crypto

package
v0.2.0-alpha Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 12, 2025 License: Apache-2.0 Imports: 16 Imported by: 0

README

crypto

crypto is the cryptographic package adapted for Tendermint's uses

Importing it

To get the interfaces, import "github.com/tendermint/tendermint/crypto"

For any specific algorithm, use its specific module e.g. import "github.com/tendermint/tendermint/crypto/ed25519"

Binary encoding

For Binary encoding, please refer to the Tendermint encoding specification.

JSON Encoding

JSON encoding is done using tendermint's internal json encoder. For more information on JSON encoding, please refer to Tendermint JSON encoding

Example JSON encodings:

ed25519.PrivKey     - {"type":"tendermint/PrivKeyEd25519","value":"EVkqJO/jIXp3rkASXfh9YnyToYXRXhBr6g9cQVxPFnQBP/5povV4HTjvsy530kybxKHwEi85iU8YL0qQhSYVoQ=="}
ed25519.PubKey      - {"type":"tendermint/PubKeyEd25519","value":"AT/+aaL1eB0477Mud9JMm8Sh8BIvOYlPGC9KkIUmFaE="}
sr25519.PrivKeySr25519   - {"type":"tendermint/PrivKeySr25519","value":"xtYVH8UCIqfrY8FIFc0QEpAEBShSG4NT0zlEOVSZ2w4="}
sr25519.PubKeySr25519    - {"type":"tendermint/PubKeySr25519","value":"8sKBLKQ/OoXMcAJVxBqz1U7TyxRFQ5cmliuHy4MrF0s="}
crypto.PrivKeySecp256k1   - {"type":"tendermint/PrivKeySecp256k1","value":"zx4Pnh67N+g2V+5vZbQzEyRerX9c4ccNZOVzM9RvJ0Y="}
crypto.PubKeySecp256k1    - {"type":"tendermint/PubKeySecp256k1","value":"A8lPKJXcNl5VHt1FK8a244K9EJuS4WX1hFBnwisi0IJx"}

Documentation

Index

Examples

Constants

View Source 
const (
	// AddressSize is the size of a pubkey address.
	AddressSize = tmhash.TruncatedSize
)
View Source 
const Version = "0.9.0-dev"

Variables

View Source 
var (
	ErrInvalidPrivateKey = errors.New("invalid private key")
	ErrInvalidPublicKey  = errors.New("invalid public key")
	ErrInvalidMessage    = errors.New("invalid message")
	ErrInvalidSignature  = errors.New("invalid signature")
)

Functions

func CRandBytes 

func CRandBytes(numBytes int) []byte

This only uses the OS's randomness

func CRandHex 

func CRandHex(numDigits int) string

CRandHex returns a hex encoded string that's floor(numDigits/2) * 2 long.

Note: CRandHex(24) gives 96 bits of randomness that are usually strong enough for most purposes.

func CReader 

func CReader() io.Reader

Returns a crand.Reader.

func GenerateKeyPair 

func GenerateKeyPair() (PublicKey, PrivateKey, error)

GenerateKeyPair generates a Kyber768 key pair (NIST PQC Standardized)

func QuantumResistantSign 

func QuantumResistantSign(privateKey PrivateKey, message []byte) ([]byte, error)

QuantumResistantSign signs a message using Dilithium Mode 3

func SaveKeyPairToFile 

func SaveKeyPairToFile(filename string, keypair KeyPair, password []byte) error

Encrypts and saves the keypair to a file

func SaveKeyPairToGCPKMS 

func SaveKeyPairToGCPKMS(ctx context.Context, filename string, keypair KeyPair, kmsKeyResource string, credsFile string) error

SaveKeyPairToGCPKMS encrypts and saves the keypair using GCP KMS

func Sha256 

func Sha256(bytes []byte) []byte
Example 
package main

import (
	"fmt"

	"github.com/fluentum-chain/fluentum/crypto"
)

func main() {
	sum := crypto.Sha256([]byte("This is Tendermint"))
	fmt.Printf("%x\n", sum)
}

Output:

f91afb642f3d1c87c17eb01aae5cb65c242dfdbe7cf1066cc260f4ce5d33b94e

func VerifyQuantumSig 

func VerifyQuantumSig(publicKey PublicKey, message []byte, signature []byte) bool

VerifyQuantumSig verifies a Dilithium Mode 3 signature

Types

type Address 

type Address = bytes.HexBytes

An address is a []byte, but hex-encoded even in JSON. []byte leaves us the option to change the address length. Use an alias so Unmarshal methods (with ptr receivers) are available too.

func AddressHash 

func AddressHash(bz []byte) Address

type DilithiumPubKey 

type DilithiumPubKey struct {
	Key []byte
}

DilithiumPubKey represents a quantum-resistant public key for consensus.

func (DilithiumPubKey) VerifySignature 

func (pk DilithiumPubKey) VerifySignature(msg []byte, sig []byte) bool

VerifySignature verifies a Dilithium signature for the given message.

type KeyPair 

type KeyPair struct {
	PublicKey  []byte
	PrivateKey []byte
}

KeyPair holds both public and private keys

func LoadKeyPairFromFile 

func LoadKeyPairFromFile(filename string, password []byte) (KeyPair, error)

Loads and decrypts the keypair from a file

func LoadKeyPairFromGCPKMS 

func LoadKeyPairFromGCPKMS(ctx context.Context, filename string, kmsKeyResource string, credsFile string) (KeyPair, error)

LoadKeyPairFromGCPKMS decrypts and loads the keypair using GCP KMS

type PrivKey 

type PrivKey interface {
	Bytes() []byte
	Sign(msg []byte) ([]byte, error)
	PubKey() PubKey
	Equals(PrivKey) bool
	Type() string
}

type PrivateKey 

type PrivateKey = []byte

type PubKey 

type PubKey interface {
	Address() Address
	Bytes() []byte
	VerifySignature(msg []byte, sig []byte) bool
	Equals(PubKey) bool
	Type() string
}

type PublicKey 

type PublicKey = []byte

Kyber key types

type Symmetric 

type Symmetric interface {
	Keygen() []byte
	Encrypt(plaintext []byte, secret []byte) (ciphertext []byte)
	Decrypt(ciphertext []byte, secret []byte) (plaintext []byte, err error)
}

Source Files

View all Source files

Directories

Path Synopsis
internal
benchmarking
Package merkle computes a deterministic minimal height Merkle tree hash.
 Package merkle computes a deterministic minimal height Merkle tree hash.
Package xchacha20poly1305 creates an AEAD using hchacha, chacha, and poly1305 This allows for randomized nonces to be used in conjunction with chacha.
 Package xchacha20poly1305 creates an AEAD using hchacha, chacha, and poly1305 This allows for randomized nonces to be used in conjunction with chacha.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.