Documentation ¶
Overview ¶
Package crypto provides tools for data encryption and certificates management
Index ¶
- Constants
- Variables
- func CreateRsaKey() (*rsa.PrivateKey, error)
- func DeleteKeyringPassword(service string, user string) error
- func EncodePrivate(password []byte, key crypto.PrivateKey) ([]byte, error)
- func GenerateCACertificate(t *Template) (*x509.Certificate, error)
- func GenerateServiceCertificate(t *Template) (*x509.Certificate, error)
- func GetKeyringPassword(service string, user string, createIfNotExist bool) ([]byte, error)
- func GetSignature(key *ecdsa.PrivateKey, data []byte) (string, error)
- func KeyFromPassword(password []byte, l int) []byte
- func LoadCertificate(file string) (*x509.Certificate, error)
- func LoadPrivateKey(password []byte, file string) (crypto.PrivateKey, error)
- func NewEcdsaPrivateKey(alg string) (*ecdsa.PrivateKey, error)
- func Open(key []byte, nonce []byte, cipherData []byte) ([]byte, error)
- func ParsePrivate(password []byte, bytes []byte) (crypto.PrivateKey, error)
- func PublicKeyFromRsaKey(privateKey *rsa.PrivateKey) rsa.PublicKey
- func RandomBytes(size int) ([]byte, error)
- func RsaKeyFromPEM(pemString string) (*rsa.PrivateKey, error)
- func RsaKeyFromPEMFile(filename string) (*rsa.PrivateKey, error)
- func RsaKeyToPEM(key *rsa.PrivateKey, filename ...string) (string, error)
- func RsaPublicKeyToPEM(pubKey rsa.PublicKey, filename ...string) (string, error)
- func Seal(key []byte, data []byte) ([]byte, error)
- func SetKeyringPassword(service string, user string, password []byte) error
- func StoreCertificate(cert *x509.Certificate, file string, perm os.FileMode) error
- func StorePrivateKey(key crypto.PrivateKey, password []byte, file string) error
- func VerifySignature(data []byte, key *ecdsa.PublicKey, signature string) bool
- type AESGCMMaterials
- func (m *AESGCMMaterials) Close() error
- func (m *AESGCMMaterials) GetDesc() (desc string)
- func (m *AESGCMMaterials) GetEncryptedParameters() *encryption.Params
- func (m *AESGCMMaterials) GetIV() (iv string)
- func (m *AESGCMMaterials) GetKey() (key string)
- func (m *AESGCMMaterials) Read(b []byte) (int, error)
- func (m *AESGCMMaterials) SetupDecryptMode(stream io.Reader, iv string, key string) error
- func (m *AESGCMMaterials) SetupEncryptMode(stream io.Reader) error
- type RangeAESGCMMaterials
- func (m *RangeAESGCMMaterials) CalculateEncryptedRange(plainFileSize int64) (int64, int64)
- func (m *RangeAESGCMMaterials) Close() error
- func (m *RangeAESGCMMaterials) GetDesc() (desc string)
- func (m *RangeAESGCMMaterials) GetEncryptedParameters() *encryption.Params
- func (m *RangeAESGCMMaterials) GetIV() (iv string)
- func (m *RangeAESGCMMaterials) GetKey() (key string)
- func (m *RangeAESGCMMaterials) Read(b []byte) (int, error)
- func (m *RangeAESGCMMaterials) SetPlainRange(offset, length int64) error
- func (m *RangeAESGCMMaterials) SetupDecryptMode(stream io.Reader, iv string, key string) error
- func (m *RangeAESGCMMaterials) SetupEncryptMode(stream io.Reader) error
- type Template
Constants ¶
const ( AESGCMAuthTagSize = 16 AESGCMNonceSize = 12 )
Variables ¶
var AESGCMFileEncryptionBlockSize = 4 * 1024 * 1024
AESGCMFileEncryptionBlockSize is the default size of encryption block used in material
var SALT = []byte{224, 32, 00, 33, 78, 3, 25, 56, 54, 5, 54, 9, 79, 76, 189, 8}
Functions ¶
func CreateRsaKey ¶
func CreateRsaKey() (*rsa.PrivateKey, error)
CreateRsaKey generates a new private key
func DeleteKeyringPassword ¶
DeleteKeyringPassword removes all key that matches "service" and "user"
func EncodePrivate ¶
func EncodePrivate(password []byte, key crypto.PrivateKey) ([]byte, error)
func GenerateCACertificate ¶
func GenerateCACertificate(t *Template) (*x509.Certificate, error)
GenerateCACertificate generates a certificate for a CA
func GenerateServiceCertificate ¶
func GenerateServiceCertificate(t *Template) (*x509.Certificate, error)
GenerateServiceCertificate generates a certificate for a service
func GetKeyringPassword ¶
GetKeyringPassword retrieves password from keyring If no key matches "service" and "user" a key is generated if "createIfNotExist" is true
func GetSignature ¶
func GetSignature(key *ecdsa.PrivateKey, data []byte) (string, error)
func KeyFromPassword ¶
func LoadCertificate ¶
func LoadCertificate(file string) (*x509.Certificate, error)
LoadCertificate load file contenant and decode it into a x509.Certificate
func LoadPrivateKey ¶
func LoadPrivateKey(password []byte, file string) (crypto.PrivateKey, error)
LoadPrivateKey load encrypted private key from "file" and decrypts it
func NewEcdsaPrivateKey ¶
func NewEcdsaPrivateKey(alg string) (*ecdsa.PrivateKey, error)
func ParsePrivate ¶
func ParsePrivate(password []byte, bytes []byte) (crypto.PrivateKey, error)
func PublicKeyFromRsaKey ¶
func PublicKeyFromRsaKey(privateKey *rsa.PrivateKey) rsa.PublicKey
Extract public key from private key
func RandomBytes ¶
func RsaKeyFromPEM ¶
func RsaKeyFromPEM(pemString string) (*rsa.PrivateKey, error)
Parse a PEM string
func RsaKeyFromPEMFile ¶
func RsaKeyFromPEMFile(filename string) (*rsa.PrivateKey, error)
Loads a PEM file and parse Private Key
func RsaKeyToPEM ¶
func RsaKeyToPEM(key *rsa.PrivateKey, filename ...string) (string, error)
RsaKeyToPEM encodes the private key in PEM format
func RsaPublicKeyToPEM ¶
RsaPublicKeyToPEM encodes the public key to PEM format
func SetKeyringPassword ¶
SetKeyringPassword base64-encodes password and store it
func StoreCertificate ¶
StoreCertificate encode certificate and store the result in "file"
func StorePrivateKey ¶
func StorePrivateKey(key crypto.PrivateKey, password []byte, file string) error
StorePrivateKey encrypts the private key and save it in "file"
Types ¶
type AESGCMMaterials ¶
type AESGCMMaterials struct {
// contains filtered or unexported fields
}
AESGCMMaterials ...
