Documentation ¶
Index ¶
- Constants
- func GenKeyPair(p11 *P11Handle, keyId string, keyType bccrypto.KeyType, opts *GenOpts) (bccrypto.PrivateKey, error)
- func GenSecretKey(p11 *P11Handle, keyId string, keyType bccrypto.KeyType, keySize int) (bccrypto.SymmetricKey, error)
- func GenerateBytesOTP(p11 *P11Handle, length int) ([]byte, error)
- func GenerateOTP(p11 *P11Handle, length int) (string, error)
- func NewAESKey(ctx *P11Handle, keyId []byte) (bccrypto.SymmetricKey, error)
- func NewP11ECDSAPrivateKey(p11 *P11Handle, keyId []byte, keyType P11KeyType) (bccrypto.PrivateKey, error)
- func NewP11RSAPrivateKey(p11 *P11Handle, keyId []byte, keyType P11KeyType) (bccrypto.PrivateKey, error)
- func NewPrivateKey(p11 *P11Handle, keyId string, keyType bccrypto.KeyType) (bccrypto.PrivateKey, error)
- func NewSM4Key(ctx *P11Handle, keyId []byte) (bccrypto.SymmetricKey, error)
- func NewSecretKey(p11 *P11Handle, keyId string, keyType bccrypto.KeyType) (bccrypto.SymmetricKey, error)
- type GenOpts
- type P11Handle
- func (p11 *P11Handle) Decrypt(obj pkcs11.ObjectHandle, mech *pkcs11.Mechanism, cipher []byte) ([]byte, error)
- func (p11 *P11Handle) Encrypt(obj pkcs11.ObjectHandle, mech *pkcs11.Mechanism, plain []byte) ([]byte, error)
- func (p11 *P11Handle) ExportECDSAPublicKey(id []byte, keyType P11KeyType) (interface{}, error)
- func (p11 *P11Handle) ExportRSAPublicKey(id []byte) (*rsa.PublicKey, error)
- func (p11 *P11Handle) GenKeyPair(mech *pkcs11.Mechanism, privAttrs, pubAttrs []*pkcs11.Attribute) (pri, pub *pkcs11.ObjectHandle, err error)
- func (p11 *P11Handle) GenerateKey(mech *pkcs11.Mechanism, attrs []*pkcs11.Attribute) (*pkcs11.ObjectHandle, error)
- func (p11 *P11Handle) GenerateRandom(length int) ([]byte, error)
- func (p11 *P11Handle) GetPublicKeySKI(pk bccrypto.PublicKey) ([]byte, error)
- func (p11 *P11Handle) Sign(obj pkcs11.ObjectHandle, mech *pkcs11.Mechanism, msg []byte) ([]byte, error)
- func (p11 *P11Handle) Verify(obj pkcs11.ObjectHandle, mech *pkcs11.Mechanism, msg, sig []byte) error
- type P11KeyType
Constants ¶
View Source
const ( CKK_VENDOR_DEFINED = pkcs11.CKK_VENDOR_DEFINED CKM_VENDOR_DEFINED = pkcs11.CKM_VENDOR_DEFINED )
View Source
const ( CKK_SM2 = (CKK_VENDOR_DEFINED + 4) CKK_SM3 = (CKK_VENDOR_DEFINED + 5) CKM_SM2 = (CKM_VENDOR_DEFINED + 0x8000) CKM_SM2_KEY_PAIR_GEN = (CKM_SM2 + 0x00000001) CKM_SM3_SM2 = (CKM_SM2 + 0x00000100) CKM_SM3_SM2_DER = (CKM_SM2 + 0x00000101) CKM_SM3_SM2_APPID1 = (CKM_SM2 + 0x00000102) CKM_SM3_SM2_APPID1_DER = (CKM_SM2 + 0x00000103) CKM_SM3_SM2_Z = CKM_SM3_SM2_APPID1 CKM_SM3_SM2_Z_DER = CKM_SM3_SM2_APPID1_DER CKM_SM2_SIGN = (CKM_SM2 + 0x00000104) CKM_SM2_SIGN_NO_DER = (CKM_SM2 + 0x00000105) CKM_SM2_RAW = (CKM_SM2 + 0x00000200) CKM_SM2_CIPHER_DER = (CKM_SM2 + 0x00000201) CKM_SM2_RAW_DER = CKM_SM2_CIPHER_DER CKM_SHA_160_SM2 = (CKM_SM2 + 0x00000300) CKM_SM2_SHA_160 = CKM_SHA_160_SM2 CKM_SHA_160_SM2_DER = (CKM_SM2 + 0x00000301) CKM_SM2_SHA1 = CKM_SHA_160_SM2 CKM_SM2_SHA1_DER = CKM_SHA_160_SM2_DER CKM_SHA_256_SM2 = (CKM_SM2 + 0x00000400) CKM_SM2_SHA_256 = CKM_SHA_256_SM2 CKM_SHA_256_SM2_DER = (CKM_SM2 + 0x00000401) CKM_SM3 = (CKM_VENDOR_DEFINED + 0x9000) CKM_SM3_HASH = (CKM_SM3 + 0x00000001) CKM_SM3_HASH_JIT = (CKK_VENDOR_DEFINED + 5) CKM_SM4_KEY_GEN = (CKM_VENDOR_DEFINED + 0x00000107) CKM_SM4_ECB = (CKM_VENDOR_DEFINED + 0x00000108) CKM_SM4_CBC = (CKM_VENDOR_DEFINED + 0x00000109) CKM_SM4_CTR = (CKM_VENDOR_DEFINED + 0x0000010A) CKM_SM4_XTS = (CKM_VENDOR_DEFINED + 0x0000010B) CKM_AES_XTS = (CKM_VENDOR_DEFINED + 0x0000010C) CKM_SM4 = (CKM_VENDOR_DEFINED + 0xA000) CKM_SM4_ECB_PAD = (CKM_SM4 + 0x0101) CKM_SM4_CBC_PAD = (CKM_SM4 + 0x0201) )
Variables ¶
This section is empty.
