Documentation ¶
Index ¶
- Variables
- func CalculateZA(pub *PublicKey, uid []byte) ([]byte, error)
- func Compress(pub *PublicKey) []byte
- func Decrypt(priv *PrivateKey, data []byte, opts crypto.DecrypterOpts) ([]byte, error)
- func DecryptASN1(priv *PrivateKey, data []byte, opts crypto.DecrypterOpts) ([]byte, error)
- func Encrypt(random io.Reader, pub *PublicKey, data []byte, opts crypto.DecrypterOpts) ([]byte, error)
- func EncryptASN1(random io.Reader, pub *PublicKey, data []byte, opts crypto.DecrypterOpts) ([]byte, error)
- func KeyExchangeA(klen int, ida, idb []byte, priA *PrivateKey, pubB *PublicKey, rpri *PrivateKey, ...) (k, s1, s2 []byte, err error)
- func KeyExchangeB(klen int, ida, idb []byte, priB *PrivateKey, pubA *PublicKey, rpri *PrivateKey, ...) (k, s1, s2 []byte, err error)
- func MarshalPrivateKey(key *PrivateKey) ([]byte, error)
- func MarshalPublicKey(key *PublicKey) ([]byte, error)
- func MarshalSM2PrivateKey(key *PrivateKey) ([]byte, error)
- func MarshalSignatureASN1(r, s *big.Int) ([]byte, error)
- func P256() elliptic.Curve
- func Sign(random io.Reader, priv *PrivateKey, msg []byte, opts crypto.SignerOpts) ([]byte, error)
- func SignBytes(random io.Reader, priv *PrivateKey, msg []byte, opts crypto.SignerOpts) ([]byte, error)
- func SignToRS(random io.Reader, priv *PrivateKey, msg []byte, opts crypto.SignerOpts) (r, s *big.Int, err error)
- func ToPrivateKey(key *PrivateKey) []byte
- func ToPublicKey(key *PublicKey) []byte
- func UnmarshalSignatureASN1(sign []byte) (r, s *big.Int, err error)
- func Verify(pub *PublicKey, msg, sign []byte, opts crypto.SignerOpts) error
- func VerifyBytes(pub *PublicKey, msg, sign []byte, opts crypto.SignerOpts) error
- func VerifyWithRS(pub *PublicKey, msg []byte, r, s *big.Int, opts crypto.SignerOpts) error
- type EncrypterOpts
- type KeyExchange
- func (ke *KeyExchange) ConfirmInitiator(s1 []byte) ([]byte, error)
- func (ke *KeyExchange) ConfirmResponder(rB *PublicKey, sB []byte) ([]byte, []byte, error)
- func (ke *KeyExchange) Init(random io.Reader) (*PublicKey, error)
- func (ke *KeyExchange) Repond(random io.Reader, rA *PublicKey) (*PublicKey, []byte, error)
- func (ke *KeyExchange) Reset()
- func (ke *KeyExchange) SetPeerParameters(peerPub *PublicKey, peerUID []byte) error
- type Mode
- type PrivateKey
- func (priv *PrivateKey) Decrypt(_ io.Reader, data []byte, opts crypto.DecrypterOpts) (plaintext []byte, err error)
- func (priv *PrivateKey) DecryptASN1(data []byte, opts crypto.DecrypterOpts) ([]byte, error)
- func (priv *PrivateKey) Equal(x crypto.PrivateKey) bool
- func (priv *PrivateKey) Public() crypto.PublicKey
- func (priv *PrivateKey) Sign(random io.Reader, msg []byte, opts crypto.SignerOpts) ([]byte, error)
- func (priv *PrivateKey) SignBytes(random io.Reader, msg []byte, opts crypto.SignerOpts) ([]byte, error)
- type PublicKey
- func (pub *PublicKey) Encrypt(random io.Reader, data []byte, opts crypto.DecrypterOpts) ([]byte, error)
- func (pub *PublicKey) EncryptASN1(random io.Reader, data []byte, opts crypto.DecrypterOpts) ([]byte, error)
- func (pub *PublicKey) Equal(x crypto.PublicKey) bool
- func (pub *PublicKey) Verify(msg, sign []byte, opts crypto.SignerOpts) bool
- func (pub *PublicKey) VerifyBytes(msg, sign []byte, opts crypto.SignerOpts) bool
- type SignerOpts
Constants ¶
This section is empty.
Variables ¶
var ( // default Encrypter Opts DefaultEncrypterOpts = EncrypterOpts{ Mode: C1C3C2, Hash: sm3.New, } // default Signer Opts DefaultSignerOpts = SignerOpts{ Uid: defaultUID, Hash: sm3.New, } )
Functions ¶
func CalculateZA ¶ added in v1.0.2047
CalculateZA ZA = H256(ENTLA || IDA || a || b || xG || yG || xA || yA)
func Decrypt ¶
func Decrypt(priv *PrivateKey, data []byte, opts crypto.DecrypterOpts) ([]byte, error)
sm2 解密,解析字节拼接格式的密文内容 Decrypt bytes marshal data
func DecryptASN1 ¶ added in v1.0.2042
func DecryptASN1(priv *PrivateKey, data []byte, opts crypto.DecrypterOpts) ([]byte, error)
sm2 解密,解析 asn.1 编码格式的密文内容 Decrypt asn.1 marshal data
func Encrypt ¶
func Encrypt(random io.Reader, pub *PublicKey, data []byte, opts crypto.DecrypterOpts) ([]byte, error)
sm2 加密,返回字节拼接格式的密文内容 Encrypted and return bytes data
func EncryptASN1 ¶ added in v1.0.2042
func EncryptASN1(random io.Reader, pub *PublicKey, data []byte, opts crypto.DecrypterOpts) ([]byte, error)
sm2 加密,返回 asn.1 编码格式的密文内容 Encrypted and return asn.1 data
func KeyExchangeA ¶
func KeyExchangeA(klen int, ida, idb []byte, priA *PrivateKey, pubB *PublicKey, rpri *PrivateKey, rpubB *PublicKey) (k, s1, s2 []byte, err error)
KeyExchangeA 协商第二部,用户A调用,返回共享密钥k
func KeyExchangeB ¶
func KeyExchangeB(klen int, ida, idb []byte, priB *PrivateKey, pubA *PublicKey, rpri *PrivateKey, rpubA *PublicKey) (k, s1, s2 []byte, err error)
KeyExchangeB 协商第二部,用户B调用, 返回共享密钥k
func MarshalPrivateKey ¶
func MarshalPrivateKey(key *PrivateKey) ([]byte, error)
func MarshalPublicKey ¶
func MarshalSM2PrivateKey ¶
func MarshalSM2PrivateKey(key *PrivateKey) ([]byte, error)
MarshalSM2PrivateKey converts an SM2 private key to SEC 1, ASN.1 DER form.
This kind of key is commonly encoded in PEM blocks of type "SM2 PRIVATE KEY". For a more flexible key format which is not SM2 specific, use MarshalPKCS8PrivateKey.
func MarshalSignatureASN1 ¶ added in v1.0.2047
func Sign ¶
func Sign(random io.Reader, priv *PrivateKey, msg []byte, opts crypto.SignerOpts) ([]byte, error)
签名返回 asn.1 编码数据 sign data and return asn.1 marshal data
func SignBytes ¶ added in v1.0.2053
func SignBytes(random io.Reader, priv *PrivateKey, msg []byte, opts crypto.SignerOpts) ([]byte, error)
签名返回 Bytes 编码数据 sign data and return Bytes marshal data
func SignToRS ¶ added in v1.0.2053
func SignToRS(random io.Reader, priv *PrivateKey, msg []byte, opts crypto.SignerOpts) (r, s *big.Int, err error)
sm2 sign with SignerOpts
func UnmarshalSignatureASN1 ¶ added in v1.0.2047
func Verify ¶
func Verify(pub *PublicKey, msg, sign []byte, opts crypto.SignerOpts) error
验证 asn.1 编码的数据 ans1(r, s) Verify asn.1 marshal data
func VerifyBytes ¶ added in v1.0.2053
func VerifyBytes(pub *PublicKey, msg, sign []byte, opts crypto.SignerOpts) error
验证 asn.1 编码的数据 bytes(r + s) Verify Bytes marshal data
func VerifyWithRS ¶ added in v1.0.2053
sm2 verify with SignerOpts
Types ¶
type EncrypterOpts ¶
type EncrypterOpts struct { Mode Mode Hash hashFunc }
加密设置 Encrypter Opts
func (EncrypterOpts) GetHash ¶ added in v1.0.2052
func (this EncrypterOpts) GetHash() hashFunc
func (EncrypterOpts) GetMode ¶ added in v1.0.2052
func (this EncrypterOpts) GetMode() Mode
type KeyExchange ¶ added in v1.0.2052
type KeyExchange struct {
// contains filtered or unexported fields
}
KeyExchange key exchange struct, include internal stat in whole key exchange flow. Initiator's flow will be: NewKeyExchange -> Init -> transmission -> ConfirmResponder Responder's flow will be: NewKeyExchange -> waiting ... -> Repond -> transmission -> ConfirmInitiator
func NewKeyExchange ¶ added in v1.0.2052
func NewKeyExchange(priv *PrivateKey, peerPub *PublicKey, uid, peerUID []byte, keyLen int, genSignature bool) (ke *KeyExchange, err error)
NewKeyExchange create one new KeyExchange object
func (*KeyExchange) ConfirmInitiator ¶ added in v1.0.2052
func (ke *KeyExchange) ConfirmInitiator(s1 []byte) ([]byte, error)
ConfirmInitiator for responder's step B10
func (*KeyExchange) ConfirmResponder ¶ added in v1.0.2052
ConfirmResponder for initiator's step A4-A10, returns keying data and optional signature.
