composite

package

v0.1.4 Latest Latest Go to latest Published: Aug 31, 2020 License: Apache-2.0 Imports: 20 Imported by: 3

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/hyperledger/aries-framework-go

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func GetCurveType(curve string) (commonpb.EllipticCurveType, error)
func GetKeyType(keyType string) (compositepb.KeyType, error)
type EncryptedData
type EncrypterHelper
type PublicKey
type RecipientWrappedKey
type RegisterCompositeAEADEncHelper
- func NewRegisterCompositeAEADEncHelper(k *tinkpb.KeyTemplate) (*RegisterCompositeAEADEncHelper, error)

Constants ¶

View Source

const (
	// A256GCM is the default content encryption algorithm value as per
	// the JWA specification: https://tools.ietf.org/html/rfc7518#section-5.1
	A256GCM = "A256GCM"
	// DIDCommEncType representing the JWE 'Typ' protected type header
	DIDCommEncType = "didcomm-envelope-enc"
)

View Source

const (
	// AESGCMTypeURL for AESGCM content encryption URL identifier.
	AESGCMTypeURL = "type.googleapis.com/google.crypto.tink.AesGcmKey"
	// ChaCha20Poly1305TypeURL for Chacha20Poly1305 content encryption URL identifier.
	ChaCha20Poly1305TypeURL = "type.googleapis.com/google.crypto.tink.ChaCha20Poly1305Key"
	// XChaCha20Poly1305TypeURL for XChachaPoly1305 content encryption URL identifier.
	XChaCha20Poly1305TypeURL = "type.googleapis.com/google.crypto.tink.XChaCha20Poly1305Key"
)

Variables ¶

This section is empty.

Functions ¶

func GetCurveType ¶

func GetCurveType(curve string) (commonpb.EllipticCurveType, error)

GetCurveType is a utility function that converts a string EC curve name into an EC curve proto type.

func GetKeyType ¶

func GetKeyType(keyType string) (compositepb.KeyType, error)

GetKeyType is a utility function that converts a string type value into an proto KeyType.

Types ¶

type EncryptedData ¶

type EncryptedData struct {
	EncAlg     string                 `json:"encalg,omitempty"`
	EncType    string                 `json:"enctype,omitempty"`
	Ciphertext []byte                 `json:"ciphertext,omitempty"`
	IV         []byte                 `json:"iv,omitempty"`
	Tag        []byte                 `json:"tag,omitempty"`
	Recipients []*RecipientWrappedKey `json:"recipients,omitempty"`
	// SingleRecipientAAD is the result of an AAD update using a single recipient JWE envelope with recipient headers.
	// The JWE encrypter in this framework rebuilds this AAD value when building/parsing the JWE envelope. It does not
	// use this field. It is added here to provide access to the updated AAD for single recipient encryption use by
	// external users of this crypto primitive.
	SingleRecipientAAD []byte `json:"singlerecipientaad,omitempty"`
}

EncryptedData represents the Encryption's output data as a result of ECDHESEncrypt.Encrypt(pt, aad) call The user of the primitive must unmarshal the result and build their own ECDH-ES compliant message (ie JWE msg).

type EncrypterHelper ¶

type EncrypterHelper interface {
	// GetSymmetricKeySize gives the size of the Encryption key (CEK) in bytes
	GetSymmetricKeySize() int

	// GetAEAD returns the newly created AEAD primitive used for the content Encryption
	GetAEAD(symmetricKeyValue []byte) (tink.AEAD, error)

	// GetTagSize provides the aead primitive tag size
	GetTagSize() int

	// GetIVSize provides the aead primitive nonce size
	GetIVSize() int

	// BuildEncData will build the []byte representing the ciphertext sent to the end user as a result of the Composite
	// Encryption primitive execution
	BuildEncData(eAlg, eTyp string, recipientsWK []*RecipientWrappedKey, ct, singleRecipientAAD []byte) ([]byte, error)

	// MergeSingleRecipientHeaders for single recipient encryption, recipient header info is available in the key, this
	// function will update AAD with this info and return the marshalled merged result
	MergeSingleRecipientHeaders(recipientWK *RecipientWrappedKey, aad []byte) ([]byte, error)

