byte
// contains filtered or unexported fields
}
CipherContext - Tracks a series of messages encrypted under the same key and detects/prevents replay attacks.
func NewCipherContext ¶ added in v1.5.0
func NewCipherContext(key [chacha20poly1305.KeySize]byte) *CipherContext
NewCipherContext - Wrapper around creating a cipher context from a key
Source Files