This module implements Public Key and Private Key interface for libp2p.Serialization/Deserialization helpers
Types
CryptoError = enum KeyError, SigError, HashError, SchemeError
- Source Edit
CryptoResult[T] = Result[T, CryptoError]
- Source Edit
DigestSheme = enum Sha256, Sha512
- Source Edit
KeyPair = object seckey*: PrivateKey pubkey*: PublicKey
- Source Edit
PrivateKey = object case scheme*: PKScheme of PKScheme.RSA: when supported(RSA): rsakey*: rsa.RsaPrivateKey else: nil of PKScheme.Ed25519: when supported(Ed25519): edkey*: EdPrivateKey else: nil of PKScheme.Secp256k1: when supported(Secp256k1): skkey*: SkPrivateKey else: nil of PKScheme.ECDSA: when supported(ECDSA): eckey*: ecnist.EcPrivateKey else: nil
- Source Edit
PublicKey = object case scheme*: PKScheme of PKScheme.RSA: when PKScheme.RSA in SupportedSchemes: rsakey*: rsa.RsaPublicKey else: nil of PKScheme.Ed25519: when supported(Ed25519): edkey*: EdPublicKey else: nil of PKScheme.Secp256k1: when supported(Secp256k1): skkey*: SkPublicKey else: nil of PKScheme.ECDSA: when supported(ECDSA): eckey*: ecnist.EcPublicKey else: nil
- Source Edit
Consts
libp2p_pki_schemes = "rsa,ed25519,secp256k1,ecnist"
- Source Edit
RsaDefaultKeySize = 3072
- Source Edit
SupportedSchemes = {RSA, Ed25519, Secp256k1, ECDSA}
- Source Edit
SupportedSchemesInt = {0, 1, 2, 3}
- Source Edit
Procs
proc `$`(key: PrivateKey | PublicKey): string {....raises: [].}
- Get string representation of private/public key key. Source Edit
proc `$`(sig: Signature): string {....raises: [], tags: [].}
- Get string representation of signature sig. Source Edit
proc `==`(key1, key2: PrivateKey): bool {....raises: [], tags: [].}
- Return true if two private keys key1 and key2 of the same scheme and equal. Source Edit
proc `==`(key1, key2: PublicKey): bool {.inline, ...raises: [], tags: [].}
- Return true if two public keys key1 and key2 of the same scheme and equal. Source Edit
proc createExchange(epubkey, signature: openArray[byte]): seq[byte] {. ...raises: [], tags: [].}
- Create SecIO exchange message using ephemeral public key epubkey and signature of proposal blocks signature. Source Edit
proc createProposal(nonce, pubkey: openArray[byte]; exchanges, ciphers, hashes: string): seq[byte] {....raises: [], tags: [].}
- Create SecIO proposal message using random nonce, local public key pubkey, comma-delimieted list of supported exchange schemes exchanges, comma-delimeted list of supported ciphers ciphers and comma-delimeted list of supported hashes hashes. Source Edit
proc decodeExchange(message: seq[byte]; pubkey, signature: var seq[byte]): bool {. ...raises: [], tags: [].}
-
Parse incoming exchange message and decode remote ephemeral public key pubkey and signature signature.
Procedure returns true on success and false on error.
Source Edit proc decodeProposal(message: seq[byte]; nonce, pubkey: var seq[byte]; exchanges, ciphers, hashes: var string): bool {....raises: [], tags: [].}
-
Parse incoming proposal message and decode remote random nonce nonce, remote public key pubkey, comma-delimieted list of supported exchange schemes exchanges, comma-delimeted list of supported ciphers ciphers and comma-delimeted list of supported hashes hashes.
Procedure returns true on success and false on error.
Source Edit proc ephemeral(scheme: ECDHEScheme; rng: var HmacDrbgContext): CryptoResult[ EcKeyPair] {....raises: [], tags: [].}
- Generate ephemeral keys used to perform ECDHE. Source Edit
proc ephemeral(scheme: string; rng: var HmacDrbgContext): CryptoResult[EcKeyPair] {. ...raises: [], tags: [].}
-
Generate ephemeral keys used to perform ECDHE using string encoding.
Currently supported encoding strings are P-256, P-384, P-521, if encoding string is not supported P-521 key will be generated.
Source Edit proc getBytes(key: PrivateKey): CryptoResult[seq[byte]] {....raises: [], tags: [].}
- Return private key key in binary form (using libp2p's protobuf serialization). Source Edit
proc getBytes(key: PublicKey): CryptoResult[seq[byte]] {....raises: [], tags: [].}
- Return public key key in binary form (using libp2p's protobuf serialization). Source Edit
proc getBytes(sig: Signature): seq[byte] {....raises: [], tags: [].}
- Return signature sig in binary form. Source Edit
proc getField(pb: ProtoBuffer; field: int; value: var Signature): ProtoResult[ bool] {....raises: [], tags: [].}
-
Deserialize signature from protobuf's message pb using field index field.
On success deserialized signature will be stored in value.
Source Edit proc getField[T: PublicKey | PrivateKey](pb: ProtoBuffer; field: int; value: var T): ProtoResult[bool] {....raises: [].}
-
Deserialize public/private key from protobuf's message pb using field index field.
On success deserialized key will be stored in value.
Source Edit proc getOrder(remotePubkey, localNonce: openArray[byte]; localPubkey, remoteNonce: openArray[byte]): CryptoResult[int] {. ...raises: [], tags: [].}
- Compare values and calculate order parameter. Source Edit
proc getPublicKey(key: PrivateKey): CryptoResult[PublicKey] {....raises: [], tags: [].}
- Get public key from corresponding private key key. Source Edit
proc getRawBytes(key: PrivateKey | PublicKey): CryptoResult[seq[byte]] {. ...raises: [].}
- Return private key key in binary form (using scheme's own serialization). Source Edit
proc init(sig: var Signature; data: openArray[byte]): bool {....raises: [], tags: [].}
-
Initialize signature sig from raw binary form.
Returns true on success.
Source Edit proc init(sig: var Signature; data: string): bool {....raises: [], tags: [].}
-
Initialize signature sig from serialized hexadecimal string representation.
Returns true on success.
Source Edit proc init(t: typedesc[PrivateKey]; data: openArray[byte]): CryptoResult[ PrivateKey] {....raises: [].}
- Create new private key from libp2p's protobuf serialized binary form. Source Edit
proc init(t: typedesc[PrivateKey]; data: string): CryptoResult[PrivateKey] {. ...raises: [].}
- Create new private key from libp2p's protobuf serialized hexadecimal string form. Source Edit
proc init(t: typedesc[PrivateKey]; key: ecnist.EcPrivateKey): PrivateKey {. ...raises: [].}
- Source Edit
proc init(t: typedesc[PrivateKey]; key: EdPrivateKey): PrivateKey {....raises: [].}
- Source Edit
proc init(t: typedesc[PrivateKey]; key: rsa.RsaPrivateKey): PrivateKey {. ...raises: [].}
- Source Edit
proc init(t: typedesc[PrivateKey]; key: SkPrivateKey): PrivateKey {....raises: [].}
- Source Edit
proc init(t: typedesc[PublicKey]; data: openArray[byte]): CryptoResult[PublicKey] {. ...raises: [].}
- Create new public key from libp2p's protobuf serialized binary form. Source Edit
proc init(t: typedesc[PublicKey]; data: string): CryptoResult[PublicKey] {. ...raises: [].}
- Create new public key from libp2p's protobuf serialized hexadecimal string form. Source Edit
proc init(t: typedesc[PublicKey]; key: ecnist.EcPublicKey): PublicKey {. ...raises: [].}
- Source Edit
proc init(t: typedesc[Signature]; data: openArray[byte]): CryptoResult[Signature] {. ...raises: [].}
- Create new public key from libp2p's protobuf serialized binary form. Source Edit
proc init(t: typedesc[Signature]; data: string): CryptoResult[Signature] {. ...raises: [].}
- Create new signature from serialized hexadecimal string form. Source Edit
proc init[T: PrivateKey | PublicKey](key: var T; data: openArray[byte]): bool {. ...raises: [].}
-
Initialize private key key from libp2p's protobuf serialized raw binary form.
Returns true on success.
Source Edit proc init[T: PrivateKey | PublicKey](key: var T; data: string): bool {. ...raises: [].}
-
Initialize private/public key key from libp2p's protobuf serialized hexadecimal string representation.
Returns true on success.
Source Edit proc iv(secret: Secret; id: int): seq[byte] {.inline, ...raises: [], tags: [].}
- Get array of bytes with with initial vector. Source Edit
proc random(T: typedesc[KeyPair]; rng: var HmacDrbgContext; bits = RsaDefaultKeySize): CryptoResult[KeyPair] {....raises: [].}
-
Generate random private pair of keys using default public-key cryptography scheme.
Default public-key cryptography schemes are following order: ed25519, secp256k1, RSA, secp256r1.
So will be used first available (supported) method.
Source Edit proc random(T: typedesc[KeyPair]; scheme: PKScheme; rng: var HmacDrbgContext; bits = RsaDefaultKeySize): CryptoResult[KeyPair] {....raises: [].}
-
Generate random key pair for scheme scheme.
bits is number of bits for RSA key, bits value must be in [512, 4096], default value is 2048 bits.
Source Edit proc random(T: typedesc[PrivateKey]; rng: var HmacDrbgContext; bits = RsaDefaultKeySize): CryptoResult[PrivateKey] {....raises: [].}
-
Generate random private key using default public-key cryptography scheme.
Default public-key cryptography schemes are following order: ed25519, secp256k1, RSA, secp256r1.
So will be used first available (supported) method.
Source Edit proc random(T: typedesc[PrivateKey]; scheme: PKScheme; rng: var HmacDrbgContext; bits = RsaDefaultKeySize): CryptoResult[PrivateKey] {....raises: [].}
-
Generate random private key for scheme scheme.
bits is number of bits for RSA key, bits value must be in [2048, 4096], default value is 3072 bits.
Source Edit proc selectBest(order: int; p1, p2: string): string {....raises: [], tags: [].}
-
Determines which algorithm to use from list p1 and p2.
Returns empty string if there no algorithms in common.
Source Edit func shortLog(key: PrivateKey | PublicKey): string {....raises: [].}
- Get short string representation of private/public key key. Source Edit
proc sign(key: PrivateKey; data: openArray[byte]): CryptoResult[Signature] {. ...gcsafe, raises: [], tags: [RootEffect].}
- Sign message data using private key key and return generated signature in raw binary form. Source Edit
proc stretchKeys(cipherType: string; hashType: string; sharedSecret: seq[byte]): Secret {. ...raises: [], tags: [].}
- Expand shared secret to cryptographic keys. Source Edit
proc toBytes(key: PrivateKey; data: var openArray[byte]): CryptoResult[int] {. ...raises: [], tags: [].}
-
Serialize private key key (using libp2p protobuf scheme) and store it to data.
Returns number of bytes (octets) needed to store private key key.
Source Edit proc toBytes(key: PublicKey; data: var openArray[byte]): CryptoResult[int] {. ...raises: [], tags: [].}
-
Serialize public key key (using libp2p protobuf scheme) and store it to data.
Returns number of bytes (octets) needed to store public key key.
Source Edit proc toBytes(sig: Signature; data: var openArray[byte]): int {....raises: [], tags: [].}
-
Serialize signature sig and store it to data.
Returns number of bytes (octets) needed to store signature sig.
Source Edit proc toRawBytes(key: PrivateKey | PublicKey; data: var openArray[byte]): CryptoResult[ int] {....raises: [].}
-
Serialize private key key (using scheme's own serialization) and store it to data.
Returns number of bytes (octets) needed to store private key key.
Source Edit proc verify(sig: Signature; message: openArray[byte]; key: PublicKey): bool {. ...raises: [], tags: [RootEffect].}
- Verify signature sig using message message and public key key. Return true if message signature is valid. Source Edit
proc write(pb: var ProtoBuffer; field: int; sig: Signature) {.inline, ...raises: [Defect], raises: [], tags: [].}
- Source Edit
proc write(vb: var VBuffer; pubkey: PublicKey) {.inline, ...raises: [Defect, ResultError[CryptoError]], raises: [], tags: [].}
- Write PublicKey value pubkey to buffer vb. Source Edit
proc write(vb: var VBuffer; seckey: PrivateKey) {.inline, ...raises: [Defect, ResultError[CryptoError]], raises: [], tags: [].}
- Write PrivateKey value seckey to buffer vb. Source Edit
proc write(vb: var VBuffer; sig: PrivateKey) {.inline, ...raises: [Defect, ResultError[CryptoError]], raises: [], tags: [].}
- Write Signature value sig to buffer vb. Source Edit
proc write[T: PublicKey | PrivateKey](pb: var ProtoBuffer; field: int; key: T) {. inline, ...raises: [Defect, ResultError[CryptoError]], raises: [].}
- Source Edit
Templates
template ivOpenArray(secret: Secret; id: int): untyped
- Source Edit
template keyOpenArray(secret: Secret; id: int): untyped
- Source Edit
template macOpenArray(secret: Secret; id: int): untyped
- Source Edit