	// BuildDecData will build the []byte representing the ciphertext coming from encData struct returned as a result of
	// Composite Encrypt() call to prepare the Composite Decryption primitive execution
	BuildDecData(encData *EncryptedData) []byte
}

EncrypterHelper is a helper for Content Encryption of composite ECDH (ES/1PU) key wrapping + AEAD content encryption This interface is used internally by the composite primitives.

type PublicKey ¶

type PublicKey struct {
	KID   string `json:"kid,omitempty"`
	X     []byte `json:"x,omitempty"`
	Y     []byte `json:"y,omitempty"`
	Curve string `json:"curve,omitempty"`
	Type  string `json:"type,omitempty"`
}

PublicKey mainly to exchange EPK in RecipientWrappedKey.

type RecipientWrappedKey ¶

type RecipientWrappedKey struct {
	KID          string    `json:"kid,omitempty"`
	EncryptedCEK []byte    `json:"encryptedcek,omitempty"`
	EPK          PublicKey `json:"epk,omitempty"`
	Alg          string    `json:"alg,omitempty"`
}

RecipientWrappedKey contains recipient key material required to unwrap CEK.

type RegisterCompositeAEADEncHelper ¶

type RegisterCompositeAEADEncHelper struct {
	// contains filtered or unexported fields
}

RegisterCompositeAEADEncHelper registers a content encryption helper.

func NewRegisterCompositeAEADEncHelper ¶

func NewRegisterCompositeAEADEncHelper(k *tinkpb.KeyTemplate) (*RegisterCompositeAEADEncHelper, error)

NewRegisterCompositeAEADEncHelper initializes and returns a RegisterCompositeAEADEncHelper.

func (*RegisterCompositeAEADEncHelper) BuildDecData ¶

func (r *RegisterCompositeAEADEncHelper) BuildDecData(encData *EncryptedData) []byte

BuildDecData will build the []byte representing the ciphertext coming from encData struct returned as a result of Composite Encrypt() call to prepare the Composite Decryption primitive execution.

func (*RegisterCompositeAEADEncHelper) BuildEncData ¶

func (r *RegisterCompositeAEADEncHelper) BuildEncData(eAlg, eTyp string, recipientsWK []*RecipientWrappedKey,
	ct, singleRecipientAAD []byte) ([]byte, error)

BuildEncData will build the []byte representing the ciphertext sent to the end user as a result of the Composite Encryption primitive execution.

func (*RegisterCompositeAEADEncHelper) GetAEAD ¶

func (r *RegisterCompositeAEADEncHelper) GetAEAD(symmetricKeyValue []byte) (tink.AEAD, error)

GetAEAD returns the AEAD primitive from the DEM.

func (*RegisterCompositeAEADEncHelper) GetIVSize ¶

func (r *RegisterCompositeAEADEncHelper) GetIVSize() int

GetIVSize returns the primitive IV size.

func (*RegisterCompositeAEADEncHelper) GetSymmetricKeySize ¶

func (r *RegisterCompositeAEADEncHelper) GetSymmetricKeySize() int

GetSymmetricKeySize returns the symmetric key size.

func (*RegisterCompositeAEADEncHelper) GetTagSize ¶

func (r *RegisterCompositeAEADEncHelper) GetTagSize() int

GetTagSize returns the primitive tag size.

func (*RegisterCompositeAEADEncHelper) MergeSingleRecipientHeaders ¶

func (r *RegisterCompositeAEADEncHelper) MergeSingleRecipientHeaders(recipientWK *RecipientWrappedKey,
	aad []byte) ([]byte, error)

MergeSingleRecipientHeaders for single recipient encryption, recipient header info is available in the key, update AAD with this info and return the marshalled merged result.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
api
ecdh1pu Package ecdh1pu provides implementations of payload encryption using ECDH-1PU KW key wrapping with AEAD primitives.	Package ecdh1pu provides implementations of payload encryption using ECDH-1PU KW key wrapping with AEAD primitives.
subtle
ecdhes Package ecdhes provides implementations of payload encryption using ECDH-ES KW key wrapping with AEAD primitives.	Package ecdhes provides implementations of payload encryption using ECDH-ES KW key wrapping with AEAD primitives.
subtle
keyio

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL