osbzr
/
com
项目红包剩余9514,下一贡献奖励5%,即 476个红包
Наблюдаван 15
Харесван 7
Уики 捐赠
本站源代码
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Клон: gamification
Клонове Маркери
${ item.name }
Create branch ${ searchTerm }
от 'gamification'
${ noResults }
com/vendor/github.com/keybase/go-crypto/openpgp/packet/ecdh.go

105 lines
2.7KB
Директен файл Постоянна връзка Blame История 

  1. package packet

  2. 

  3. import (

  4. 	"bytes"

  5. 	"io"

  6. 	"math/big"

  7. 

  8. 	"github.com/keybase/go-crypto/openpgp/ecdh"

  9. 	"github.com/keybase/go-crypto/openpgp/errors"

  10. 	"github.com/keybase/go-crypto/openpgp/s2k"

  11. )

  12. 

  13. // ECDHKdfParams generates KDF parameters sequence for given

  14. // PublicKey. See https://tools.ietf.org/html/rfc6637#section-8

  15. func ECDHKdfParams(pub *PublicKey) []byte {

  16. 	buf := new(bytes.Buffer)

  17. 	oid := pub.ec.oid

  18. 	buf.WriteByte(byte(len(oid)))

  19. 	buf.Write(oid)

  20. 	buf.WriteByte(18) // ECDH TYPE

  21. 	pub.ecdh.serialize(buf)

  22. 	buf.WriteString("Anonymous Sender    ")

  23. 	buf.Write(pub.Fingerprint[:])

  24. 	return buf.Bytes()

  25. }

  26. 

  27. func decryptKeyECDH(priv *PrivateKey, X, Y *big.Int, C []byte) (out []byte, err error) {

  28. 	ecdhpriv, ok := priv.PrivateKey.(*ecdh.PrivateKey)

  29. 	if !ok {

  30. 		return nil, errors.InvalidArgumentError("bad internal ECDH key")

  31. 	}

  32. 

  33. 	Sx := ecdhpriv.DecryptShared(X, Y)

  34. 

  35. 	kdfParams := ECDHKdfParams(&priv.PublicKey)

  36. 	hash, ok := s2k.HashIdToHash(byte(priv.ecdh.KdfHash))

  37. 	if !ok {

  38. 		return nil, errors.InvalidArgumentError("invalid hash id in private key")

  39. 	}

  40. 

  41. 	key := ecdhpriv.KDF(Sx, kdfParams, hash)

  42. 	keySize := CipherFunction(priv.ecdh.KdfAlgo).KeySize()

  43. 

  44. 	decrypted, err := ecdh.AESKeyUnwrap(key[:keySize], C)

  45. 	if err != nil {

  46. 		return nil, err

  47. 	}

  48. 

  49. 	// We have to "read ahead" to discover real length of the

  50. 	// encryption key and properly unpad buffer.

  51. 	cipherFunc := CipherFunction(decrypted[0])

  52. 	// +3 bytes = 1-byte cipher id and checksum 2-byte checksum.

  53. 	out = ecdh.UnpadBuffer(decrypted, cipherFunc.KeySize()+3)

  54. 	if out == nil {

  55. 		return nil, errors.InvalidArgumentError("invalid padding while ECDH")

  56. 	}

  57. 	return out, nil

  58. }

  59. 

  60. func serializeEncryptedKeyECDH(w io.Writer, rand io.Reader, header [10]byte, pub *PublicKey, keyBlock []byte) error {

  61. 	ecdhpub := pub.PublicKey.(*ecdh.PublicKey)

  62. 	kdfParams := ECDHKdfParams(pub)

  63. 

  64. 	hash, ok := s2k.HashIdToHash(byte(pub.ecdh.KdfHash))

  65. 	if !ok {

  66. 		return errors.InvalidArgumentError("invalid hash id in private key")

  67. 	}

  68. 

  69. 	kdfKeySize := CipherFunction(pub.ecdh.KdfAlgo).KeySize()

  70. 	Vx, Vy, C, err := ecdhpub.Encrypt(rand, kdfParams, keyBlock, hash, kdfKeySize)

  71. 	if err != nil {

  72. 		return err

  73. 	}

  74. 

  75. 	mpis, mpiBitLen := ecdh.Marshal(ecdhpub.Curve, Vx, Vy)

  76. 

  77. 	packetLen := len(header) /* header length in bytes */

  78. 	packetLen += 2 /* mpi length in bits */ + len(mpis)

  79. 	packetLen += 1 /* ciphertext size in bytes */ + len(C)

  80. 

  81. 	err = serializeHeader(w, packetTypeEncryptedKey, packetLen)

  82. 	if err != nil {

  83. 		return err

  84. 	}

  85. 

  86. 	_, err = w.Write(header[:])

  87. 	if err != nil {

  88. 		return err

  89. 	}

  90. 

  91. 	_, err = w.Write([]byte{byte(mpiBitLen >> 8), byte(mpiBitLen)})

  92. 	if err != nil {

  93. 		return err

  94. 	}

  95. 

  96. 	_, err = w.Write(mpis[:])

  97. 	if err != nil {

  98. 		return err

  99. 	}

  100. 

  101. 	w.Write([]byte{byte(len(C))})

  102. 	w.Write(C[:])

  103. 	return nil

  104. }
上海开阖软件有限公司 沪ICP备12045867号-1