Documentation ¶
Index ¶
- type BCCSPEncrypterEntity
- type BCCSPEncrypterSignerEntity
- type BCCSPEntity
- type BCCSPSignerEntity
- func NewECDSASignerEntity(ID string, b bccsp.BCCSP, signKeyBytes []byte) (*BCCSPSignerEntity, error)
- func NewECDSAVerifierEntity(ID string, b bccsp.BCCSP, signKeyBytes []byte) (*BCCSPSignerEntity, error)
- func NewSignerEntity(ID string, bccsp bccsp.BCCSP, sKey bccsp.Key, sOpts bccsp.SignerOpts, ...) (*BCCSPSignerEntity, error)
- type Encrypter
- type EncrypterEntity
- type EncrypterSignerEntity
- type Entity
- type SignedMessage
- type Signer
- type SignerEntity
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type BCCSPEncrypterEntity ¶ added in v1.2.0
type BCCSPEncrypterEntity struct { BCCSPEntity EKey bccsp.Key EOpts bccsp.EncrypterOpts DOpts bccsp.DecrypterOpts }
BCCSPEncrypterEntity is an implementation of the EncrypterEntity interface
func NewAES256EncrypterEntity ¶
func NewAES256EncrypterEntity(ID string, b bccsp.BCCSP, key, IV []byte) (*BCCSPEncrypterEntity, error)
NewAES256EncrypterEntity returns an encrypter entity that is capable of performing AES 256 bit encryption using PKCS#7 padding. Optionally, the IV can be provided in which case it is used during the encryption; othjerwise, a random one is generated.
func NewEncrypterEntity ¶
func NewEncrypterEntity(ID string, bccsp bccsp.BCCSP, eKey bccsp.Key, eOpts bccsp.EncrypterOpts, dOpts bccsp.DecrypterOpts) (*BCCSPEncrypterEntity, error)
NewEncrypterEntity returns an EncrypterEntity that is capable of performing encryption using i) the supplied BCCSP instance; ii) the supplied encryption key and iii) the supplied encryption and decryption options. The identifier of the entity is supplied as an argument as well - it's the caller's responsibility to choose it in a way that it is meaningful
func (*BCCSPEncrypterEntity) Decrypt ¶ added in v1.2.0
func (e *BCCSPEncrypterEntity) Decrypt(ciphertext []byte) ([]byte, error)
func (*BCCSPEncrypterEntity) Encrypt ¶ added in v1.2.0
func (e *BCCSPEncrypterEntity) Encrypt(plaintext []byte) ([]byte, error)
func (*BCCSPEncrypterEntity) Equals ¶ added in v1.2.0
func (this *BCCSPEncrypterEntity) Equals(e Entity) bool
func (*BCCSPEncrypterEntity) Public ¶ added in v1.2.0
func (pe *BCCSPEncrypterEntity) Public() (Entity, error)
type BCCSPEncrypterSignerEntity ¶ added in v1.2.0
type BCCSPEncrypterSignerEntity struct { BCCSPEncrypterEntity BCCSPSignerEntity }
BCCSPEncrypterSignerEntity is an implementation of the EncrypterSignerEntity interface
func NewAES256EncrypterECDSASignerEntity ¶
func NewAES256EncrypterECDSASignerEntity(ID string, b bccsp.BCCSP, encKeyBytes, signKeyBytes []byte) (*BCCSPEncrypterSignerEntity, error)
NewAES256EncrypterECDSASignerEntity returns an encrypter entity that is capable of performing AES 256 bit encryption using PKCS#7 padding and signing using ECDSA
func NewEncrypterSignerEntity ¶
func NewEncrypterSignerEntity(ID string, bccsp bccsp.BCCSP, eKey, sKey bccsp.Key, eOpts bccsp.EncrypterOpts, dOpts bccsp.DecrypterOpts, sOpts bccsp.SignerOpts, hOpts bccsp.HashOpts) (*BCCSPEncrypterSignerEntity, error)
NewEncrypterSignerEntity returns an EncrypterSignerEntity (which is also an EncrypterEntity) that is capable of performing encryption AND of generating signatures using i) the supplied BCCSP instance; ii) the supplied encryption and signing keys and iii) the supplied encryption, decryption, signing and hashing options. The identifier of the entity is supplied as an argument as well - it's the caller's responsibility to choose it in a way that it is meaningful
func (*BCCSPEncrypterSignerEntity) Equals ¶ added in v1.2.0
func (this *BCCSPEncrypterSignerEntity) Equals(e Entity) bool
func (*BCCSPEncrypterSignerEntity) ID ¶ added in v1.2.0
func (e *BCCSPEncrypterSignerEntity) ID() string
func (*BCCSPEncrypterSignerEntity) Public ¶ added in v1.2.0
func (pe *BCCSPEncrypterSignerEntity) Public() (Entity, error)
type BCCSPEntity ¶ added in v1.2.0
BCCSPEntity is an implementation of the Entity interface holding a BCCSP instance
func (*BCCSPEntity) ID ¶ added in v1.2.0
func (e *BCCSPEntity) ID() string
type BCCSPSignerEntity ¶ added in v1.2.0
type BCCSPSignerEntity struct { BCCSPEntity SKey bccsp.Key SOpts bccsp.SignerOpts HOpts bccsp.HashOpts }
BCCSPSignerEntity is an implementation of the SignerEntity interface
func NewECDSASignerEntity ¶ added in v1.2.0
func NewECDSASignerEntity(ID string, b bccsp.BCCSP, signKeyBytes []byte) (*BCCSPSignerEntity, error)
NewECDSASignerEntity returns a signer entity that is capable of signing using ECDSA
func NewECDSAVerifierEntity ¶ added in v1.2.0
func NewECDSAVerifierEntity(ID string, b bccsp.BCCSP, signKeyBytes []byte) (*BCCSPSignerEntity, error)
NewECDSAVerifierEntity returns a verifier entity that is capable of verifying using ECDSA
func NewSignerEntity ¶ added in v1.2.0
func NewSignerEntity(ID string, bccsp bccsp.BCCSP, sKey bccsp.Key, sOpts bccsp.SignerOpts, hOpts bccsp.HashOpts) (*BCCSPSignerEntity, error)
NewSignerEntity returns a SignerEntity
func (*BCCSPSignerEntity) Equals ¶ added in v1.2.0
func (this *BCCSPSignerEntity) Equals(e Entity) bool
func (*BCCSPSignerEntity) Public ¶ added in v1.2.0
func (e *BCCSPSignerEntity) Public() (Entity, error)
func (*BCCSPSignerEntity) Sign ¶ added in v1.2.0
func (e *BCCSPSignerEntity) Sign(msg []byte) ([]byte, error)
func (*BCCSPSignerEntity) Verify ¶ added in v1.2.0
func (e *BCCSPSignerEntity) Verify(signature, msg []byte) (bool, error)
type Encrypter ¶
type Encrypter interface { // Encrypt returns the ciphertext for the supplied plaintext message Encrypt(plaintext []byte) (ciphertext []byte, err error) // Decrypt returns the plaintext for the supplied ciphertext message Decrypt(ciphertext []byte) (plaintext []byte, err error) }
Encrypter is an interface that provides basic encrypt/decrypt capabilities
type EncrypterEntity ¶
Encrypter entity is an entity which is capable of performing encryption
func GetEncrypterEntityForTest ¶
func GetEncrypterEntityForTest(id string) (EncrypterEntity, error)
type EncrypterSignerEntity ¶
EncrypterSignerEntity is an entity which is capable of performing encryption and of generating signatures
func GetEncrypterSignerEntityForTest ¶
func GetEncrypterSignerEntityForTest(id string) (EncrypterSignerEntity, error)
type Entity ¶
type Entity interface { // ID returns an identifier for the entity; // the identifier can be set arbitrarily by // the entity's constructor in a manner that // is relevant for its usage at the cc-level ID() string // Equals compares this entity with the supplied // one and returns a boolean that is true if the // two entities are identical. This includes any // and all key material that the entity uses Equals(Entity) bool // Public returns the public version of this entity // in case asymmetric cryptography is used. If not, // Public returns itself Public() (Entity, error) }
Entity is the basic interface for all crypto entities that are used by the library to obtain cc-level encryption
type SignedMessage ¶
type SignedMessage struct { // ID contains a description of the entity signing this message ID []byte `json:"id"` // Payload contains the message that is signed Payload []byte `json:"payload"` // Sig contains a signature over ID and Payload Sig []byte `json:"sig"` }
SignedMessage is a simple struct that contains space for a payload and a signature over it, and convenience functions to sign, verify, marshal and unmarshal
func (*SignedMessage) FromBytes ¶
func (m *SignedMessage) FromBytes(d []byte) error
FromBytes populates the instance from the supplied byte array
func (*SignedMessage) Sign ¶
func (m *SignedMessage) Sign(signer Signer) error
Sign signs the SignedMessage and stores the signature in the Sig field
func (*SignedMessage) ToBytes ¶
func (m *SignedMessage) ToBytes() ([]byte, error)
ToBytes serializes the intance to bytes
func (*SignedMessage) Verify ¶
func (m *SignedMessage) Verify(verifier Signer) (bool, error)
Verify verifies the signature over Payload stored in Sig
type Signer ¶
type Signer interface { // Sign returns a signature of the supplied message (or an error) Sign(msg []byte) (signature []byte, err error) // Verify checks whether the supplied signature // over the supplied message is valid according to this interface Verify(signature, msg []byte) (valid bool, err error) }
Signer is an interface that provides basic sign/verify capabilities