rsa

package standard library

go1.24rc1 Latest Latest Go to latest Published: Dec 13, 2024 License: BSD-3-Clause Imports: 12 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

cs.opensource.google/go/go

Links

Report a Vulnerability

Documentation ¶

Index ¶

Variables
func DecryptOAEP(hash, mgfHash fips140.Hash, priv *PrivateKey, ciphertext []byte, label []byte) ([]byte, error)
func DecryptWithCheck(priv *PrivateKey, ciphertext []byte) ([]byte, error)
func DecryptWithoutCheck(priv *PrivateKey, ciphertext []byte) ([]byte, error)
func Encrypt(pub *PublicKey, plaintext []byte) ([]byte, error)
func EncryptOAEP(hash, mgfHash fips140.Hash, random io.Reader, pub *PublicKey, msg []byte, ...) ([]byte, error)
func PSSMaxSaltLength(pub *PublicKey, hash fips140.Hash) (int, error)
func SignPKCS1v15(priv *PrivateKey, hash string, hashed []byte) ([]byte, error)
func SignPSS(rand io.Reader, priv *PrivateKey, hash fips140.Hash, hashed []byte, ...) ([]byte, error)
func VerifyPKCS1v15(pub *PublicKey, hash string, hashed []byte, sig []byte) error
func VerifyPSS(pub *PublicKey, hash fips140.Hash, digest []byte, sig []byte) error
func VerifyPSSWithSaltLength(pub *PublicKey, hash fips140.Hash, digest []byte, sig []byte, saltLength int) error
type PrivateKey
- func (priv *PrivateKey) Export() (N []byte, e int, d, P, Q, dP, dQ, qInv []byte)
- func (priv *PrivateKey) PublicKey() *PublicKey
type PublicKey
- func (pub *PublicKey) Size() int

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrDecryption = errors.New("crypto/rsa: decryption error")

View Source

var ErrMessageTooLong = errors.New("crypto/rsa: message too long for RSA key size")

View Source

var ErrVerification = errors.New("crypto/rsa: verification error")

Functions ¶

func DecryptOAEP ¶

func DecryptOAEP(hash, mgfHash fips140.Hash, priv *PrivateKey, ciphertext []byte, label []byte) ([]byte, error)

DecryptOAEP decrypts ciphertext using RSAES-OAEP.

func DecryptWithCheck ¶

func DecryptWithCheck(priv *PrivateKey, ciphertext []byte) ([]byte, error)

DecryptWithCheck performs the RSA private key operation and checks the result to defend against errors in the CRT computation.

func DecryptWithoutCheck ¶

func DecryptWithoutCheck(priv *PrivateKey, ciphertext []byte) ([]byte, error)

DecryptWithoutCheck performs the RSA private key operation.

func Encrypt ¶

func Encrypt(pub *PublicKey, plaintext []byte) ([]byte, error)

Encrypt performs the RSA public key operation.

func EncryptOAEP ¶

func EncryptOAEP(hash, mgfHash fips140.Hash, random io.Reader, pub *PublicKey, msg []byte, label []byte) ([]byte, error)

EncryptOAEP encrypts the given message with RSAES-OAEP.

func PSSMaxSaltLength ¶

func PSSMaxSaltLength(pub *PublicKey, hash fips140.Hash) (int, error)

PSSMaxSaltLength returns the maximum salt length for a given public key and hash function.

func SignPKCS1v15 ¶

func SignPKCS1v15(priv *PrivateKey, hash string, hashed []byte) ([]byte, error)

SignPKCS1v15 calculates an RSASSA-PKCS1-v1.5 signature.

hash is the name of the hash function as returned by crypto.Hash.String or the empty string to indicate that the message is signed directly.

func SignPSS ¶

func SignPSS(rand io.Reader, priv *PrivateKey, hash fips140.Hash, hashed []byte, saltLength int) ([]byte, error)

SignPSS calculates the signature of hashed using RSASSA-PSS.

func VerifyPKCS1v15 ¶

func VerifyPKCS1v15(pub *PublicKey, hash string, hashed []byte, sig []byte) error

VerifyPKCS1v15 verifies an RSASSA-PKCS1-v1.5 signature.

hash is the name of the hash function as returned by crypto.Hash.String or the empty string to indicate that the message is signed directly.

func VerifyPSS ¶

func VerifyPSS(pub *PublicKey, hash fips140.Hash, digest []byte, sig []byte) error

VerifyPSS verifies sig with RSASSA-PSS automatically detecting the salt length.

func VerifyPSSWithSaltLength ¶

func VerifyPSSWithSaltLength(pub *PublicKey, hash fips140.Hash, digest []byte, sig []byte, saltLength int) error

VerifyPSS verifies sig with RSASSA-PSS and an expected salt length.

Types ¶

type PrivateKey ¶

type PrivateKey struct {
	// contains filtered or unexported fields
}

func GenerateKey ¶

func GenerateKey(rand io.Reader, bits int) (*PrivateKey, error)

GenerateKey generates a new RSA key pair of the given bit size. bits must be at least 128.

func NewPrivateKey ¶

func NewPrivateKey(N []byte, e int, d, P, Q []byte) (*PrivateKey, error)

NewPrivateKey creates a new RSA private key from the given parameters.

All values are in big-endian byte slice format, and may have leading zeros or be shorter if leading zeroes were trimmed.

func NewPrivateKeyWithPrecomputation ¶

func NewPrivateKeyWithPrecomputation(N []byte, e int, d, P, Q, dP, dQ, qInv []byte) (*PrivateKey, error)

NewPrivateKeyWithPrecomputation creates a new RSA private key from the given parameters, which include precomputed CRT values.

func NewPrivateKeyWithoutCRT ¶

func NewPrivateKeyWithoutCRT(N []byte, e int, d []byte) (*PrivateKey, error)

NewPrivateKeyWithoutCRT creates a new RSA private key from the given parameters.

This is meant for deprecated multi-prime keys, and is not FIPS 140 compliant.

func (*PrivateKey) Export ¶

func (priv *PrivateKey) Export() (N []byte, e int, d, P, Q, dP, dQ, qInv []byte)

Export returns the key parameters in big-endian byte slice format.

P, Q, dP, dQ, and qInv may be nil if the key was created with NewPrivateKeyWithoutCRT.

func (*PrivateKey) PublicKey ¶

func (priv *PrivateKey) PublicKey() *PublicKey

type PublicKey ¶

type PublicKey struct {
	N *bigmod.Modulus
	E int
}

func (*PublicKey) Size ¶

func (pub *PublicKey) Size() int

Size returns the modulus size in bytes. Raw signatures and ciphertexts for or by this public key will have the same size.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL