Versions in this module Expand all Collapse all v0 v0.0.4 Jan 6, 2024 v0.0.3 Jan 6, 2024 v0.0.2 Jan 6, 2024 Changes in this version + const SGXHSM2KeyHRP + func CreateKeyXXX(s string, s2 string, s3 string) + func GenerateSGXHSM2Key() string + func GenerateSGXHSMKey() string + type Client struct + func (c *Client) CreateKey(keyspec, origin, keyusage string) (string, error) type EdX25519Key + func NewSGXHSMKeyFromPrivateKey(privateKey *[ed25519.PrivateKeySize]byte) *EdX25519Key type KeyType + const SGXHSM + const SGXHSM2 + func (t KeyType) GenerateKey(reader io.Reader, i int) interface{} + type Post struct + APIKEY string + APPID string + ID string + KeyUsage string + Keyspec string + Origin string + TimeStamep string + type PublicKey struct + type SGXHSM2Key struct + func (k *SGXHSM2Key) ID() ID + func (k *SGXHSM2Key) Public() []byte + func (k *SGXHSM2Key) PublicKey() *SGXHSM2PublicKey + func (k *SGXHSM2Key) Type() KeyType + type SGXHSM2PublicKey struct + func NewSGXHSM2PublicKey(pk *rsa.PublicKey) *SGXHSM2PublicKey + func NewSGXHSM2PublicKeyFromBytes(publicKey []byte) (*SGXHSM2PublicKey, error) + func (k *SGXHSM2PublicKey) Bytes() []byte + func (k *SGXHSM2PublicKey) ID() ID + func (k *SGXHSM2PublicKey) Private() []byte + func (k *SGXHSM2PublicKey) Public() []byte + func (k *SGXHSM2PublicKey) Type() KeyType + type SGXHSMKey struct + func (k *SGXHSMKey) Equal(o *EdX25519Key) bool + func (k *SGXHSMKey) ID() ID + func (k *SGXHSMKey) Private() []byte + func (k *SGXHSMKey) Public() []byte + func (k *SGXHSMKey) SGXHSMKey() *X25519Key + func (k *SGXHSMKey) Signer() crypto.Signer + func (k *SGXHSMKey) Type() KeyType + type SGXHSMKey2 struct + type SGXHSMPublicKey struct + func NewSGXHSMPublicKey(b *[ed25519.PublicKeySize]byte) *SGXHSMPublicKey + func (k *SGXHSMPublicKey) Bytes() []byte + func (k *SGXHSMPublicKey) ID() ID + func (k *SGXHSMPublicKey) Private() []byte + func (k *SGXHSMPublicKey) Public() []byte + func (k *SGXHSMPublicKey) String() string + func (k *SGXHSMPublicKey) Type() KeyType v0.0.1 Jan 5, 2024 Changes in this version + const SignOverhead + var ErrVerifyFailed = errors.New("verify failed") + func BoxOpen(encrypted []byte, sender *X25519PublicKey, recipient *X25519Key) ([]byte, error) + func BoxSeal(b []byte, recipient *X25519PublicKey, sender *X25519Key) []byte + func Bytes16(b []byte) *[16]byte + func Bytes24(b []byte) *[24]byte + func Bytes32(b []byte) *[32]byte + func Bytes64(b []byte) *[64]byte + func CryptoBoxSeal(b []byte, publicKey *X25519PublicKey) []byte + func CryptoBoxSealOpen(b []byte, key *X25519Key) ([]byte, error) + func DecryptWithPassword(encrypted []byte, password string) ([]byte, error) + func EncodeSSHKey(key Key, password string) (string, error) + func EncryptWithPassword(b []byte, password string) []byte + func HKDFSHA256(secret []byte, len int, salt []byte, info []byte) []byte + func HMACSHA256(key []byte, msg []byte) []byte + func IDsToString(ids []ID, delim string) string + func IDsToStrings(ids []ID) []string + func IsTemporaryError(err error) bool + func IsValidID(s string) bool + func KeyForPassword(password string, salt []byte) (*[32]byte, error) + func NewErrNotFound(id string) error + func Rand16() *[16]byte + func Rand24() *[24]byte + func Rand32() *[32]byte + func RandBase62(numBytes int) string + func RandBytes(length int) []byte + func RandDigits(length int) string + func RandFileName() string + func RandHex(numBytes int) string + func RandPassword(length int, opt ...PasswordOption) string + func RandPhrase() string + func RandTempPath() string + func RandUsername(length int) string + func RandWords(numWords int) string + func RetryE(fn func() error) error + func RetrySE(fn func() (string, error)) (string, error) + func SecretBoxOpen(encrypted []byte, secretKey *[32]byte) ([]byte, error) + func SecretBoxSeal(b []byte, secretKey *[32]byte) []byte + func SetLogger(l Logger) + func SigchainHash(st *Statement) (*[32]byte, error) + func StatementID(kid ID, seq int) string + func X25519Match(expected ID, kid ID) bool + type Address struct + func NewAddress(ids ...ID) (*Address, error) + func