crypto

package
v0.0.0-...-3d067a8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 12, 2022 License: MIT Imports: 19 Imported by: 4

Documentation

Index

Constants

View Source 
const (
	// Encryption Constants
	AuthKeyIdSize   = 16 // bytes (128 bits)
	KdfIterations   = 4096
	ExtendedKeySize = 32
)

Variables

View Source 
var (
	// Errors
	ErrIncorrectPassword    = errors.New("Incorrect password")
	ErrInvalidPadding       = errors.New("Invalid padding")
	ErrKeyNotFound          = errors.New("Key not found")
	ErrNotEncryptedPEMBlock = errors.New("PEM block is not encrypted")
	ErrUnsupportedAlgorithm = errors.New("Unsupported encryption algorithm")
	ErrUnsupportedFormat    = errors.New("Unsupported encryption format, expecting 'PBES2'")
	ErrUnsupportedKDF       = errors.New("Unsupported KDF, expecting PBKD2")
)
View Source 
var (
	// ASN.1 Formats
	// RFC8018 Appendix A, RFC8018 Appendix C
	OidRSADI                 = asn1.ObjectIdentifier{1, 2, 840, 113549}
	OidPKCS                  = asn1.ObjectIdentifier{1, 2, 840, 113549, 1}
	OidPKCS5                 = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 5}
	OidPBEWithMD2AndDES_CBC  = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 5, 1}
	OidPBEWithMD5AndDES_CBC  = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 5, 3}
	OidPBEWithMD2AndRC2_CBC  = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 5, 4}
	OidPBEWithMD5AndRC2_CBC  = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 5, 6}
	OidPBEWithSHA1AndDES_CBC = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 5, 10}
	OidPBEWithSHA1AndRC2_CBC = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 5, 11}
	OidPBKDF2                = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 5, 12}
	OidPBES2                 = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 5, 13}
	OidPBMAC1                = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 5, 14}

	// Supported KFDs and Encryption Schemes
	// RFC8018 Appendix A, RFC8018 Appendix C
	OidDigestAlgorithm    = asn1.ObjectIdentifier{1, 2, 840, 113549, 2}
	OidHMACWithSHA1       = asn1.ObjectIdentifier{1, 2, 840, 113549, 2, 7}
	OidHMACWithSHA224     = asn1.ObjectIdentifier{1, 2, 840, 113549, 2, 8}
	OidHMACWithSHA256     = asn1.ObjectIdentifier{1, 2, 840, 113549, 2, 9}
	OidHMACWithSHA384     = asn1.ObjectIdentifier{1, 2, 840, 113549, 2, 10}
	OidHMACWithSHA512     = asn1.ObjectIdentifier{1, 2, 840, 113549, 2, 11}
	OidHMACWithSHA512_224 = asn1.ObjectIdentifier{1, 2, 840, 113549, 2, 12}
	OidHMACWithSHA512_256 = asn1.ObjectIdentifier{1, 2, 840, 113549, 2, 13}

	OidEncryptionAlgorithm = asn1.ObjectIdentifier{1, 2, 840, 113549, 3}
	OidRC2CBC              = asn1.ObjectIdentifier{1, 2, 840, 113549, 3, 2}
	OidDES_EDE3_CBC        = asn1.ObjectIdentifier{1, 2, 840, 113549, 3, 7}
	OidRC2_CBC_PAD         = asn1.ObjectIdentifier{1, 2, 840, 113549, 3, 9}

	OidOIW    = asn1.ObjectIdentifier{1, 3, 14}
	OidDESCBC = asn1.ObjectIdentifier{1, 3, 14, 3, 2, 7}

	OidNistAlgorithms = asn1.ObjectIdentifier{2, 16, 840, 1, 101, 3, 4}
	OidAES            = asn1.ObjectIdentifier{2, 16, 840, 1, 101, 3, 4, 1}
	OidAES128_CBC_PAD = asn1.ObjectIdentifier{2, 16, 840, 1, 101, 3, 4, 1, 2}
	OidAES192_CBC_PAD = asn1.ObjectIdentifier{2, 16, 840, 1, 101, 3, 4, 1, 22}
	OidAES256_CBC_PAD = asn1.ObjectIdentifier{2, 16, 840, 1, 101, 3, 4, 1, 42}
)

Functions

func DecryptPEMBlock 

func DecryptPEMBlock(b *pem.Block, password []byte) ([]byte, error)

DecryptPEMBlock returns the decrypted PEM block using the given passphrase.

func DecryptPKCS8Key 

func DecryptPKCS8Key(data, password []byte) ([]byte, error)

DecryptPKCS8Key decrypts the given PKCS#8 formatted DER encoded ASN.1 structure, and returns it decrypted using the given passphrase.

func DecryptPrivateKey 

func DecryptPrivateKey(key, password []byte) ([]byte, error)

DecryptPrivateKey returns the decrypted PEM block for the given PEM encoded private key and passphrase.

func ExtendKey 

func ExtendKey(key, salt []byte) []byte

ExtendKey returns an extended key using the PBKDF2 function

func Fingerprint 

func Fingerprint(key crypto.PublicKey) string

Fingerprint returns the SHA256 fingerprint for the given public key.

func GenerateRandomBytes 

func GenerateRandomBytes(n int) ([]byte, error)

generateRandomBytes returns n number of random bytes

func GenerateRandomString 

func GenerateRandomString(n int) (string, error)

generateRandomString returns a random string of n length

func KeyId 

func KeyId(key []byte) []byte

KeyId returns a AuthKeyIdSize long ID for the given key

func NewNonce 

func NewNonce(sz int) ([]byte, error)

NewNonce returns a new nonce for the given size

Types

type AlgorithmIdentifier 

type AlgorithmIdentifier struct {
	Algorithm  asn1.ObjectIdentifier
	Parameters PBES2Params
}

RFC5280 Section 4.1.1.2 AlgorithmIdentifer

type EncryptedPrivateKeyInfo 

type EncryptedPrivateKeyInfo struct {
	EncryptionAlgorithm AlgorithmIdentifier
	EncryptedData       []byte
}

RFC5208 Section 6 EncryptedPrivateKeyInfo

type PBES2Encs 

type PBES2Encs struct {
	Algorithm asn1.ObjectIdentifier
	IV        []byte
}

RFC8018 Appendix B.2 - B.2.2 DES-EDE3-CBC-Pad (Probably)

type PBES2KDFs 

type PBES2KDFs struct {
	Algorithm  asn1.ObjectIdentifier
	Parameters PBKDF2Params
}

RFC8018 Appendix A.4 PBES2-KDFs

type PBES2Params 

type PBES2Params struct {
	KeyDerivationFunc PBES2KDFs
	EncryptionScheme  PBES2Encs
}

RFC8018 Appendix A.4 PBES2-params

type PBKDF2PRFs 

type PBKDF2PRFs struct {
	Algorithm asn1.ObjectIdentifier
	NullID    asn1.RawValue
}

RFC8018 Appendix A.2 PBKDF2-PRFs

type PBKDF2Params 

type PBKDF2Params struct {
	Salt           []byte
	IterationCount int
	PRF            PBKDF2PRFs `asn1:"optional"`
}

RFC8018 Appendix A.2 PKBKDF2-params

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.