a modern crypto messaging format
Switch branches/tags
Clone or download
Latest commit 5cc645e Aug 28, 2018
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
basic Allow getting raw keys Jun 4, 2018
encoding/basex When given a src whose total number of valid characters is a non mini… Aug 3, 2018
specs Fix. I had removed the wrong part of the document Aug 9, 2018
.pre-commit-config.yaml Pre-commit hook (#7) Apr 26, 2016
.travis.yml Implement a better shuffle (#57) Mar 19, 2018
LICENSE Add LICENSE file Mar 8, 2017
README.md update a dead link in the README Feb 26, 2018
armor.go Frame checking is now done automatically, whether the message is deco… Aug 3, 2018
armor62.go Frame checking is now done automatically, whether the message is deco… Aug 3, 2018
armor62_decrypt.go Frame checking is now done automatically, whether the message is deco… Aug 3, 2018
armor62_encrypt.go Dep-inject functions involving randomness (#49) Mar 6, 2018
armor62_encrypt_test.go Fix failing test (#66) Aug 28, 2018
armor62_sign.go Plumb through versions in signing/verifying (#34) Apr 25, 2017
armor62_sign_test.go Plumb through versions in signing/verifying (#34) Apr 25, 2017
armor62_signcrypt.go Frame checking is now done automatically, whether the message is deco… Aug 3, 2018
armor62_signcrypt_test.go Dep-inject functions involving randomness (#49) Mar 6, 2018
armor62_verify.go Frame checking is now done automatically, whether the message is deco… Aug 3, 2018
armor_test.go Frame checking is now done automatically, whether the message is deco… Aug 3, 2018
chunk_reader.go Refactor read loops (#39) Apr 27, 2017
chunk_reader_test.go Fix go vet and golint errors (#48) Feb 28, 2018
classify_and_decrypt.go Fix lint Aug 28, 2018
classify_and_decrypt_test.go moved and expanded some message classification logic from the keybase… Aug 3, 2018
common.go Implement a better shuffle (#57) Mar 19, 2018
common_test.go Mix ephemeral-static DH output into MAC keys for v2 (#18) Apr 16, 2017
const.go moved and expanded some message classification logic from the keybase… Aug 3, 2018
decrypt.go Make decryptors consistent with each other (#41) May 1, 2017
decrypt_test.go Add hardcoded tests for V2 encryption (#50) Mar 14, 2018
doc.go CBC -> CFB Jan 30, 2016
encrypt.go Implement a better shuffle (#57) Mar 19, 2018
encrypt_test.go Implement a better shuffle (#57) Mar 19, 2018
errors.go moved and expanded some message classification logic from the keybase… Aug 3, 2018
example_test.go Plumb through versions in signing/verifying (#34) Apr 25, 2017
frame.go Introduced limits on frame length. Aug 3, 2018
key.go Implement a better shuffle (#57) Mar 19, 2018
msgpack.go Clarify MessagePack encoding in spec (#60) May 25, 2018
nonce.go Implement a better shuffle (#57) Mar 19, 2018
nonce_test.go Mix in index into payload nonce (#26) Apr 16, 2017
packets.go Manually encode V2 blocks as arrays (#46) Feb 24, 2018
packets_test.go Clarify MessagePack encoding in spec (#60) May 25, 2018
punctuated_reader.go privatize PunctuatedReader Jan 28, 2016
punctuated_reader_test.go privatize PunctuatedReader Jan 28, 2016
rand.go Implement a better shuffle (#57) Mar 19, 2018
rand_1.10_test.go Implement a better shuffle (#57) Mar 19, 2018
sign.go Plumb through versions in signing/verifying (#34) Apr 25, 2017
sign_stream.go Refactor read loops (#39) Apr 27, 2017
sign_test.go Implement a better shuffle (#57) Mar 19, 2018
signcrypt_open.go Fix go vet and golint errors (#48) Feb 28, 2018
signcrypt_open_test.go Dep-inject functions involving randomness (#49) Mar 6, 2018
signcrypt_seal.go Implement a better shuffle (#57) Mar 19, 2018
signcrypt_seal_amd64_test.go Implement a better shuffle (#57) Mar 19, 2018
signcrypt_seal_i386_test.go Implement a better shuffle (#57) Mar 19, 2018
signcrypt_seal_test.go Implement a better shuffle (#57) Mar 19, 2018
signcrypt_test.go Dep-inject functions involving randomness (#49) Mar 6, 2018
tweakable_encryptor_test.go Add hardcoded tests for V2 encryption (#50) Mar 14, 2018
tweakable_signer_test.go Refactor read loops (#39) Apr 27, 2017
util_test.go Fix failing test (#66) Aug 28, 2018
verify.go Refactor read loops (#39) Apr 27, 2017
verify_stream.go Make decryptors consistent with each other (#41) May 1, 2017
verify_test.go Relax error checking to work with upstream codec package (#47) Feb 28, 2018

README.md

saltpack

a modern crypto messaging format

https://saltpack.org/

Build Status Coverage Status GoDoc

saltpack is a streamlined, modern solution, designed with simplicity in mind. It is easy to implement & integrate. We've made few crypto decisions and instead leave almost all of the heavy lifting to the NaCl library.

saltpack is a binary message format, encoded using the MessagePack format. Messages are broken up into reasonable (1MB) chunks, over which regular NaCl operations are performed. We have taken pains to address many of the shortcomings of current message formats: (1) only authenticated data is output; (2) repudiable authentication is used wherever possible; (3) chunks cannot be reordered or combined with other transmissions; (4) the public keys of senders and recipients can be hidden; and (5) message truncation is detectable.

Visually speaking, a saltpack ASCII output looks a lot like PGP's.

saltpack

BEGIN SALTPACK SIGNED MESSAGE. kXR7VktZdyH7rvq v5wcIkHbs7XwHpb
nPtLcF6vE5yY63t aHF62jiEC1zHGqD inx5YqK0nf5W9Lp TvUmM2zBwxgd3Nw
kvzZ96W7ZfDdTVg F5Y99c2l5EsCy1I xVNl0nY1TP25vsX 2cRXXPUrM2UKtWq
UK2HG2ifBSOED4w xArcORHfFeiEZxF CqestMqLSCCE6lT HFcdvt1QX9JjmWL
o5AAqPiECnoHiSA bPHhz2JnSCyDIOz ZET1BWzttbMDL4N pcyQLmsGqYpxhG6
uvdBxdt55w9xQvQ hDPuOsKF05Hsml6 z7h9TS2msJcNwtz vxGIQR7sbB19UOt
boM1hlolmMB3loP 0KexlROFBTDC6MR nBvd9sZUxA8Z7i5 a6Dk5yFU3WEYQAo
DqqjXcp0yBoHO5O KEMqkZlyMf1PKiB 2n9wE6jwxAN1xws ccthT6X3iRYk0Br
gHW6QRXzAHLy6Ib LgY6b3UcQAoDo8b XyaExxinVuM5Ftk 75BJOWoyLGFhZS7
EfKR8jQQexvyjDM rJLxYtjvaLX7joS 2q1VcUlqGfZDhAa 4vxJQAyu57beOux
oobLhI47iZf9bxK PmYrVQ5PsC6pY1J KTQQexvlvp2yicx K4su2AFCjihbzNI
yZgKM4NHN1KZapS O3iB9SlhVfTfFcR FoQoSViTkbtDtTt 6I0jrTRHkv9XVQQ
eeeuzR7qYu1Grm3 zDPyj7JgK2mDidw HchOZnfOn59QLnM nH7ErnPRXgHuWHG
DBidjQPakJHuWsk 2ftpIyZd2NLYEFS Mqcbo6QeCdk7LA1 uobl4NXzpvi8amO
Pe8xAl1OzUCoD34 MbCwtTAe1JNymvs okufV8lHU0jVnbj u4no9QB9aP2Wkjx
PfeqIH2fEtOjmFP gPMhGWslkU0M7FL QP77gPHbgjPLSD8 yIRTrbgzpAPut5R
QhIdqVlHbUOa9sI v7gSqOi0GbUlhSM 183LxZI8pIlvgn9 Ms1WNzt5Xkv0W1Q
Qf419ZmuQVPQDOk 0hffDmUk71TlfVx XZCF3voC2ysgl3g YdLz4rDRzMJgd2m
01HIbfdsoZpAMty O27WtUNRLV1iyC9 tK5ApCyekI4nWcf 2OvTHnC8ma7bloW
XAG. END SALTPACK SIGNED MESSAGE.

PGP

-----BEGIN PGP MESSAGE-----
Comment: GPGTools - https://gpgtools.org

owEBUAKv/ZANAwAKAdIkQTsc+mSQAcsgYgBWZ0C0SSBhbSBzbyBzaWNrIG9mIHRo
aXMgc2hpdAqJAhwEAAEKAAYFAlZnQLQACgkQ0iRBOxz6ZJBS9Q/+MSfWiOz5OvRt
lHTncX8Ifo7+wSKYH039vEQAUvj+rnEdlBzcJPoHDE1yZxAZT5ek5S+cxQ5bx55K
WRLvw/sAz+OU0OPHSDsqI2LjU6D+s1EvwCISkXoWlMVx5vJsEz2XGlQ8DzgBC2Jy
wPanQf1lUz0c7k0ySdCTdZ0qG1YuaYnCXsS6g/E8E7TIO++2v5EbkgYZl3Io2LcI
C9TqTHdrIc7WGTSFjwq9JIgvwfuShpccNSFQ262gSJh8rUOzzY37q81pKxDnBvEV
TMrQYY0e/JK7KMMcHDSQSeWnMxf4/v5Qex7WI55CW4++qbNvDylDi9fTpkYfXl3B
L8pbBAxMUjcJX4qVVzWcxTwSXYO29Bi4osn2klNyZHnO35kuI9XGziWCGqhVx1MW
ptNHoVjk7/Uo7k39hY0Vjltnl/SqXHq/H7YTRSgLebuhn6zqMbmFXtyHYSHGgAQ4
rcdSBta+I9tmYCnp1GmfeXff2wzsFYPUune2Hve4VghjmeU0x7OWMEl93gpznSwu
NvzyOCqFCyfEmt/R2QCXAkxwPU/Mdsd5vzEHSMkcZgW4CTr+j5YG/C3kMy7UJAGZ
ZzFAh3/Z8fCtfREF3zH48XbNh3dQXNl40bUF/AgPvLqPf35L7TCchcUAC7oiASa/
Ph/Hao4ZzCQDM76Jr/aCUJIbxyc2zco=
=eyef
-----END PGP MESSAGE-----

The changes here are small: we've reduced our characters to base62 plus some period markers, and only at the ends of words. PGP messages often get mangled by different apps, websites, and smart text processors.

Of course, saltpack can output binary, too. Either way, it's what's inside the format that matters. You can read the spec for the details.