webcrypto

package module
v0.1.0-alpha.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 14, 2024 License: Apache-2.0 Imports: 4 Imported by: 0

README

webcrypto-go test

An implementation of the W3C Web Cryptography API specification (https://www.w3.org/TR/WebCryptoAPI/) for Go using Go's standard crypto library.

[!IMPORTANT]
Whilst we try to ensure that we don't commit breaking changes until we release our first major version, there may be times where decisions made during early development no longer make sense and therefore require breaking changes. Please be mindful of this when updating your version of this library until we hit v1.0.0.

Contents

Background

The Web Cryptography API is an open standard developed by the W3C and "defines a low-level interface to interacting with cryptographic key material that is managed or exposed by user agents" (https://www.w3.org/TR/WebCryptoAPI/).

Although the Web Cryptography API was developed for JavaScript, the way we use cryptographic functions in applications across programming languages is unique to the language itself. This library aims to keep these operations consistent across languages so that developers can use documentation and knowledge from a well known open-standard to develop their applications easily and consistently. Cryptography is hard, and we hope this library can help all developers on their cryptographic journey.

The documentation and references used throughout this library come from the amazing authors at:

Implementation status

This library is still in active development and all algorithms are not yet supported. While we continue working on implementations that we think are priority, we welcome feedback and contributions from our open-source community. Below are algorithms and their usages that have been implemented.

Algorithm encrypt decrypt sign verify digest generateKey deriveKey deriveBits importKey exportKey wrapKey unwrapKey
ECDSA
HMAC
RSA-OAEP
SHA

Getting started

go get github.com/armortal/webcrypto-go

Algorithms

When passing algorithm params into subtle functions, we use the webcrypto.Algorithm struct. It has the following properties:

Field Type Description
Name string The algorithm name.
Params any The algorithm parameters as defined by the parameters described by that algorithm in the WebCrypto specification.

See specific algorithms for the parameter types to be passed in.

ECDSA

The ECDSA algorithm is the implementation of operations described in §23 of the W3C specification.

import "github.com/armortal/webcrypto-go/algorithms/ecdsa"

Parameter Definitions

Below are the parameters that supported ECDSA operations will take according to §23.2.

Params

As specified in §23.3

Field Type Description
Hash string The hash algorithm to use. See the supported hash algorithms
KeyGenParams

As specified in §23.4

Field Type Description
NamedCurve string A valid named curve. One of P-256, P-384, or P-521.
KeyImportParams

As specified in §23.6

Field Type Description
NamedCurve string A valid named curve. One of P-256, P-384, or P-521.
Examples
package main

import (
	"fmt"

	"github.com/armortal/webcrypto-go"
	"github.com/armortal/webcrypto-go/algorithms/ecdsa"
)

func main() {
	// generate a new P-256 ECDSA key
	key, err := webcrypto.Subtle().GenerateKey(
		&webcrypto.Algorithm{
			Name: "ECDSA",
			Params: &ecdsa.KeyGenParams{
				NamedCurve: "P-256",
			},
		}, true, []webcrypto.KeyUsage{
			webcrypto.Sign,
			webcrypto.Verify,
		})
	if err != nil {
		panic(err)
	}

	// key returned is a webcrypto.CryptoKeyPair that contains two *ecdsa.CryptoKey
	cryptoKeyPair := key.(webcrypto.CryptoKeyPair)

	// sign some data with the private key
	sig, err := webcrypto.Subtle().Sign(&webcrypto.Algorithm{
		Name: "ECDSA",
		Params: &ecdsa.Params{
			Hash: "SHA-256",
		},
	}, cryptoKeyPair.PrivateKey(), []byte("test"))
	if err != nil {
		panic(err)
	}

	// verify the signature with the public key
	ok, err := webcrypto.Subtle().Verify(&webcrypto.Algorithm{
		Name: "ECDSA",
		Params: &ecdsa.Params{
			Hash: "SHA-256",
		},
	}, cryptoKeyPair.PublicKey(), sig, []byte("test"))
	if err != nil {
		panic(err)
	}

	if !ok {
		panic("signature didn't verify")
	}

	// export the public/private key as webcrypto.JsonWebKey
	out, err := webcrypto.Subtle().ExportKey(webcrypto.Jwk, cryptoKeyPair.PrivateKey())
	if err != nil {
		panic(err)
	}

	// do something with jwk
	jwk := out.(*webcrypto.JsonWebKey)

	// export the key as PKCS8
	out, err = webcrypto.Subtle().ExportKey(webcrypto.PKCS8, cryptoKeyPair.PrivateKey())
	if err != nil {
		panic(err)
	}

	// do something with the pkcs8 key
	pkcs8 := out.([]byte)

	// import a public/private key from a jwk
	in, err := webcrypto.Subtle().ImportKey(webcrypto.Jwk, jwk, &webcrypto.Algorithm{
		Name: "ECDSA",
		Params: &ecdsa.KeyImportParams{
			NamedCurve: "P-256",
		},
	}, true, []webcrypto.KeyUsage{
		webcrypto.Sign,
	})
	if err != nil {
		panic(err)
	}

	// import a public/private key from PKCS8
	in, err = webcrypto.Subtle().ImportKey(webcrypto.PKCS8, pkcs8, &webcrypto.Algorithm{
		Name: "ECDSA",
		Params: &ecdsa.KeyImportParams{
			NamedCurve: "P-256",
		},
	}, true, []webcrypto.KeyUsage{
		webcrypto.Sign,
	})
	if err != nil {
		panic(err)
	}

	// do something with the imported webcrypto.CryptoKey
	fmt.Println(in.Type())
}
HMAC

The HMAC algorithm is the implementation of operations described in §29 of the W3C specification.

import "github.com/armortal/webcrypto-go/algorithms/hmac"

Parameter Definitions

Below are the parameters that supported HMAC operations will take according to §29.2.

KeyGenParams

As specified in §29.5

Field Type Description
Hash string The inner hash function to use. See the supported hash algorithms.
Length uint64 The length (in bits) of the key to generate. If unspecified, the recommended length will be used, which is the size of the associated hash function's block size.
ImportParams

As specified in §29.3

Field Type Description
Hash string The inner hash function to use. See the supported hash algorithms.
Length uint64 The length (in bits) of the key.
Examples
package main

import (
	"github.com/armortal/webcrypto-go"
	"github.com/armortal/webcrypto-go/algorithms/hmac"
)

func main() {
	// generate a new key
	key, err := webcrypto.Subtle().GenerateKey(
		&webcrypto.Algorithm{
			Name: "HMAC",
			Params: &hmac.KeyGenParams{
				Hash: "SHA-256",
			},
		}, true, []webcrypto.KeyUsage{
			webcrypto.Sign,
			webcrypto.Verify,
	})

	if err != nil {
		panic(err)
	}

	// the generated key returns a webcrypto.CryptoKey
	cryptokey := key.(webcrypto.CryptoKey)

	// sign some data - no params required.
	sig, err := webcrypto.Subtle().Sign(&webcrypto.Algorithm{
		Name: "HMAC",
	}, cryptokey, []byte("test"))

	if err != nil {
		panic(err)
	}

	// verify the signature
	ok, err := webcrypto.Subtle().Verify(&webcrypto.Algorithm{
		Name: "HMAC",
	}, cryptokey, sig, []byte("test"))

	if err != nil {
		panic(err)
	}

	// export the key as *webcrypto.JsonWebKey
	out, err := webcrypto.Subtle().ExportKey(webcrypto.Jwk, cryptoKey)
	if err != nil {
		panic(err)
	}

	jwk := out.(*webcrypto.JsonWebKey)
	// do something with jwk

	// export the key as raw bytes
	out, err = webcrypto.Subtle().ExportKey(webcrypto.Raw, cryptoKey)
	if err != nil {
		panic(err)
	}

