Documentation ¶
Overview ¶
Package webcrypto implements the WebCrypto API specification (https://www.w3.org/TR/WebCryptoAPI/).
Package webcrypto implements the WebCrypto API specification (https://www.w3.org/TR/WebCryptoAPI/).
Package webcrypto implements the WebCrypto API specification (https://www.w3.org/TR/WebCryptoAPI/).
Package webcrypto implements the WebCrypto API specification (https://www.w3.org/TR/WebCryptoAPI/).
Package webcrypto implements the WebCrypto API specification (https://www.w3.org/TR/WebCryptoAPI/).
Package webcrypto implements the WebCrypto API specification (https://www.w3.org/TR/WebCryptoAPI/).
Index ¶
- Constants
- func GetRandomValues(b []byte) error
- func RandomUUID() string
- func RegisterAlgorithm(name string, subtle SubtleCrypto)
- type Algorithm
- type CryptoKey
- type CryptoKeyPair
- type Error
- type JsonWebKey
- type KeyAlgorithm
- type KeyFormat
- type KeyType
- type KeyUsage
- type RsaOtherPrimesInfo
- type SubtleCrypto
Constants ¶
const ( Encrypt KeyUsage = "encrypt" // The key may be used to encrypt messages. Decrypt KeyUsage = "decrypt" // The key may be used to decrypt messages. Sign KeyUsage = "sign" // The key may be used to sign messages. Verify KeyUsage = "verify" // The key may be used to verify signatures. DeriveKey KeyUsage = "deriveKey" // The key may be used in deriving a new key. DeriveBits KeyUsage = "deriveBits" // The key may be used in deriving bits. WrapKey KeyUsage = "wrapKey" // The key may be used to wrap a key. UnwrapKey KeyUsage = "unwrapKey" // The key may be used to unwrap a key. Secret KeyType = "secret" Private KeyType = "private" Public KeyType = "public" )
Variables ¶
This section is empty.
Functions ¶
func GetRandomValues ¶
GetRandomValues generates cryptographically strong random values. See §10.1.1 (https://w3c.github.io/webcrypto/#Crypto-method-getRandomValues)
func RandomUUID ¶
func RandomUUID() string
RandomUUID generates a new version 4 UUID and returns its namespace specific string representation as described in section 3 of [RFC4122]. See §10.1.2 (https://w3c.github.io/webcrypto/#Crypto-method-randomUUID)
func RegisterAlgorithm ¶
func RegisterAlgorithm(name string, subtle SubtleCrypto)
RegisterAlgorithm will register SubtleCrypto implementations referenced by the algorithm name provided. When fn gets called, it should return a NEW instance of the implementation.
Types ¶
type Algorithm ¶
Algorithm implements the Algorithm dictionary type as specified at §11 https://www.w3.org/TR/WebCryptoAPI/#algorithm-dictionary.
The WebCrypto spec has specific algorithm params extend Algorithm however in Go it can be messy when 'extending' structs so we keep it simple here by having specific algorithm params set in the Params field. This keeps things consistent and simple.
type CryptoKey ¶
type CryptoKey interface { // Type refers to the type of key the object represents. It may take one of the following values: // "secret", "private" or "public". Type() KeyType // A boolean value indicating whether or not the key may be extracted // using SubtleCrypto.ExportKey() or SubtleCrypto.WrapKey(). Extractable() bool // An object describing the algorithm for which this key can be used and any associated extra parameters. Algorithm() KeyAlgorithm // An Array of strings, indicating what can be done with the key. Possible values for array // elements are "encrypt", "decrypt", "sign", "verify", "deriveKey", "deriveBits", "wrapKey", // and "unwrapKey". Usages() []KeyUsage }
CryptoKey represents a cryptographic key obtained from one of the SubtleCrypto methods GenerateKey(), DeriveKey(), ImportKey(), or UnwrapKey(). See §13. (https://w3c.github.io/webcrypto/#cryptokey-interface).
type CryptoKeyPair ¶
CryptoKeyPair represents an asymmetric key pair that is comprised of both public (PublicKey) and private (PrivateKey) keys. See §17. (https://w3c.github.io/webcrypto/#keypair)
func NewCryptoKeyPair ¶
func NewCryptoKeyPair(public CryptoKey, private CryptoKey) CryptoKeyPair
NewCryptoKeyPair creates a new key pair from the public and private keys. This function shouldn't be called from your application. It is called from the implementing algorithms when returning key pairs from the GenerateKey function. Use Subtle().GenerateKey() to get your key pairs.
type Error ¶
func ErrInvalidUsages ¶
ErrInvalidUsages helper function that returns a ErrSyntaxError for invalid usages.
func ErrMethodNotSupported ¶
func ErrMethodNotSupported() Error
ErrMethodNotSupported helper function that returns an ErrNotSupportedError.
type JsonWebKey ¶
type JsonWebKey struct { // The following fields are defined in Section 3.1 of JSON Web Key Kty string `json:"kty,omitempty"` Use string `json:"use,omitempty"` KeyOps []KeyUsage `json:"key_ops,omitempty"` Alg string `json:"alg,omitempty"` // The following fields are defined in JSON Web Key Parameters Registration Ext bool `json:"ext,omitempty"` // The following fields are defined in Section 6 of JSON Web Algorithms Crv string `json:"crv,omitempty"` X string `json:"x,omitempty"` Y string `json:"y,omitempty"` D string `json:"d,omitempty"` N string `json:"n,omitempty"` E string `json:"e,omitempty"` P string `json:"p,omitempty"` Q string `json:"q,omitempty"` Dp string `json:"dp,omitempty"` Dq string `json:"dq,omitempty"` Qi string `json:"qi,omitempty"` Oth []RsaOtherPrimesInfo `json:"oth,omitempty"` K string `json:"k,omitempty"` }
type KeyAlgorithm ¶
type KeyAlgorithm interface {
Name() string
}
KeyAlgorithm implements the KeyAlgorithm dictionary type as specified at §12 https://www.w3.org/TR/WebCryptoAPI/#dfn-KeyAlgorithm.
We use an interface here because this is the algorithm that is part of a CryptoKey and we don't want the values changed.
type RsaOtherPrimesInfo ¶
type SubtleCrypto ¶
type SubtleCrypto interface { // Decrypt will decrypt data using the specified Algorithm with the supplied CryptoKey. // See §14.2.2 (https://w3c.github.io/webcrypto/#SubtleCrypto-method-decrypt) Decrypt(algorithm *Algorithm, key CryptoKey, data []byte) ([]byte, error) // DeriveBits can be used to derive an array of bits from a base key. // See §14.2.8 (https://w3c.github.io/webcrypto/#SubtleCrypto-method-deriveBits) DeriveBits(algorithm *Algorithm, baseKey CryptoKey, length uint64) ([]byte, error) // DeriveKey can be used to derive a secret key from a master key. // See §14.2.7 (https://w3c.github.io/webcrypto/#SubtleCrypto-method-deriveKey) DeriveKey(algorithm *Algorithm, baseKey CryptoKey, derivedKeyType *Algorithm, extractable bool, keyUsages []KeyUsage) (CryptoKey, error) // Digrest generates a digest of the given data. A digest is a short fixed-length value // derived from some variable-length input. Cryptographic digests should exhibit collision-resistance, // meaning that it's hard to come up with two different inputs that have the same digest value. // See §14.2.5 (https://w3c.github.io/webcrypto/#SubtleCrypto-method-digest) Digest(algorithm *Algorithm, data []byte) ([]byte, error) // Encrypt will encrypt data using the specified AlgorithmIdentifier with the supplied CryptoKey. // See §14.2.1 (https://w3c.github.io/webcrypto/#SubtleCrypto-method-encrypt) Encrypt(algorithm *Algorithm, key CryptoKey, data []byte) ([]byte, error) // ExportKey exports a key: that is, it takes as input a CryptoKey object and gives