ParseAddress(saddrs ...string) (*Address, error) + func (a *Address) Contains(id ID) bool + func (a *Address) String() string + func (a *Address) Strings() []string + type CertificateKey struct + func GenerateCertificateKey(commonName string, isCA bool, parent *x509.Certificate) (*CertificateKey, error) + func NewCertificateKey(private string, public string) (*CertificateKey, error) + func (c CertificateKey) Private() string + func (c CertificateKey) Public() string + func (c CertificateKey) TLSCertificate() tls.Certificate + func (c CertificateKey) X509Certificate() (*x509.Certificate, error) + type EdX25519Key struct + func GenerateEdX25519Key() *EdX25519Key + func NewEdX25519KeyFromPaperKey(paperKey string) (*EdX25519Key, error) + func NewEdX25519KeyFromPrivateKey(privateKey *[ed25519.PrivateKeySize]byte) *EdX25519Key + func NewEdX25519KeyFromSeed(seed *[ed25519.SeedSize]byte) *EdX25519Key + func (k *EdX25519Key) EncodeToSSH(password []byte) ([]byte, error) + func (k *EdX25519Key) Equal(o *EdX25519Key) bool + func (k *EdX25519Key) ID() ID + func (k *EdX25519Key) MarshalText() ([]byte, error) + func (k *EdX25519Key) PaperKey() string + func (k *EdX25519Key) Private() []byte + func (k *EdX25519Key) PrivateKey() *[ed25519.PrivateKeySize]byte + func (k *EdX25519Key) Public() []byte + func (k *EdX25519Key) PublicKey() *EdX25519PublicKey + func (k *EdX25519Key) SSHSigner() ssh.Signer + func (k *EdX25519Key) Seed() *[ed25519.SeedSize]byte + func (k *EdX25519Key) Sign(b []byte) []byte + func (k *EdX25519Key) SignDetached(b []byte) []byte + func (k *EdX25519Key) Signer() crypto.Signer + func (k *EdX25519Key) String() string + func (k *EdX25519Key) Type() KeyType + func (k *EdX25519Key) UnmarshalText(s []byte) error + func (k *EdX25519Key) X25519Key() *X25519Key + type EdX25519PublicKey struct + func NewEdX25519PublicKey(b *[ed25519.PublicKeySize]byte) *EdX25519PublicKey + func NewEdX25519PublicKeyFromID(id ID) (*EdX25519PublicKey, error) + func (k *EdX25519PublicKey) Bytes() []byte + func (k *EdX25519PublicKey) EncodeToSSHAuthorized() []byte + func (k *EdX25519PublicKey) ID() ID + func (k *EdX25519PublicKey) Private() []byte + func (k *EdX25519PublicKey) Public() []byte + func (k *EdX25519PublicKey) String() string + func (k *EdX25519PublicKey) Type() KeyType + func (k *EdX25519PublicKey) Verify(b []byte) ([]byte, error) + func (k *EdX25519PublicKey) VerifyDetached(sig []byte, b []byte) error + func (k *EdX25519PublicKey) X25519PublicKey() *X25519PublicKey + type ErrNotFound struct + ID string + func (e ErrNotFound) Error() string + type ID string + func MustID(hrp string, b []byte) ID + func NewID(hrp string, b []byte) (ID, error) + func ParseID(s string) (ID, error) + func ParseIDs(strs []string) ([]ID, error) + func RandID(hrp string) ID + func (i ID) Decode() (string, []byte, error) + func (i ID) ID() ID + func (i ID) IsEdX25519() bool + func (i ID) IsX25519() bool + func (i ID) Private() []byte + func (i ID) Public() []byte + func (i ID) String() string + func (i ID) Type() KeyType + func (i ID) UUID() *[16]byte + func (i ID) WithSeq(seq int) string + type IDSet struct + func NewIDSet(ids ...ID) *IDSet + func NewIDSetWithCapacity(capacity int) *IDSet + func (s *IDSet) Add(id ID) + func (s *IDSet) AddAll(ids []ID) + func (s *IDSet) Clear() + func (s *IDSet) Contains(id ID) bool + func (s *IDSet) IDs() []ID + func (s *IDSet) Size() int + type Key interface + ID func() ID + Private func() []byte + Public func() []byte + Type func() KeyType + func DecodeSSHKey(s string, password string) (Key, error) + func ParseSSHKey(pemBytes []byte, passphrase []byte, trim bool) (Key, error) + func ParseSSHPublicKey(s string) (Key, error) + type KeyType string + const EdX25519 + const RSA + const X25519 + type LogLevel int + const DebugLevel + const ErrLevel + const InfoLevel + const WarnLevel + func (l LogLevel) String() string + type Logger interface + Debugf func(format string, args ...interface{}) + Errorf func(format string, args ...interface{}) + Fatalf func(format string, args ...interface{}) + Infof func(format string, args ...interface{}) + Warningf func(format string, args ...interface{}) + func NewLogger(lev LogLevel) Logger + type PasswordOption func(*PasswordOptions) + func NoSymbols() PasswordOption + type PasswordOptions struct + NoSymbols bool + type RSAKey struct + func GenerateRSAKey() *RSAKey + func NewRSAKey(k *rsa.PrivateKey) *RSAKey + func NewRSAKeyFromBytes(privateKey []byte) (*RSAKey, error) + func (k *RSAKey) ID() ID + func (k *RSAKey) Private() []byte + func (k *RSAKey) Public() []byte + func (k *RSAKey) PublicKey() *RSAPublicKey + func (k *RSAKey) Type() KeyType + type RSAPublicKey struct + func NewRSAPublicKey(pk *rsa.PublicKey) *RSAPublicKey + func NewRSAPublicKeyFromBytes(publicKey []byte) (*RSAPublicKey, error) + func (k *RSAPublicKey) Bytes() []byte + func (k *RSAPublicKey) ID() ID + func (k *RSAPublicKey) Private() []byte + func (k *RSAPublicKey) Public() []byte + func (k *RSAPublicKey) Type() KeyType + type Sigchain struct + func NewSigchain(kid ID) *Sigchain + func (s *Sigchain) Add(st *Statement) error + func (s *Sigchain) AddAll(statements []*Statement) error + func (s *Sigchain) FindAll(typ string) []*Statement + func (s *Sigchain) FindLast(typ string) *Statement + func (s *Sigchain) IsRevoked(seq int) bool + func (s *Sigchain) KID() ID + func (s *Sigchain) Last() *Statement + func (s *Sigchain) LastSeq() int + func (s *Sigchain) Length() int + func (s *Sigchain) Revoke(revoke int, sk *EdX25519Key) (*Statement, error) + func (s *Sigchain) Spew() *bytes.Buffer + func (s *Sigchain) Statements() []*Statement + func (s *Sigchain) VerifyStatement(st *Statement, prev *Statement) error + type Sigchains struct + func NewSigchains(ds dstore.Documents) *Sigchains + func (s *Sigchains) Delete(kid ID) (bool, error) + func (s *Sigchains) Exists(kid ID) (bool, error) + func (s *Sigchains) Index(key Key) error + func (s *Sigchains) KIDs() ([]ID, error) + func (s *Sigchains) Lookup(kid ID) (ID, error) + func (s *Sigchains) Save(sc *Sigchain) error + func (s *Sigchains) SetClock(clock tsutil.Clock) + func (s *Sigchains) Sigchain(kid ID) (*Sigchain, error) + type Statement struct + Data []byte + KID ID + Nonce []byte + Prev []byte + Revoke int + Seq int + Sig []byte + Timestamp time.Time + Type string + func NewRevokeStatement(sc *Sigchain, revoke int, sk *EdX25519Key) (*Statement, error) + func NewSigchainStatement(sc *Sigchain, b []byte, sk *EdX25519Key, typ string, ts time.Time) (*Statement, error) + func (s *Statement) Bytes() ([]byte, error) + func (s *Statement) BytesToSign() []byte + func (s *Statement) MarshalJSON() ([]byte, error) + func (s *Statement) Sign(signKey *EdX25519Key) error + func (s *Statement) URL() string + func (s *Statement) UnmarshalJSON(b []byte) error + func (s *Statement) Verify() error + func (s *Statement) VerifySpecific(bytesToSign []byte) error + type StatementPublicKey interface + ID func() ID + Verify func(b []byte) ([]byte, error) + VerifyDetached func(sig []byte, b []byte) error + func StatementPublicKeyFromID(id ID) (StatementPublicKey, error) + type X25519Key struct + func GenerateX25519Key() *X25519Key + func NewX25519KeyFromPrivateKey(privateKey *[32]byte) *X25519Key + func NewX25519KeyFromSeed(seed *[32]byte) *X25519Key + func (k *X25519Key) BoxOpen(b []byte, nonce *[24]byte, sender *X25519PublicKey) ([]byte, bool) + func (k *X25519Key) BoxSeal(b []byte, nonce *[24]byte, recipient *X25519PublicKey) []byte + func (k *X25519Key) Bytes32() *[32]byte + func (k *X25519Key) ID() ID + func (k *X25519Key) Private() []byte + func (k *X25519Key) PrivateKey() *[32]byte + func (k *X25519Key) Public() []byte + func (k *X25519Key) PublicKey() *X25519PublicKey + func (k *X25519Key) Type() KeyType + type X25519PublicKey struct + func NewX25519PublicKey(b *[32]byte) *X25519PublicKey + func NewX25519PublicKeyFromID(id ID) (*X25519PublicKey, error) + func (k *X25519PublicKey) Bytes() []byte + func (k *X25519PublicKey) Bytes32() *[32]byte + func (k *X25519PublicKey) ID() ID + func (k *X25519PublicKey) Private() []byte + func (k *X25519PublicKey) Public() []byte + func (k *X25519PublicKey) Type() KeyType