	raw := out.([]byte)
	// do something with raw bytes

	// import a key from a jwk
	in, err := webcrypto.Subtle().ImportKey(
		webcrypto.Jwk, 
		jwk, 
		&webcrypto.Algorithm{
			Name: "HMAC",
			Params: &hmac.ImportParams{
				Hash: "SHA-256",
			},
		}, 
		true, 
		[]webcrypto.KeyUsage{
			webcrypto.Sign,
			webcrypto.Verify,
		})
	
	if err != nil {
		panic(err)
	}

	// import a key from raw bytes
	in, err = webcrypto.Subtle().ImportKey(
		webcrypto.Raw, 
		raw, 
		&webcrypto.Algorithm{
			Name: "HMAC",
			Params: &hmac.ImportParams{
				Hash: "SHA-256",
			},
		}, 
		true, 
		[]webcrypto.KeyUsage{
			webcrypto.Sign,
			webcrypto.Verify,
		})
	
	if err != nil {
		panic(err)
	}

	// do something with your imported keys
}
RSA-OAEP

The RSA-OAEP algorithm is the implementation of operations described in §22 of the W3C specification.

import "github.com/armortal/webcrypto-go/algorithms/rsa"

Parameter Definitions

Below are the parameters that supported RSA-OAEP operations will take according to §22.2.

OaepParams

As specified in §22.3

Field Type Description
Label string The optional label/application data to associate with the message.
Examples
package main

import (
	"fmt"
	"math/big"

	"github.com/armortal/webcrypto-go"
	"github.com/armortal/webcrypto-go/algorithms/rsa"
)

func main() {
	// generate a new key
	key, err := webcrypto.Subtle().GenerateKey(
		&webcrypto.Algorithm{
			Name: "RSA-OAEP",
			Params: &rsa.HashedKeyGenParams{
				KeyGenParams: rsa.KeyGenParams{
					ModulusLength:  2048,
					PublicExponent: big.NewInt(65537),
				},
				Hash: "SHA-256",
			},
		}, true, []webcrypto.KeyUsage{webcrypto.Decrypt, webcrypto.Encrypt})

	if err != nil {
		panic(err)
	}

	cryptoKeyPair := key.(webcrypto.CryptoKeyPair)

	// encrypt some data with an optional label
	encrypted, err := webcrypto.Subtle().Encrypt(&webcrypto.Algorithm{
		Name: "RSA-OAEP",
		Params: &rsa.OaepParams{
			Label: []byte("optional"),
		},
	}, cryptoKeyPair.PublicKey(), []byte("test"))

	if err != nil {
		panic(err)
	}

	// decrypt the data
	decrypted, err := webcrypto.Subtle().Decrypt(&webcrypto.Algorithm{
		Name: "RSA-OAEP",
		Params: &rsa.OaepParams{
			Label: []byte("optional"),
		},
	}, cryptoKeyPair.PrivateKey(), encrypted)

	if err != nil {
		panic(err)
	}

	// do something with decrypted data
	fmt.Println(string(decrypted))

	// export the private/public key as jwk
	out, err := webcrypto.Subtle().ExportKey(webcrypto.Jwk, cryptoKeyPair.PrivateKey())
	if err != nil {
		panic(err)
	}

	// do something with jwk
	jwk := out.(*webcrypto.JsonWebKey)

	// import a key from jwk
	in, err := webcrypto.Subtle().ImportKey(webcrypto.Jwk, jwk, &webcrypto.Algorithm{
		Name: "RSA-OAEP",
		Params: &rsa.HashedImportParams{
			Hash: "SHA-256",
		},
	}, true, []webcrypto.KeyUsage{webcrypto.Decrypt})

	if err != nil {
		panic(err)
	}

	// do something with the imported key
	fmt.Println(in.Type())
}
RSASSA-PKCS1-v1_5

This algorithm is currently not supported. However, parameter definitions for those used in RSA-OAEP operations come from those defined in this algorithm.

Parameter Definitions

Below are the parameters that supported RSASSA-PKCS1-v1_5 operations will take according to §20.2.

KeyGenParams

As specified in §20.3

Field Type Description
ModulusLength uint64 The length, in bits, of the RSA modulus.
PublicExponent *big.Int The RSA public exponent.
HashedKeyGenParams

As specified in §20.4

Field Type Description
Hash string The hash algorithm to use.
ModulusLength uint64 The length, in bits, of the RSA modulus.
PublicExponent *big.Int The RSA public exponent.
HashedImportParams

As specified in §20.7

Field Type Description
Hash string The hash algorithm to use.
SHA

The SHA algorithm is the implementation of operations described in §30 of the W3C specification.

import "github.com/armortal/webcrypto-go/algorithms/sha"

Parameter Definitions

Below are the recognized algorithm names for supported SHA operations according to §30.2.

  • SHA-1
  • SHA-256
  • SHA-384
  • SHA-512

There are no parameter definitions, however we use Params below for importing purposes.

Params

This is an empty struct that we use to register SHA algorithms without using a blank import. If you don't use this as in webcrypto.Algorithm.Params to the Digest() call, you can import the algorithm using a blank import like below:

import _ "github.com/armortal/webcrypto-go/algorithms/sha"

Examples
package main

import (
	"encoding/hex"
	"fmt"

	"github.com/armortal/webcrypto-go"
	"github.com/armortal/webcrypto-go/algorithms/sha"
)

func main() {
	// digest something
	hash, err := webcrypto.Subtle().Digest(
		&webcrypto.Algorithm{
			Name:   "SHA-256",
			Params: &sha.Params{}, // we use *sha.Params so we can register the algorithm without using a blank import
		}, []byte("test"))

	if err != nil {
		panic(err)
	}

	// do something with hash
	fmt.Println(hex.EncodeToString(hash))
}

Contributing

If you have found a bug or would like to see new features, please create a new issue in this repository. If there is an issue that poses a security risk, please refrain from posting the issue publicly and contact support@armortal.com instead.

Documentation

Overview

Package webcrypto implements the WebCrypto API specification (https://www.w3.org/TR/WebCryptoAPI/).

Package webcrypto implements the WebCrypto API specification (https://www.w3.org/TR/WebCryptoAPI/).

Package webcrypto implements the WebCrypto API specification (https://www.w3.org/TR/WebCryptoAPI/).

Package webcrypto implements the WebCrypto API specification (https://www.w3.org/TR/WebCryptoAPI/).

Package webcrypto implements the WebCrypto API specification (https://www.w3.org/TR/WebCryptoAPI/).

Package webcrypto implements the WebCrypto API specification (https://www.w3.org/TR/WebCryptoAPI/).

Index

Constants

View Source 
const (
	Encrypt    KeyUsage = "encrypt"    // The key may be used to encrypt messages.
	Decrypt    KeyUsage = "decrypt"    // The key may be used to decrypt messages.
	Sign       KeyUsage = "sign"       // The key may be used to sign messages.
	Verify     KeyUsage = "verify"     // The key may be used to verify signatures.
	DeriveKey  KeyUsage = "deriveKey"  // The key may be used in deriving a new key.
	DeriveBits KeyUsage = "deriveBits" // The key may be used in deriving bits.
	WrapKey    KeyUsage = "wrapKey"    // The key may be used to wrap a key.
	UnwrapKey  KeyUsage = "unwrapKey"  // The key may be used to unwrap a key.

	Secret  KeyType = "secret"
	Private KeyType = "private"
	Public  KeyType = "public"
)
View Source 
const (
	ErrDataError          string = "DataError"
	ErrInvalidAccessError string = "InvalidAccessError"
	ErrNotSupportedError  string = "NotSupportedError"
	ErrOperationError     string = "OperationError"
	ErrQuotaExceededError string = "QuotaExceededError"
	ErrSyntaxError        string = "SyntaxError"
)

Variables

This section is empty.

Functions

func GetRandomValues 

func GetRandomValues(b []byte) error

GetRandomValues generates cryptographically strong random values. See §10.1.1 (https://w3c.github.io/webcrypto/#Crypto-method-getRandomValues)

func RandomUUID 

func RandomUUID() string

RandomUUID generates a new version 4 UUID and returns its namespace specific string representation as described in section 3 of [RFC4122]. See §10.1.2 (https://w3c.github.io/webcrypto/#Crypto-method-randomUUID)

func RegisterAlgorithm 

func RegisterAlgorithm(name string, subtle SubtleCrypto)

RegisterAlgorithm will register SubtleCrypto implementations referenced by the algorithm name provided. When fn gets called, it should return a NEW instance of the implementation.

Types

type Algorithm 

type Algorithm struct {
	Name   string
	Params any
}

Algorithm implements the Algorithm dictionary type as specified at §11 https://www.w3.org/TR/WebCryptoAPI/#algorithm-dictionary.

The WebCrypto spec has specific algorithm params extend Algorithm however in Go it can be messy when 'extending' structs so we keep it simple here by having specific algorithm params set in the Params field. This keeps things consistent and simple.

type CryptoKey 

type CryptoKey interface {
	// Type refers to the type of key the object represents. It may take one of the following values:
	// "secret", "private" or "public".
	Type() KeyType

	// A boolean value indicating whether or not the key may be extracted
	// using SubtleCrypto.ExportKey() or SubtleCrypto.WrapKey().
	Extractable() bool

	// An object describing the algorithm for which this key can be used and any associated extra parameters.
	Algorithm() KeyAlgorithm

	// An Array of strings, indicating what can be done with the key. Possible values for array
	// elements are "encrypt", "decrypt", "sign", "verify", "deriveKey", "deriveBits", "wrapKey",
	// and "unwrapKey".
	Usages() []KeyUsage
}

CryptoKey represents a cryptographic key obtained from one of the SubtleCrypto methods GenerateKey(), DeriveKey(), ImportKey(), or UnwrapKey(). See §13. (https://w3c.github.io/webcrypto/#cryptokey-interface).

type CryptoKeyPair 

type CryptoKeyPair interface {
	PublicKey() CryptoKey
	PrivateKey() CryptoKey
}

CryptoKeyPair represents an asymmetric key pair that is comprised of both public (PublicKey) and private (PrivateKey) keys. See §17. (https://w3c.github.io/webcrypto/#keypair)

func NewCryptoKeyPair 

func NewCryptoKeyPair(public CryptoKey, private CryptoKey) CryptoKeyPair

NewCryptoKeyPair creates a new key pair from the public and private keys. This function shouldn't be called from your application. It is called from the implementing algorithms when returning key pairs from the GenerateKey function. Use Subtle().GenerateKey() to get your key pairs.

type Error 

type Error interface {
	error

	Name() string

	Message() string
}

func ErrInvalidUsages 

func ErrInvalidUsages(allowed ...KeyUsage) Error

ErrInvalidUsages helper function that returns a ErrSyntaxError for invalid usages.

func ErrMethodNotSupported 

func ErrMethodNotSupported() Error

ErrMethodNotSupported helper function that returns an ErrNotSupportedError.

func FromError 

func FromError(err error) (Error, error)

func NewError 

func NewError(name string, message string) Error

type JsonWebKey 

type JsonWebKey struct {
	// The following fields are defined in Section 3.1 of JSON Web Key
	Kty    string     `json:"kty,omitempty"`
	Use    string     `json:"use,omitempty"`
	KeyOps []KeyUsage `json:"key_ops,omitempty"`
	Alg    string     `json:"alg,omitempty"`

	// The following fields are defined in JSON Web Key Parameters Registration
	Ext bool `json:"ext,omitempty"`

	// The following fields are defined in Section 6 of JSON Web Algorithms
	Crv string               `json:"crv,omitempty"`
	X   string               `json:"x,omitempty"`
	Y   string               `json:"y,omitempty"`
	D   string               `json:"d,omitempty"`
	N   string               `json:"n,omitempty"`
	E   string               `json:"e,omitempty"`
	P   string               `json:"p,omitempty"`
	Q   string               `json:"q,omitempty"`
	Dp  string               `json:"dp,omitempty"`
	Dq  string               `json:"dq,omitempty"`
	Qi  string               `json:"qi,omitempty"`
	Oth []RsaOtherPrimesInfo `json:"oth,omitempty"`
	K   string               `json:"k,omitempty"`
}

type KeyAlgorithm 

type KeyAlgorithm interface {
	Name() string
}

KeyAlgorithm implements the KeyAlgorithm dictionary type as specified at §12 https://www.w3.org/TR/WebCryptoAPI/#dfn-KeyAlgorithm.

We use an interface here because this is the algorithm that is part of a CryptoKey and we don't want the values changed.

type KeyFormat 

type KeyFormat string
const (
	Raw                  KeyFormat = "raw"   // Raw format.
	PKCS8                KeyFormat = "pkcs8" // PKCS #8 format.
	SubjectPublicKeyInfo KeyFormat = "spki"  // SubjectPublicKeyInfo format.
	Jwk                  KeyFormat = "jwk"   // JSON Web Key format.
)

type KeyType 

type KeyType string

type KeyUsage 

type KeyUsage string

type RsaOtherPrimesInfo 

type RsaOtherPrimesInfo struct {
	// The following fields are defined in Section 6.3.2.7 of JSON Web Algorithms
	R string `json:"r,omitempty"`
	D string `json:"d,omitempty"`
	T string `json:"t,omitempty"`
}

type SubtleCrypto 

type SubtleCrypto interface {

	// Decrypt will decrypt data using the specified Algorithm with the supplied CryptoKey.
	// See §14.2.2 (https://w3c.github.io/webcrypto/#SubtleCrypto-method-decrypt)
	Decrypt(algorithm *Algorithm, key CryptoKey, data []byte) ([]byte, error)

	// DeriveBits can be used to derive an array of bits from a base key.
	// See  §14.2.8 (https://w3c.github.io/webcrypto/#SubtleCrypto-method-deriveBits)
	DeriveBits(algorithm *Algorithm, baseKey CryptoKey, length uint64) ([]byte, error)

	// DeriveKey can be used to derive a secret key from a master key.
	// See  §14.2.7 (https://w3c.github.io/webcrypto/#SubtleCrypto-method-deriveKey)
	DeriveKey(algorithm *Algorithm, baseKey CryptoKey, derivedKeyType *Algorithm, extractable bool, keyUsages []KeyUsage) (CryptoKey, error)

	// Digrest generates a digest of the given data. A digest is a short fixed-length value
	// derived from some variable-length input. Cryptographic digests should exhibit collision-resistance,
	// meaning that it's hard to come up with two different inputs that have the same digest value.
	// See  §14.2.5 (https://w3c.github.io/webcrypto/#SubtleCrypto-method-digest)
	Digest(algorithm *Algorithm, data []byte) ([]byte, error)

	// Encrypt will encrypt data using the specified AlgorithmIdentifier with the supplied CryptoKey.
	// See §14.2.1 (https://w3c.github.io/webcrypto/#SubtleCrypto-method-encrypt)
	Encrypt(algorithm *Algorithm, key CryptoKey, data []byte) ([]byte, error)

	// ExportKey exports a key: that is, it takes as input a CryptoKey object and gives you the key
	// in an external, portable format.
	// See §14.2.10 (https://w3c.github.io/webcrypto/#SubtleCrypto-method-exportKey)
	ExportKey(format KeyFormat, key CryptoKey) (any, error)

	// GenerateKey generates a new key (for symmetric algorithms) or key pair (for public-key algorithms).
	// See §14.2.6 (https://w3c.github.io/webcrypto/#SubtleCrypto-method-generateKey)
	GenerateKey(algorithm *Algorithm, extractable bool, keyUsages []KeyUsage) (any, error)

	// ImportKey imports a key: that is, it takes as input a key in an external, portable format and
	// gives you a CryptoKey object that you can use in the Web Crypto API.
	// See §14.2.9 (https://w3c.github.io/webcrypto/#SubtleCrypto-method-importKey)
	ImportKey(format KeyFormat, keyData any, algorithm *Algorithm, extractable bool, keyUsages []KeyUsage) (CryptoKey, error)

	// Sign generates a digital signature.
	// See §14.2.3 (https://w3c.github.io/webcrypto/#SubtleCrypto-method-sign)
	Sign(algorithm *Algorithm, key CryptoKey, data []byte) ([]byte, error)

	// UnwrapKey "unwraps" a key. This means that it takes as its input a key that has been exported and
	// then encrypted (also called "wrapped"). It decrypts the key and then imports it, returning a CryptoKey
	// object that can be used in the Web Crypto API.
	// See §14.2.12 (https://w3c.github.io/webcrypto/#SubtleCrypto-method-unwrapKey)
	UnwrapKey(format KeyFormat,
		wrappedKey []byte,
		unwrappingKey CryptoKey,
		unwrapAlgorithm *Algorithm,
		unwrappedKeyAlgorithm *Algorithm,
		extractable bool,
		keyUsages []KeyUsage) (CryptoKey, error)

	// Verify verifies a digital signature.
	// See §14.2.4 (https://w3c.github.io/webcrypto/#SubtleCrypto-method-verify)
	Verify(algorithm *Algorithm, key CryptoKey, signature []byte, data []byte) (bool, error)

	// WrapKey "wraps" a key. This means that it exports the key in an external, portable format, then encrypts
	// the exported key. Wrapping a key helps protect it in untrusted environments, such as inside an otherwise
	// unprotected data store or in transmission over an unprotected network.
	// See §14.2.11 (https://w3c.github.io/webcrypto/#SubtleCrypto-method-wrapKey)
	WrapKey(format KeyFormat, key CryptoKey, wrappingKey CryptoKey, wrapAlgorithm *Algorithm) (any, error)
}

SubtleCrypto interface provides a set of methods for dealing with low-level cryptographic primitives and algorithms. See §14. (https://w3c.github.io/webcrypto/#subtlecrypto-interface)

func Subtle 

func Subtle() SubtleCrypto

Source Files

View all Source files

Directories

Path Synopsis
algorithms
ecdsa
Package ecdsa implements ECDSA operations as described in the specifications at §23 (https://www.w3.org/TR/WebCryptoAPI/#ecdsa).
 Package ecdsa implements ECDSA operations as described in the specifications at §23 (https://www.w3.org/TR/WebCryptoAPI/#ecdsa).
hmac
Package hmac implements HMAC operations as described in the specifications at §29 (https://www.w3.org/TR/WebCryptoAPI/#hmac).
 Package hmac implements HMAC operations as described in the specifications at §29 (https://www.w3.org/TR/WebCryptoAPI/#hmac).
rsa
Package rsa implements RSA operations; RSA-OAEP as specified in §30 (https://www.w3.org/TR/WebCryptoAPI/#rsa-oaep).
 Package rsa implements RSA operations; RSA-OAEP as specified in §30 (https://www.w3.org/TR/WebCryptoAPI/#rsa-oaep).
sha
Package sha implements the SHA operations as specified in §30 (https://www.w3.org/TR/WebCryptoAPI/#sha)
 Package sha implements the SHA operations as specified in §30 (https://www.w3.org/TR/WebCryptoAPI/#sha)
examples
ecdsa
hmac
rsaoaep
sha
Package util contains utility functions.
 Package util contains utility functions.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.