crypto

package
v0.3.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 24, 2022 License: LGPL-3.0 Imports: 13 Imported by: 0

Documentation

Overview

Package crypto contains cryptographic functions that are useful when using go-tpm2.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func KDFa

func KDFa(hashAlg crypto.Hash, key, label, contextU, contextV []byte, sizeInBits int) []byte

KDFa performs key derivation using the counter mode described in SP800-108 and HMAC as the PRF.

This will panic if hashAlg is not available.

func KDFe

func KDFe(hashAlg crypto.Hash, z, label, partyUInfo, partyVInfo []byte, sizeInBits int) []byte

KDFe performs key derivation using the "Concatenation Key Derivation Function (Approved Alternative 1) in the original version of SP800-56A.

This will panic if hashAlg is not available.

func SecretDecrypt

func SecretDecrypt(priv crypto.PrivateKey, hashAlg crypto.Hash, label, secret []byte) (seed []byte, err error)

SecretDecrypt recovers a seed from the supplied secret structure using the private key. It can be used to recover secrets created by the TPM, such as those created by the TPM2_Duplicate command.

The specified digest algorithm must match the name algorithm of the public area associated with the supplied private key.

This will panic if hashAlg is not available.

func SecretEncrypt

func SecretEncrypt(public crypto.PublicKey, hashAlg crypto.Hash, label []byte) (secret []byte, seed []byte, err error)

SecretEncrypt creates a seed and associated secret value using the supplied public key and digest algorithm. The corresponding private key can recover the seed from the returned secret value.

This is useful for sharing secrets with the TPM via the TPM2_Import, TPM2_ActivateCredential and TPM2_StartAuthSession commands.

The supplied digest algorithm must match the name algorithm of the public area associated with the supplied public key.

This will panic if hashAlg is not available.

func SymmetricDecrypt

func SymmetricDecrypt(alg SymmetricAlgorithm, key, iv, data []byte) error

SymmetricDecrypt performs in place symmetric decryption of the supplied data with the supplied cipher using CFB mode.

func SymmetricEncrypt

func SymmetricEncrypt(alg SymmetricAlgorithm, key, iv, data []byte) error

SymmetricEncrypt performs in place symmetric encryption of the supplied data with the supplied cipher using CFB mode.

func XORObfuscation

func XORObfuscation(hashAlg crypto.Hash, key []byte, contextU, contextV, data []byte)

XORObfuscation performs XOR obfuscation as described in part 1 of the TPM library specification.

This will panic if hashAlg is not available.

Types

type SymmetricAlgorithm

type SymmetricAlgorithm interface {
	NewCipher(key []byte) (cipher.Block, error)
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL