openssl

package
v2.0.0-beta.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 6, 2022 License: MIT Imports: 11 Imported by: 0

Documentation

Overview

package openssl provides access to OpenSSL implementation functions.

Index

Constants

View Source 
const (
	OPENSSL_VERSION_1_1_0 = uint64(C.ulong(0x10100000))
	OPENSSL_VERSION_3_0_0 = uint64(C.ulong(0x30000000))
)
View Source 
const GoStrictFipsEnv = "GOLANG_STRICT_FIPS"
View Source 
const RandReader = randReader(0)

Variables

View Source 
var GenerateKeyECDH = GenerateKeyECDSA
View Source 
var NewPrivateKeyECDH = NewPrivateKeyECDSA
View Source 
var NewPublicKeyECDH = NewPublicKeyECDSA

Functions

func DecryptRSANoPadding 

func DecryptRSANoPadding(priv *PrivateKeyRSA, ciphertext []byte) ([]byte, error)

func DecryptRSAOAEP 

func DecryptRSAOAEP(h hash.Hash, priv *PrivateKeyRSA, ciphertext, label []byte) ([]byte, error)

func DecryptRSAPKCS1 

func DecryptRSAPKCS1(priv *PrivateKeyRSA, ciphertext []byte) ([]byte, error)

func Enabled 

func Enabled() bool

Enabled returns whether or not the boring package is enabled. When the boring package is enabled that means FIPS mode is enabled.

func EncryptRSANoPadding 

func EncryptRSANoPadding(pub *PublicKeyRSA, msg []byte) ([]byte, error)

func EncryptRSAOAEP 

func EncryptRSAOAEP(h hash.Hash, pub *PublicKeyRSA, msg, label []byte) ([]byte, error)

func EncryptRSAPKCS1 

func EncryptRSAPKCS1(pub *PublicKeyRSA, msg []byte) ([]byte, error)

func ExecutingTest 

func ExecutingTest() bool

ExecutingTest returns a boolean indicating if we're executing under a test binary or not.

func IsStrictFips 

func IsStrictFips() bool

func NewAESCipher 

func NewAESCipher(key []byte) (cipher.Block, error)

func NewGCMTLS 

func NewGCMTLS(c cipher.Block) (cipher.AEAD, error)

NewGCMTLS returns a GCM cipher specific to TLS and should not be used for non-TLS purposes.

func NewHMAC 

func NewHMAC(h func() hash.Hash, key []byte) hash.Hash

NewHMAC returns a new HMAC using BoringCrypto. The function h must return a hash implemented by BoringCrypto (for example, h could be boring.NewSHA256). If h is not recognized, NewHMAC returns nil.

func NewOpenSSLError 

func NewOpenSSLError(msg string) error

func NewSHA1 

func NewSHA1() hash.Hash

NewSHA1 returns a new SHA1 hash.

func NewSHA224 

func NewSHA224() hash.Hash

NewSHA224 returns a new SHA224 hash.

func NewSHA256 

func NewSHA256() hash.Hash

NewSHA256 returns a new SHA256 hash.

func NewSHA384 

func NewSHA384() hash.Hash

NewSHA384 returns a new SHA384 hash.

func NewSHA512 

func NewSHA512() hash.Hash

NewSHA512 returns a new SHA512 hash.

func PanicIfStrictFIPS 

func PanicIfStrictFIPS(msg string)

func RandStubbed 

func RandStubbed() bool

func RestoreOpenSSLRand 

func RestoreOpenSSLRand()

func SHA1 

func SHA1(p []byte) (sum [20]byte)

func SHA224 

func SHA224(p []byte) (sum [28]byte)

func SHA256 

func SHA256(p []byte) (sum [32]byte)

func SHA384 

func SHA384(p []byte) (sum [48]byte)

func SHA512 

func SHA512(p []byte) (sum [64]byte)

func SharedKeyECDH 

func SharedKeyECDH(priv *PrivateKeyECDH, peerPublicKey []byte) ([]byte, error)

func SignMarshalECDSA 

func SignMarshalECDSA(priv *PrivateKeyECDSA, hash []byte) ([]byte, error)

func SignRSAPKCS1v15 

func SignRSAPKCS1v15(priv *PrivateKeyRSA, h crypto.Hash, msg []byte, msgIsHashed bool) ([]byte, error)

func SignRSAPSS 

func SignRSAPSS(priv *PrivateKeyRSA, h crypto.Hash, hashed []byte, saltLen int) ([]byte, error)

func StubOpenSSLRand 

func StubOpenSSLRand()

func Unreachable 

func Unreachable()

Unreachable marks code that should be unreachable when FIPS mode. It panics only when the system is in FIPS mode.

func UnreachableExceptTests 

func UnreachableExceptTests()

UnreachableExceptTests marks code that should be unreachable when FIPS mode is active. It panics only when the system is in FIPS mode and not executing under tests.

func VerifyECDSA 

func VerifyECDSA(pub *PublicKeyECDSA, hash []byte, sig []byte) bool

func VerifyRSAPKCS1v15 

func VerifyRSAPKCS1v15(pub *PublicKeyRSA, h crypto.Hash, msg, sig []byte, msgIsHashed bool) error

func VerifyRSAPSS 

func VerifyRSAPSS(pub *PublicKeyRSA, h crypto.Hash, hashed, sig []byte, saltLen int) error

Types

type BigInt 

type BigInt []uint

A BigInt is the raw words from a BigInt. This definition allows us to avoid importing math/big. Conversion between BigInt and *big.Int is in crypto/internal/boring/bbig.

func GenerateKeyECDSA 

func GenerateKeyECDSA(curve string) (X, Y, D BigInt, err error)

func GenerateKeyRSA 

func GenerateKeyRSA(bits int) (N, E, D, P, Q, Dp, Dq, Qinv BigInt, err error)

type PrivateKeyECDH 

type PrivateKeyECDH = PrivateKeyECDSA

type PrivateKeyECDSA 

type PrivateKeyECDSA struct {
	// contains filtered or unexported fields
}

func NewPrivateKeyECDSA 

func NewPrivateKeyECDSA(curve string, X, Y BigInt, D BigInt) (*PrivateKeyECDSA, error)

type PrivateKeyRSA 

type PrivateKeyRSA struct {
	// contains filtered or unexported fields
}

func NewPrivateKeyRSA 

func NewPrivateKeyRSA(N, E, D, P, Q, Dp, Dq, Qinv BigInt) (*PrivateKeyRSA, error)

type PublicKeyECDH 

type PublicKeyECDH = PublicKeyECDSA

ECDH keys are compatible with ECDSA

type PublicKeyECDSA 

type PublicKeyECDSA struct {
	// contains filtered or unexported fields
}

func NewPublicKeyECDSA 

func NewPublicKeyECDSA(curve string, X, Y BigInt) (*PublicKeyECDSA, error)

type PublicKeyRSA 

type PublicKeyRSA struct {
	// contains filtered or unexported fields
}

func NewPublicKeyRSA 

func NewPublicKeyRSA(N, E BigInt) (*PublicKeyRSA, error)

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.