ephemsec

package
v0.3.13 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 22, 2026 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	B10Alphabet  = Alphabet("0123456789")
	B16Alphabet  = Alphabet("0123456789ABCDEF")
	B32Alphabet  = Alphabet("0123456789ABCDEFGHJKMNPQRSTVWXYZ")
	NullAlphabet = Alphabet("")
)
View Source 
const (
	Initiator = role(true)
	Responder = role(false)
)
View Source 
const (
	SHA512_X25519_E1S1_T600B10P8     = uint16(0x1111)
	SHA512_256_X25519_E1S1_T600B10P8 = uint16(0x1121)
	BLAKE2S_X25519_E1S1_T600B10P8    = uint16(0x1131)
	BLAKE2B_X25519_E1S1_T600B10P8    = uint16(0x1143)

	SHA512_X25519_E1S2_T600B10P8     = uint16(0x1211)
	SHA512_256_X25519_E1S2_T600B10P8 = uint16(0x1221)
	BLAKE2S_X25519_E1S2_T600B10P8    = uint16(0x1231)
	BLAKE2B_X25519_E1S2_T600B10P8    = uint16(0x1241)

	SHA512_X25519_E2S2_T600B10P8     = uint16(0x1311)
	SHA512_256_X25519_E2S2_T600B10P8 = uint16(0x1321)
	BLAKE2S_X25519_E2S2_T600B10P8    = uint16(0x1331)
	BLAKE2B_X25519_E2S2_T600B10P8    = uint16(0x1341)

	SHA512_X25519_E1S1_T600B32P9     = uint16(0x2111)
	SHA512_256_X25519_E1S1_T600B32P9 = uint16(0x2121)
	BLAKE2S_X25519_E1S1_T600B32P9    = uint16(0x2131)
	BLAKE2B_X25519_E1S1_T600B32P9    = uint16(0x2141)

	SHA512_X25519_E1S2_T600B32P9     = uint16(0x2211)
	SHA512_256_X25519_E1S2_T600B32P9 = uint16(0x2221)
	BLAKE2S_X25519_E1S2_T600B32P9    = uint16(0x2231)
	BLAKE2B_X25519_E1S2_T600B32P9    = uint16(0x2241)

	SHA512_X25519_E2S2_T600B32P9     = uint16(0x2311)
	SHA512_256_X25519_E2S2_T600B32P9 = uint16(0x2321)
	BLAKE2S_X25519_E2S2_T600B32P9    = uint16(0x2331)
	BLAKE2B_X25519_E2S2_T600B32P9    = uint16(0x2341)

	SHA512_X25519_E1S1_T1024B256P33     = uint16(0x3111)
	SHA512_256_X25519_E1S1_T1024B256P33 = uint16(0x3121)
	BLAKE2S_X25519_E1S1_T1024B256P33    = uint16(0x3131)
	BLAKE2B_X25519_E1S1_T1024B256P33    = uint16(0x3141)

	SHA512_X25519_E1S2_T1024B256P33     = uint16(0x3211)
	SHA512_256_X25519_E1S2_T1024B256P33 = uint16(0x3221)
	BLAKE2S_X25519_E1S2_T1024B256P33    = uint16(0x3231)
	BLAKE2B_X25519_E1S2_T1024B256P33    = uint16(0x3241)

	SHA512_X25519_E2S2_T1024B256P33     = uint16(0x3311)
	SHA512_256_X25519_E2S2_T1024B256P33 = uint16(0x3321)
	BLAKE2S_X25519_E2S2_T1024B256P33    = uint16(0x3331)
	BLAKE2B_X25519_E2S2_T1024B256P33    = uint16(0x3341)
)
View Source 
const (
	// All package errors are wrapping Error
	Error = errorFlag("ephemsec: error")
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Alphabet 

type Alphabet string

Alphabet defines a mapping in between unicode characters and bytes. Alphabet are used to convert OTP to text.

func (Alphabet) Check 

func (self Alphabet) Check() error

Check determines if Alphabet is valid.

func (Alphabet) Decode 

func (self Alphabet) Decode(otp string, sep rune, size int, dst []byte) ([]byte, error)

Decode returns the digits decoded from otp Alphabet characters. It errors if less than size digits were recovered or if otp contains non valid Alphabet characters.

Decoded digits are appended to the dst buffer. Decode allocates storage if dst capacity is not sufficient to hold decoded digits.

Decode ignores sep and ' ' characters present in otp string. When Decode encounters a a character not present in the Alphabet, it retries decoding it toggling its case.

func (Alphabet) Format 

func (self Alphabet) Format(digits []byte, group int, sep rune) (string, error)

Format transforms digits into text. It errors if digits contains values not compatible with the Alphabet size.

The group parameter allows controlling the insertion of the separator sep. sep is added after group consecutive characters. sep insertion is disabled by setting group to 0.

func (Alphabet) Size 

func (self Alphabet) Size() int

type Scheme added in v0.3.10 

type Scheme struct {
	// contains filtered or unexported fields
}

Scheme holds configuration parameters for OTP/OTK generation.

func GetScheme added in v0.3.2 

func GetScheme(code uint16) (*Scheme, error)

GetScheme returns the EPHEMSEC scheme that corresponds to code. It errors if no scheme corresponds to code.

func NewScheme 

func NewScheme(name string) (*Scheme, error)

NewScheme parses the name string to extract Scheme fields values. It errors if name can not be parsed or if the constructed Scheme is invalid.

Scheme name have the following form 

Kerpass_SHA512/256_X25519_E1S2_T400B32P8
  1st subgroup (eg SHA512/256) is the name of the Scheme Hash function
  2nd subgroup (eg X25519) is the name of the Scheme Diffie-Hellmann function
  3rd subgroup (eg E1S2) details Diffie-Hellmann key exchange requirements,
    E is the number of ephemeral keys and S the number of static keys
  4th subgroup (eg T400) is the size of the OTP/OTK validation time window in seconds
  5th subgroup (eg B32) is the OTP encoding alphabet
  6th subgroup (eg P8) is the number of digits of the generated OTP/OTK
    including Scheme synchronization digits

func (Scheme) B added in v0.3.10 

func (self Scheme) B() int

B returns the Scheme digit base.

func (Scheme) Curve added in v0.3.10 

func (self Scheme) Curve() algos.Curve

Curve returns the Scheme curve.

func (Scheme) Hash added in v0.3.10 

func (self Scheme) Hash() crypto.Hash

Hash returns the Scheme hash.

func (Scheme) KeyExchangePattern added in v0.3.10 

func (self Scheme) KeyExchangePattern() string

KeyExchangePattern returns the Scheme Key Exchange pattern. Possible values are E1S1, E1S2 & E2S2.

func (Scheme) Name added in v0.3.10 

func (self Scheme) Name() string

Name returns the Scheme name.

func (Scheme) NewOTP added in v0.3.10 

func (self Scheme) NewOTP(src []byte, ptime int64) ([]byte, error)

NewOTP interprets src as a Uint64 integer and returns an OTP which digits encode the src integer in the Scheme base eb.

func (Scheme) P added in v0.3.10 

func (self Scheme) P() int

P returns the Scheme code size.

func (Scheme) SyncTime added in v0.3.10 

func (self Scheme) SyncTime(t int64, sync int) (int64, error)

SyncTime returns the pseudo time which is the closest from Time(t) having a synchronization hint that matches sync. It errors if the sync parameter is invalid.

func (Scheme) T added in v0.3.10 

func (self Scheme) T() float64

T returns the Scheme Time Window size in seconds.

func (Scheme) Time added in v0.3.10 

func (self Scheme) Time(t int64) (int64, int)

Time transforms a second precision Unix timestamp into a pseudo time that can be used as input for OTP/OTK calculation. It returns the pseudo time and its synchronization hint.

type State 

type State struct {

	// Context is application defined
	Context []byte

	// Nonce is generated by the initiator
	Nonce []byte

	// Unix timestamp
	// if zero, system Unix time is used
	Time int64

	// SynchroHint is generated by the responder
	SynchroHint int

	// Message is optional
	// An OTP/OTK can be generated to show that the message was reviewed/accepted
	Message []byte

	// local ephemeral key
	EphemKey *ecdh.PrivateKey

	// local static key
	StaticKey *ecdh.PrivateKey

	// remote ephemeral key
	RemoteEphemKey *ecdh.PublicKey

	// remote static key
	RemoteStaticKey *ecdh.PublicKey

	// psk credential
	Psk []byte
	// contains filtered or unexported fields
}

func (*State) EPHEMSEC 

func (self *State) EPHEMSEC(scheme *Scheme, role role, dst []byte) ([]byte, error)

EPHEMSEC executes the KerPass ephemeral secret generation algorithm and returns the generated secret.

If a non nil dst buffer is passed, EPHEMSEC will try reusing it to output the generated secret. If dst is nil, EPHEMSEC will allocate memory to hold the generated secret.

func (*State) Reset 

func (self *State) Reset()

Reset prepares the State for reuse.

type TestVector 

type TestVector struct {
	SchemeName               string          `json:"scheme"`
	Context                  utils.HexBinary `json:"context"`
	Psk                      utils.HexBinary `json:"psk"`
	SharedSecret             utils.HexBinary `json:"shared_secret"`
	Otp                      string          `json:"otp"`
	InitiatorNonce           utils.HexBinary `json:"init_nonce"`
	InitiatorTime            int64           `json:"init_time"`
	InitiatorStaticKey       utils.HexBinary `json:"init_static_key"`
	InitiatorEphemKey        utils.HexBinary `json:"init_ephemeral_key"`
	InitiatorRemoteStaticKey utils.HexBinary `json:"init_remote_static_key"`
	InitiatorRemoteEphemKey  utils.HexBinary `json:"init_remote_ephemeral_key"`
	ResponderTime            int64           `json:"resp_time"`
	ResponderSynchroHint     int             `json:"resp_synchro_hint"`
	ResponderStaticKey       utils.HexBinary `json:"resp_static_key"`
	ResponderEphemKey        utils.HexBinary `json:"resp_ephemeral_key"`
	ResponderRemoteStaticKey utils.HexBinary `json:"resp_remote_static_key"`
	ResponderRemoteEphemKey  utils.HexBinary `json:"resp_remote_ephemeral_key"`
	HkdfSalt                 utils.HexBinary `json:"hkdf_salt"`
	HkdfInfo                 utils.HexBinary `json:"hkdf_info"`
	HkdfSecret               utils.HexBinary `json:"hkdf_secret"`
}

TestVector holds KerPass EPHEMSEC test vector fields.

func LoadTestVectors 

func LoadTestVectors(srcpath string) ([]TestVector, error)

LoadTestVector loads test vectors from json file at srcpath.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.