you the key // in an external, portable format. // See §14.2.10 (https://w3c.github.io/webcrypto/#SubtleCrypto-method-exportKey) ExportKey(format KeyFormat, key CryptoKey) (any, error) // GenerateKey generates a new key (for symmetric algorithms) or key pair (for public-key algorithms). // See §14.2.6 (https://w3c.github.io/webcrypto/#SubtleCrypto-method-generateKey) GenerateKey(algorithm *Algorithm, extractable bool, keyUsages []KeyUsage) (any, error) // ImportKey imports a key: that is, it takes as input a key in an external, portable format and // gives you a CryptoKey object that you can use in the Web Crypto API. // See §14.2.9 (https://w3c.github.io/webcrypto/#SubtleCrypto-method-importKey) ImportKey(format KeyFormat, keyData any, algorithm *Algorithm, extractable bool, keyUsages []KeyUsage) (CryptoKey, error) // Sign generates a digital signature. // See §14.2.3 (https://w3c.github.io/webcrypto/#SubtleCrypto-method-sign) Sign(algorithm *Algorithm, key CryptoKey, data []byte) ([]byte, error) // UnwrapKey "unwraps" a key. This means that it takes as its input a key that has been exported and // then encrypted (also called "wrapped"). It decrypts the key and then imports it, returning a CryptoKey // object that can be used in the Web Crypto API. // See §14.2.12 (https://w3c.github.io/webcrypto/#SubtleCrypto-method-unwrapKey) UnwrapKey(format KeyFormat, wrappedKey []byte, unwrappingKey CryptoKey, unwrapAlgorithm *Algorithm, unwrappedKeyAlgorithm *Algorithm, extractable bool, keyUsages []KeyUsage) (CryptoKey, error) // Verify verifies a digital signature. // See §14.2.4 (https://w3c.github.io/webcrypto/#SubtleCrypto-method-verify) Verify(algorithm *Algorithm, key CryptoKey, signature []byte, data []byte) (bool, error) // WrapKey "wraps" a key. This means that it exports the key in an external, portable format, then encrypts // the exported key. Wrapping a key helps protect it in untrusted environments, such as inside an otherwise // unprotected data store or in transmission over an unprotected network. // See §14.2.11 (https://w3c.github.io/webcrypto/#SubtleCrypto-method-wrapKey) WrapKey(format KeyFormat, key CryptoKey, wrappingKey CryptoKey, wrapAlgorithm *Algorithm) (any, error) }
SubtleCrypto interface provides a set of methods for dealing with low-level cryptographic primitives and algorithms. See §14. (https://w3c.github.io/webcrypto/#subtlecrypto-interface)
func Subtle ¶
func Subtle() SubtleCrypto
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
algorithms
|
|
ecdsa
Package ecdsa implements ECDSA operations as described in the specifications at §23 (https://www.w3.org/TR/WebCryptoAPI/#ecdsa).
|
Package ecdsa implements ECDSA operations as described in the specifications at §23 (https://www.w3.org/TR/WebCryptoAPI/#ecdsa). |
hmac
Package hmac implements HMAC operations as described in the specifications at §29 (https://www.w3.org/TR/WebCryptoAPI/#hmac).
|
Package hmac implements HMAC operations as described in the specifications at §29 (https://www.w3.org/TR/WebCryptoAPI/#hmac). |
rsa
Package rsa implements RSA operations; RSA-OAEP as specified in §30 (https://www.w3.org/TR/WebCryptoAPI/#rsa-oaep).
|
Package rsa implements RSA operations; RSA-OAEP as specified in §30 (https://www.w3.org/TR/WebCryptoAPI/#rsa-oaep). |
sha
Package sha implements the SHA operations as specified in §30 (https://www.w3.org/TR/WebCryptoAPI/#sha)
|
Package sha implements the SHA operations as specified in §30 (https://www.w3.org/TR/WebCryptoAPI/#sha) |
examples
|
|
Package util contains utility functions.
|
Package util contains utility functions. |