Functions ¶
func GenKeyPair ¶ added in v2.1.0
func GenSecretKey ¶ added in v2.1.0
func GenSecretKey(p11 *P11Handle, keyId string, keyType bccrypto.KeyType, keySize int) (bccrypto.SymmetricKey, error)
GenSecretKey generate a new pkcs11 secret key
func GenerateBytesOTP ¶ added in v2.1.0
func NewAESKey ¶ added in v2.1.0
func NewAESKey(ctx *P11Handle, keyId []byte) (bccrypto.SymmetricKey, error)
func NewP11ECDSAPrivateKey ¶ added in v2.1.0
func NewP11ECDSAPrivateKey(p11 *P11Handle, keyId []byte, keyType P11KeyType) (bccrypto.PrivateKey, error)
func NewP11RSAPrivateKey ¶ added in v2.1.0
func NewP11RSAPrivateKey(p11 *P11Handle, keyId []byte, keyType P11KeyType) (bccrypto.PrivateKey, error)
func NewPrivateKey ¶
func NewPrivateKey(p11 *P11Handle, keyId string, keyType bccrypto.KeyType) (bccrypto.PrivateKey, error)
NewPrivateKey returns a crypto PrivateKey which wraps a pkcs11 private key
Types ¶
type P11Handle ¶
type P11Handle struct {
// contains filtered or unexported fields
}
func New ¶
func (*P11Handle) Decrypt ¶ added in v2.1.0
func (p11 *P11Handle) Decrypt(obj pkcs11.ObjectHandle, mech *pkcs11.Mechanism, cipher []byte) ([]byte, error)
Decrypt decrypts the input with a given mechanism.
func (*P11Handle) Encrypt ¶ added in v2.1.0
func (p11 *P11Handle) Encrypt(obj pkcs11.ObjectHandle, mech *pkcs11.Mechanism, plain []byte) ([]byte, error)
Encrypt encrypts a plaintext with a given mechanism.
func (*P11Handle) ExportECDSAPublicKey ¶ added in v2.1.0
func (p11 *P11Handle) ExportECDSAPublicKey(id []byte, keyType P11KeyType) (interface{}, error)
ExportECDSAPublicKey export a ecdsa/sm2 public key of pkcs11 ecdsa/sm2 private key
func (*P11Handle) ExportRSAPublicKey ¶ added in v2.1.0
ExportRSAPublicKey export a rsa public key of pkcs11 rsa private key
func (*P11Handle) GenKeyPair ¶ added in v2.1.0
func (p11 *P11Handle) GenKeyPair(mech *pkcs11.Mechanism, privAttrs, pubAttrs []*pkcs11.Attribute) (pri, pub *pkcs11.ObjectHandle, err error)
GenKeyPair returns asym keypair
func (*P11Handle) GenerateKey ¶ added in v2.1.0
func (p11 *P11Handle) GenerateKey(mech *pkcs11.Mechanism, attrs []*pkcs11.Attribute) (*pkcs11.ObjectHandle, error)
GenerateKey returns sym key
func (*P11Handle) GenerateRandom ¶ added in v2.1.0
func (*P11Handle) GetPublicKeySKI ¶
type P11KeyType ¶ added in v2.1.0
type P11KeyType string
const ( RSA P11KeyType = "RSA" ECDSA P11KeyType = "ECDSA" SM2 P11KeyType = "SM2" AES P11KeyType = "AES" SM4 P11KeyType = "SM4" UNKNOWN P11KeyType = "UNKNOWN" )
Click to show internal directories.
Click to hide internal directories.