Versions in this module Expand all Collapse all v0 v0.2.1 May 25, 2024 Changes in this version + const PW1forPSO + var ErrAlgAttrsNotChangeable = errors.New("algorithm attributes are not changeable") + var ErrMismatchingAlgorithms = errors.New("mismatching key algorithms") + var ErrPubkeyRequired = fmt.Errorf("missing public key: not present on card") + var ErrUnsupported = errors.New("unsupported") + var ErrUnsupportedCurve = fmt.Errorf("%w curve", ErrUnsupported) + var ErrUnsupportedKeyType = fmt.Errorf("%w key attributes", ErrUnsupported) + var ICV = []byte + type AID struct + Application byte + Manufacturer Manufacturer + RID iso.RID + Serial [4]byte + Version iso.Version + func (aid *AID) Decode(b []byte) error type AlgorithmAttributes + func (a AlgorithmAttributes) Compatible(b AlgorithmAttributes) bool + type BlockCipher struct + func (k *BlockCipher) Decrypt(ct []byte) ([]byte, error) + func (k *BlockCipher) Encrypt(pt []byte) ([]byte, error) + func (k BlockCipher) BlockSize() int type Card + func (c *Card) BlockCipher() *BlockCipher + func (c *Card) ImportKeyAES(key []byte) error + func (c *Card) SetPasswordMode(mode PasswordMode) error + func (c *Card) SetUserInteractionMode(op SecurityOperation, mode UserInteractionMode, feat GeneralFeatures) error type Curve + func (c Curve) AlgAttrs() AlgorithmAttributes + func (c Curve) ECDH() ecdh.Curve + func (c Curve) ECDSA() elliptic.Curve + func (c Curve) OID() []byte + type KeyRef byte + const KeyAttest + const KeyAuthn + const KeyDecrypt + const KeySign + func (r KeyRef) String() string + type KeyStatus byte + const KeyGenerated + const KeyImported + const KeyNotPresent + type PasswordMode struct + RequirePW1ForEachSignature bool + UsePINBlockFormat2ForPW1 bool + type PrivateKeyECDH struct + func (k *PrivateKeyECDH) ECDH(peer *ecdh.PublicKey) ([]byte, error) + func (k *PrivateKeyECDH) Public() crypto.PublicKey + type PrivateKeyECDSA struct + func (k *PrivateKeyECDSA) Decrypt(_ io.Reader, _ []byte, _ crypto.DecrypterOpts) (plaintext []byte, err error) + func (k *PrivateKeyECDSA) Public() crypto.PublicKey + func (k *PrivateKeyECDSA) Sign(_ io.Reader, digest []byte, opts crypto.SignerOpts) (signature []byte, err error) + type PrivateKeyEdDSA struct + func (k PrivateKeyEdDSA) Public() crypto.PublicKey + func (k PrivateKeyEdDSA) Sign(_ io.Reader, digest []byte, opts crypto.SignerOpts) (signature []byte, err error) + type PrivateKeyRSA struct + func (k *PrivateKeyRSA) Bits() int + func (k *PrivateKeyRSA) Decrypt(_ io.Reader, _ []byte, _ crypto.DecrypterOpts) (plaintext []byte, err error) + func (k *PrivateKeyRSA) Public() crypto.PublicKey + func (k *PrivateKeyRSA) Sign(_ io.Reader, _ []byte, _ crypto.SignerOpts) (signature []byte, err error) type SecurityOperation + const SecurityOperationAttest + type UIF struct + Feature GeneralFeatures + Mode UserInteractionMode + func (uif *UIF) Decode(b []byte) error + func (uif UIF) Encode() []byte v0.2.0 Nov 29, 2023 v0.1.0 Nov 28, 2023 Changes in this version + const GeneralFeatureBiometric + const GeneralFeatureButton + const GeneralFeatureDisplay + const GeneralFeatureKeyPad + const GeneralFeatureLED + const GeneralFeatureMicrophone + const GeneralFeatureSpeaker + const GeneralFeatureTouchscreen + const PW1 + const PW3 + const RC + var DefaultPW = map[byte]string + var DefaultPW1 = "123456" + var DefaultPW3 = "12345678" + var ErrInvalidLength = errors.New("invalid length") + type AlgHash byte + const AlgHashMD5 + const AlgHashRIPEMD160 + const AlgHashSHA1 + const AlgHashSHA224 + const AlgHashSHA256 + const AlgHashSHA384 + const AlgHashSHA512 + type AlgKDF byte + const AlgKDFIterSaltedS2K + const AlgKDFNone + type AlgPubkey byte + const AlgPubkeyDSA + const AlgPubkeyDil3_25519 + const AlgPubkeyDil5_448 + const AlgPubkeyECDH + const