Comments (6)
Obvious:
type SigKey interface {
Key
Sign(data []byte) (sig []byte)
}
type VerifyKey interface {
Key
Verify(data, sig []byte) bool
}
from go-libp2p-core.
type KXPrivKey interface {
Key
Exchange(KXPubKey) Key
}
type KXPubKey interface {
Key
Exchange(KXPrivKey) Key
}
We can now use the resulting Key
as input for e.g. SecretboxKey
and use it to create secretboxes:
func AsSecretboxKey(k Key) SecretboxKey
type SecretboxKey Key
func (sbk SecretboxKey) Seal(data, nonce []byte) (ciphertext []byte) {...}
func (sbk SecretboxKey) Open(ciphertext, nonce []byte) (data []byte) {...}
Which brings us to the interface for Authenticated Encryption:
type AuthEncSymKey interface {
Key
Seal(data, nonce []byte) []byte
Open(ciphertext, nonce []byte) []byte
}
And the asymmetric version would be
type AuthEncPrivKey interface {
Key
Seal(k AuthEncPubKey, data, nonce []byte) (ciphertext []byte)
Open(k AuthEncPubKey, ciphertext, nonce []byte) (data []byte)
}
Doing AE with RSA is pretty common nowadays too, so I think this is the right interface. We can should provide EncryptionKey
and DecryptionKey
interfaces
type EncryptionKey interface {
Key
Encrypt([]byte) []byte
}
type DecryptionKey interface {
Key
Decrypt([]byte) []byte
}
Then we could provide some default types for NaCl boxes, RSA and Ed25519.
I'm pretty much free right now so I can do it if you like the idea.
from go-libp2p-core.
Warning: doing encryption and signing using same RSA key leaks information and is potentially unsafe.
from go-libp2p-core.
My primary concern is not the concrete implementations but the interfaces. I don't plan to make changes to the Rsa*
types, except maybe changing some type such that it fits the new interfaces.
Looking at the code, currently we seem to allow using the same keys for encryption and signing. We might want to fix that too. Filed libp2p/go-libp2p-crypto#9.
from go-libp2p-core.
Looking at the interfaces I proposed again, this all feels weird. E.g. the key exchange is not performed by the keys, but it's two communicating entities using the Keys to negotiate a shared secret. The key doesn't sign the data, it's the algorithm using the key. I'll think about interfaces that reflect that.
from go-libp2p-core.
How about
type Key interface {
Type() KeyType // e.g. ed25519-pub, rsa-priv, secret
Purpose() Purpose // eg. Signing, Encryption, Decryption, KeyDerivation, ...
Bytes() []byte
String() string // for good measure
}
// example
func Sign(k Key, data []byte) ([]byte, error) {
var sig []byte
if !k.Purpose() == Signing {
return WrongPurposeError
}
switch k.Type() {
case ed25519-priv:
...
sig = ...
case ...
}
return sig
}
This way it behaves a bit more like a net.Addr
. What do you think about this?
from go-libp2p-core.
Related Issues (20)
- Host event bus does not emit EvtPeerConnectednessChanged HOT 5
- Error in using libp2pquic.NewTransport with libp2p.Transport HOT 2
- Record envelope protobuf does not match spec HOT 2
- Add a `ClearDeadline` API HOT 4
- v0.7.0 breaks backward compatibility for multiple packages HOT 3
- add WithStat option for host.NewStream HOT 3
- Closing streams does not transmit all data HOT 1
- Unable to marshal / unmarshal AddrInfo within my struct HOT 4
- flaky TestResetBandwidthCounter test HOT 1
- How to know the conn has been closed
- What happened to the method in **helps**? HOT 1
- Reliable Notifiee events HOT 1
- looks unsafe HOT 2
- routing.go HOT 1
- How to convert PrivKey to crypto/ecdsa.PrivateKey? HOT 1
- Requesting release 0.16 with "update btcec dependency" change HOT 4
- btcec update leads to `go mod tidy` failure HOT 9
- extend `peer.Set` with the Remove method HOT 4
- Unable to know data on the connected node HOT 1
- use a mock clock in bandwidth counter tests HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from go-libp2p-core.