func NewAESGCMMaterials ¶
func NewAESGCMMaterials(key []byte, params *encryption.Params) *AESGCMMaterials
NewAESGCMMaterials creates an encryption materials that use AES GCM
func (*AESGCMMaterials) Close ¶
func (m *AESGCMMaterials) Close() error
Close closes the underlying stream
func (*AESGCMMaterials) GetDesc ¶
func (m *AESGCMMaterials) GetDesc() (desc string)
GetDesc returns a string description of the materials
func (*AESGCMMaterials) GetEncryptedParameters ¶
func (m *AESGCMMaterials) GetEncryptedParameters() *encryption.Params
GetEncryptedParameters returns the additional parameters that are generated for encryption
func (*AESGCMMaterials) GetIV ¶
func (m *AESGCMMaterials) GetIV() (iv string)
GetIV returns the IV used to encrypt/decrypt as a string
func (*AESGCMMaterials) GetKey ¶
func (m *AESGCMMaterials) GetKey() (key string)
GetKey returns the key used to encrypt/decrypt
func (*AESGCMMaterials) SetupDecryptMode ¶
SetupDecryptMode set underlying read function in decrypt mode
func (*AESGCMMaterials) SetupEncryptMode ¶
func (m *AESGCMMaterials) SetupEncryptMode(stream io.Reader) error
SetupEncryptMode set underlying read function in encrypt mode
type RangeAESGCMMaterials ¶ added in v1.5.0
type RangeAESGCMMaterials struct {
// contains filtered or unexported fields
}
*************************************************
RANGE ENCRYPTION MATERIAL READER
*************************************************
func NewRangeAESGCMMaterials ¶ added in v1.5.0
func NewRangeAESGCMMaterials(key []byte, params *encryption.Params) *RangeAESGCMMaterials
NewRangeAESGCMMaterials creates an encryption materials that use AES GCM
func (*RangeAESGCMMaterials) CalculateEncryptedRange ¶ added in v1.5.0
func (m *RangeAESGCMMaterials) CalculateEncryptedRange(plainFileSize int64) (int64, int64)
func (*RangeAESGCMMaterials) Close ¶ added in v1.5.0
func (m *RangeAESGCMMaterials) Close() error
Close closes the underlying stream
func (*RangeAESGCMMaterials) GetDesc ¶ added in v1.5.0
func (m *RangeAESGCMMaterials) GetDesc() (desc string)
GetDesc returns a string description of the materials
func (*RangeAESGCMMaterials) GetEncryptedParameters ¶ added in v1.5.0
func (m *RangeAESGCMMaterials) GetEncryptedParameters() *encryption.Params
GetEncryptedParameters returns the additional parameters that are generated for encryption
func (*RangeAESGCMMaterials) GetIV ¶ added in v1.5.0
func (m *RangeAESGCMMaterials) GetIV() (iv string)
GetIV returns the IV used to encrypt/decrypt as a string
func (*RangeAESGCMMaterials) GetKey ¶ added in v1.5.0
func (m *RangeAESGCMMaterials) GetKey() (key string)
GetKey returns the key used to encrypt/decrypt
func (*RangeAESGCMMaterials) Read ¶ added in v1.5.0
func (m *RangeAESGCMMaterials) Read(b []byte) (int, error)
func (*RangeAESGCMMaterials) SetPlainRange ¶ added in v1.5.0
func (m *RangeAESGCMMaterials) SetPlainRange(offset, length int64) error
func (*RangeAESGCMMaterials) SetupDecryptMode ¶ added in v1.5.0
SetupDecryptMode set underlying read function in decrypt mode
func (*RangeAESGCMMaterials) SetupEncryptMode ¶ added in v1.5.0
func (m *RangeAESGCMMaterials) SetupEncryptMode(stream io.Reader) error
SetupEncryptMode set underlying read function in encrypt mode