AlgPubkeyECDSA + const AlgPubkeyEdDSA + const AlgPubkeyElgamalEncOnly + const AlgPubkeyElgamalEncSignOnly + const AlgPubkeyKy1024_448 + const AlgPubkeyKy768_25519 + const AlgPubkeyRSA + const AlgPubkeyRSAEncOnly + const AlgPubkeyRSASignOnly + const AlgPubkeySPHINXSHA2 + func (a AlgPubkey) String() string + type AlgSymmetric byte + const AlgSymAES128 + const AlgSymAES192 + const AlgSymAES256 + const AlgSymBlowfish + const AlgSymCAST5 + const AlgSymIDEA + const AlgSymPlaintext + const AlgSymTripleDES + const AlgSymTwofish + type AlgorithmAttributes struct + Algorithm AlgPubkey + ImportFormat ImportFormat + LengthExponent uint16 + LengthModulus uint16 + OID []byte + func EC(curve Curve) AlgorithmAttributes + func RSA(bits int) AlgorithmAttributes + func (a *AlgorithmAttributes) Decode(b []byte) error + func (a AlgorithmAttributes) Curve() Curve + func (a AlgorithmAttributes) Encode() (b []byte) + func (a AlgorithmAttributes) Equal(ab AlgorithmAttributes) bool + func (a AlgorithmAttributes) String() string + type ApplicationIdentifier struct + Application byte + Manufacturer Manufacturer + RID iso.RID + Serial [4]byte + Version iso.Version + func (aid *ApplicationIdentifier) Decode(b []byte) error + type ApplicationRelated struct + AID ApplicationIdentifier + Capabilities ExtendedCapabilities + Features GeneralFeatures + HistoricalBytes iso.HistoricalBytes + Keys [4]KeyInfo + LengthInfo ExtendedLengthInfo + PasswordStatus PasswordStatus + func (ar *ApplicationRelated) Decode(b []byte) (err error) + type AuthError struct + Retries int + func (v AuthError) Error() string + type Card struct + Clock func() time.Time + Rand io.Reader + func NewCard(sc *iso.Card) (c *Card, err error) + func (c *Card) AlgorithmAttributes(slot Slot) (attrs AlgorithmAttributes, err error) + func (c *Card) Challenge(cnt int) ([]byte, error) + func (c *Card) ChangePassword(pwType byte, pwCurrent, pwNew string) error + func (c *Card) ChangeResettingCode(rc string) error + func (c *Card) ClearPasswordState(pwType byte) error + func (c *Card) ClearResettingCode() error + func (c *Card) Close() error + func (c *Card) DecryptAES(pt []byte) (ct []byte, err error) + func (c *Card) EncryptAES(pt []byte) (ct []byte, err error) + func (c *Card) FactoryReset() error + func (c *Card) GenerateKey(slot Slot, attrs AlgorithmAttributes) (crypto.PrivateKey, error) + func (c *Card) GetApplicationRelatedData() (ar *ApplicationRelated, err error) + func (c *Card) GetCardholder() (ch *Cardholder, err error) + func (c *Card) GetCardholderCertificate(slot Slot) ([]byte, error) + func (c *Card) GetCardholderCertificates() ([][]byte, error) + func (c *Card) GetKDF() (k *KDF, err error) + func (c *Card) GetLoginData() (string, error) + func (c *Card) GetPasswordStatus() (*PasswordStatus, error) + func (c *Card) GetPublicKeyURL() (*url.URL, error) + func (c *Card) GetSecuritySupportTemplate() (sst *SecuritySupportTemplate, err error) + func (c *Card) GetSignatureCounter() (int, error) + func (c *Card) ImportKey(_ Slot, _ crypto.PrivateKey) error + func (c *Card) ManageSecurityEnvironment(op SecurityOperation, slot Slot) error + func (c *Card) PasswordState(pwType byte) (bool, error) + func (c *Card) PrivateData(index int) ([]byte, error) + func (c *Card) PrivateKey(slot Slot) (crypto.PrivateKey, error) + func (c *Card) ResetRetryCounter(newPw string) error + func (c *Card) ResetRetryCounterWithResettingCode(rc, newPw string) error + func (c *Card) Select() error + func (c *Card) SetCardholder(ch Cardholder) error + func (c *Card) SetLanguage(lang string) error + func (c *Card) SetLoginData(login string) error + func (c *Card) SetName(name string) error + func (c *Card) SetPrivateData(index int, b []byte) error + func (c *Card) SetPublicKeyURL(url *url.URL) error + func (c *Card) SetRetryCounters(pw1, rc, pw3 byte) error + func (c *Card) SetSex(sex Sex) error + func (c *Card) SetupKDF(alg AlgKDF, iterations int, pw1, pw3 string) (err error) + func (c *Card) SupportedAlgorithms() (map[Slot][]AlgorithmAttributes, error) + func (c *Card) VerifyPassword(pwType byte, pw string) (err error) + type Cardholder struct + Language string + Name string + Sex Sex + func (ch *Cardholder) Decode(b []byte) (err error) + type Curve byte + const CurveANSIx9p256r1 + const CurveANSIx9p384r1 + const CurveANSIx9p521r1 + const CurveBrainpoolP256r1 + const CurveBrainpoolP384r1 + const CurveBrainpoolP512r1 + const CurveEd25519 + const CurveEd448 + const CurveSecp256k1 + const CurveUnknown + const CurveX25519 + const CurveX448 + func (c Curve) String() string + type ECDHKey interface + SharedKey func(peer ECPublicKey) ([]byte, error) + type ECPublicKey interface + Bytes func() []byte + Curve func() Curve + Equal func(x crypto.PublicKey) bool + type ExtendedCapabilities struct + AlgSM byte + CommandMSE byte + Flags ExtendedCapabilitiesFlag + MaxLenCardholderCert uint16 + MaxLenChallenge uint16 + MaxLenSpecialDO uint16 + Pin2BlockFormat byte + func (ec *ExtendedCapabilities) Decode(b []byte) error + type ExtendedCapabilitiesFlag byte + const CapAES + const CapAlgAttrsChangeable + const CapGetChallenge + const CapKDF + const CapKeyImport + const CapPasswordStatusChangeable + const CapPrivateDO + const CapSecureMessaging + type ExtendedLengthInfo struct + MaxCommandLength uint16 + MaxResponseLength uint16 + func (li *ExtendedLengthInfo) Decode(b []byte) error + type Fingerprint [20]byte + type GeneralFeatures byte + func (gf *GeneralFeatures) Decode(b []byte) error + type ImportFormat byte + const ImportFormatECDSAStdWithPublicKey + const ImportFormatRSACRT + const ImportFormatRSACRTWithModulus + const ImportFormatRSAStd + const ImportFormatRSAStdWithModulus + type KDF struct + Algorithm AlgKDF + HashAlgorithm AlgHash + InitialHashPW1 []byte + InitialHashPW3 []byte + Iterations int + SaltPW1 [8]byte + SaltPW3 [8]byte + SaltRC [8]byte + func (k *KDF) Decode(b []byte) (err error) + func (k *KDF) DerivePassword(pwType byte, pw string) ([]byte, error) + func (k *KDF) Encode() ([]byte, error) + type KeyInfo struct + AlgAttrs AlgorithmAttributes + Fingerprint []byte + FingerprintCA []byte + GenerationTime time.Time + Reference byte + Status Status + UIF UserInteractionFlag + type LifeCycleStatus byte + const LifeCycleStatusInitialized + const LifeCycleStatusNoInfo + const LifeCycleStatusOperational + type Manufacturer uint16 + const ManufacturerYubico + func (m Manufacturer) String() string + type PasswordStatus struct + AttemptsPW1 uint8 + AttemptsPW3 uint8 + AttemptsRC uint8 + LengthPW1 uint8 + LengthPW3 uint8 + LengthRC uint8 + ValidityPW1 uint8 + func (ps *PasswordStatus) Decode(b []byte) error + type SecurityOperation byte + const SecurityOperationAuthenticate + const SecurityOperationDecrypt + const SecurityOperationSign + type SecuritySupportTemplate struct + CardHolderCerts [3][]byte + SignatureCounter int + func (sst *SecuritySupportTemplate) Decode(b []byte) (err error) + type Sex byte + const SexFemale + const SexMale + const SexNotApplicable + const SexUnknown + func (s Sex) String() string + type Slot byte + const SlotAttest + const SlotAuthn + const SlotDecrypt + const SlotSign + func (s Slot) String() string + type Status byte + const StatusKeyGenerated + const StatusKeyImported + const StatusKeyNotPresent + type UserInteractionFlag struct + Feature byte + Mode UserInteractionMode + func (uif *UserInteractionFlag) Decode(b []byte) error + type UserInteractionMode byte + const UserInteractionCached + const UserInteractionCachedFixed + const UserInteractionDisabled + const UserInteractionEnabled + const UserInteractionEnabledFixed