ecies

package

v0.7.0-rc2 Latest Latest Go to latest Published: Oct 17, 2025 License: MIT Imports: 9 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/lightninglabs/taproot-assets

Links

Open Source Insights

Documentation ¶

Index ¶

func DecryptSha256ChaCha20Poly1305(sharedSecret [32]byte, msg []byte) ([]byte, error)
func ECDH(privKey *btcec.PrivateKey, pub *btcec.PublicKey) ([32]byte, error)
func EncryptSha256ChaCha20Poly1305(sharedSecret [32]byte, msg []byte, additionalData []byte) ([]byte, error)
func HkdfSha256(secret, salt, info []byte) ([32]byte, error)
type Version
- func ExtractAdditionalData(msg []byte) (Version, []byte, []byte, error)
- func (v Version) String() string

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func DecryptSha256ChaCha20Poly1305 ¶

func DecryptSha256ChaCha20Poly1305(sharedSecret [32]byte,
	msg []byte) ([]byte, error)

DecryptSha256ChaCha20Poly1305 decrypts the given ciphertext using ChaCha20Poly1305 with a shared secret (usually derived using ECDH between the sender's ephemeral key and the receiver's public key) that is hardened using HKDF with SHA256. The cipher also authenticates the additional data and prepends it to the returned encrypted message. The additional data is limited to at most 255 bytes. The ciphertext must be in the format:

<1 byte version> <1 byte AD length> <* bytes AD> <24 bytes nonce> <* bytes ciphertext>

func ECDH ¶

func ECDH(privKey *btcec.PrivateKey, pub *btcec.PublicKey) ([32]byte, error)

ECDH performs a scalar multiplication (ECDH-like operation) between the target private key and remote public key. The output returned will be the sha256 of the resulting shared point serialized in compressed format. If k is our private key, and P is the public key, we perform the following operation:

sx = k*P
s = sha256(sx.SerializeCompressed())

func EncryptSha256ChaCha20Poly1305 ¶

func EncryptSha256ChaCha20Poly1305(sharedSecret [32]byte, msg []byte,
	additionalData []byte) ([]byte, error)

EncryptSha256ChaCha20Poly1305 encrypts the given message using ChaCha20Poly1305 with a shared secret (usually derived using ECDH between the sender's ephemeral key and the receiver's public key) that is hardened using HKDF with SHA256. The cipher also authenticates the additional data and prepends it to the returned encrypted message. The additional data is limited to at most 255 bytes. The output is a byte slice containing:

<1 byte version> <1 byte AD length> <* bytes AD> <24 bytes nonce> <* bytes ciphertext>

func HkdfSha256 ¶

func HkdfSha256(secret, salt, info []byte) ([32]byte, error)

HkdfSha256 derives a 32-byte key from the given secret and salt using HKDF with SHA256.

Types ¶

type Version ¶

type Version uint8

Version represents the version of the ECIES encoding format.

const (
	// VersionUndefined is the undefined version of the ECIES encoding
	// format. It is used to indicate that the version is not set or
	// that the version is unknown.
	VersionUndefined Version = 0

	// VersionV1 represents the initial version of the ECIES encoding
	// format.
	VersionV1 Version = 1
)

func ExtractAdditionalData ¶

func ExtractAdditionalData(msg []byte) (Version, []byte, []byte, error)

ExtractAdditionalData extracts the version, additional data, and the ciphertext from the given message. The message must be in the format:

<1 byte version> <1 byte AD length> <* bytes AD> <24 bytes nonce> <* bytes ciphertext>

func (Version) String ¶

func (v Version) String() string

String returns the string representation of the version.

Source Files ¶

View all Source files

ecies.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL