Documentation
¶
Index ¶
- func DecryptAndVerify(dataBytes []byte, enrollmentID string) ([]byte, error)
- func GenerateCert(host string)
- func GetCryptoLib(name string) (cryptoLib pki.ICryptoLib, err error)
- func SetEncryptFlag(isEncrypt bool)
- func SetEncryptType(encryptType EncryptType)
- func SetSecurityLevel(securityLevel int, hashAlgorithm string)
- func SetServerClientMode(mode ServerClientMode)
- func SetSignFlag(isSign bool)
- func SignAndEncrypt(databytes []byte, enrollmentID string) (string, error)
- func VerifySignatureED25519(wr *wallet.WalletRequest, ipk pki.IPublicKey) error
- type CertGroup
- type CertsStore
- type EncryptType
- type ICryptoLib
- type ServerClientMode
- type SignedData
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DecryptAndVerify ¶
DecryptAndVerify accepts data bytes and the specified enrollment id, decrypt the data and verify the signature according to the enrollmentId's certs, if success, return the raw plaintext data。
func GenerateCert ¶
func GenerateCert(host string)
func GetCryptoLib ¶
func GetCryptoLib(name string) (cryptoLib pki.ICryptoLib, err error)
GetCryptoLib can get the specific enrollment id's CryptoLib instance, then you can invoke following API use this Cryptolib instance:
Sign(data []byte) ([]byte, error) Verify(data []byte, sig []byte) error Encrypt(data []byte) ([]byte, error) Decrypt(ciphertext []byte) ([]byte, error)
func SetEncryptFlag ¶
func SetEncryptFlag(isEncrypt bool)
SetEncryptFlag sets the encryption flag
If not set, the default value is "true".
func SetEncryptType ¶
func SetEncryptType(encryptType EncryptType)
SetEncryptType sets the encryption type 0: ecc 1: rsa
If not set, the default value is 0.
func SetSecurityLevel ¶
SetSecurityLevel sets the security level and hash algorithm of cryptp library
If not set, the default value is:
SecurityLevel: 256 HashAlgorithm: "SHA3"
func SetServerClientMode ¶
func SetServerClientMode(mode ServerClientMode)
SetServerClientMode sets the server or client mode 0: server mode 1: client mode
If not set, the default value is 0.
func SetSignFlag ¶
func SetSignFlag(isSign bool)
SetSignFlag sets the signature falg
If not set, the default value is "true".
func SignAndEncrypt ¶
SignAndEncrypt accepts data bytes and the specified enrollment id, sign and encrypt the data according to the enrollmentId's certs, if success, return the encrypted data.
func VerifySignatureED25519 ¶
func VerifySignatureED25519(wr *wallet.WalletRequest, ipk pki.IPublicKey) error
VerifySignatureED25519 verify signature of the given data
Types ¶
type CertsStore ¶
type CertsStore struct {
// contains filtered or unexported fields
}
func NewCertsStore ¶
func NewCertsStore(path string) (certsStore *CertsStore, err error)
NewCertsStore New and initialize the certs store, must be called before using crypto library parameters:
path: path to the certs store witch contains all the enrollment id server-side certificates
Certs Store Dir Structure:
- root-dir: tls: tls.key enrollmentID1: enrollmentID1.cert enrollmentID2: enrollmentID2.cert
func (*CertsStore) Reload ¶
func (this *CertsStore) Reload() error
type ICryptoLib ¶
type ServerClientMode ¶
type ServerClientMode int
const ( SERVER_MODE ServerClientMode = iota CLIENT_MODE )
Source Files
Directories