It will check if there are peer's public key and validate the peer's Ephemeral Public Key.
If the peer's signature is not empty, then it will also validate the peer's signature and return generated signature depends on KeyExchange.genSignature value.
func (*KeyExchange) Init ¶ added in v1.0.2052
func (ke *KeyExchange) Init(random io.Reader) (*PublicKey, error)
Init is for initiator's step A1-A3, returns generated Ephemeral Public Key which will be passed to Reponder.
func (*KeyExchange) Repond ¶ added in v1.0.2052
Repond is for responder's step B1-B8, returns generated Ephemeral Public Key and optional signature depends on KeyExchange.genSignature value.
It will check if there are peer's public key and validate the peer's Ephemeral Public Key.
func (*KeyExchange) Reset ¶ added in v1.0.2052
func (ke *KeyExchange) Reset()
Reset clear all internal state and Ephemeral private/public keys.
func (*KeyExchange) SetPeerParameters ¶ added in v1.0.2052
func (ke *KeyExchange) SetPeerParameters(peerPub *PublicKey, peerUID []byte) error
SetPeerParameters when need other param
type PrivateKey ¶
SM2 PrivateKey
func GenerateKey ¶
func GenerateKey(random io.Reader) (*PrivateKey, error)
生成私钥证书 generate PrivateKey
func NewPrivateKey ¶
func NewPrivateKey(d []byte) (*PrivateKey, error)
根据私钥明文初始化私钥 New a PrivateKey from privatekey data
func ParsePrivateKey ¶
func ParsePrivateKey(der []byte) (*PrivateKey, error)
func ParseSM2PrivateKey ¶
func ParseSM2PrivateKey(der []byte) (*PrivateKey, error)
ParseSM2PrivateKey parses an SM2 private key in SEC 1, ASN.1 DER form.
This kind of key is commonly encoded in PEM blocks of type "SM2 PRIVATE KEY".
func (*PrivateKey) Decrypt ¶
func (priv *PrivateKey) Decrypt(_ io.Reader, data []byte, opts crypto.DecrypterOpts) (plaintext []byte, err error)
crypto.Decrypter
func (*PrivateKey) DecryptASN1 ¶ added in v1.0.2042
func (priv *PrivateKey) DecryptASN1(data []byte, opts crypto.DecrypterOpts) ([]byte, error)
Decrypt with ASN1
func (*PrivateKey) Equal ¶
func (priv *PrivateKey) Equal(x crypto.PrivateKey) bool
Equal reports whether priv and x have the same value.
func (*PrivateKey) Public ¶
func (priv *PrivateKey) Public() crypto.PublicKey
The SM2's private key contains the public key
func (*PrivateKey) Sign ¶
func (priv *PrivateKey) Sign(random io.Reader, msg []byte, opts crypto.SignerOpts) ([]byte, error)
签名返回 asn.1 编码数据 sign data and return asn.1 marshal data
func (*PrivateKey) SignBytes ¶
func (priv *PrivateKey) SignBytes(random io.Reader, msg []byte, opts crypto.SignerOpts) ([]byte, error)
签名返回 Bytes 编码数据 sign data and return Bytes marshal data
type PublicKey ¶
SM2 PublicKey
func NewPublicKey ¶
根据公钥明文初始化公钥 New a PublicKey from publicKey data
func ParsePublicKey ¶
func (*PublicKey) Encrypt ¶
func (pub *PublicKey) Encrypt(random io.Reader, data []byte, opts crypto.DecrypterOpts) ([]byte, error)
Encrypt with bytes
func (*PublicKey) EncryptASN1 ¶ added in v1.0.2042
func (pub *PublicKey) EncryptASN1(random io.Reader, data []byte, opts crypto.DecrypterOpts) ([]byte, error)
Encrypt with ASN1
func (*PublicKey) Verify ¶
func (pub *PublicKey) Verify(msg, sign []byte, opts crypto.SignerOpts) bool
验证 asn.1 编码的数据 ans1(r, s) Verify asn.1 marshal data
func (*PublicKey) VerifyBytes ¶
func (pub *PublicKey) VerifyBytes(msg, sign []byte, opts crypto.SignerOpts) bool
验证 asn.1 编码的数据 bytes(r + s) Verify Bytes marshal data
type SignerOpts ¶
type SignerOpts struct { Uid []byte Hash hashFunc }
签名设置 Signer Opts
func (SignerOpts) GetHash ¶ added in v1.0.2052
func (this SignerOpts) GetHash() hashFunc
func (SignerOpts) GetUid ¶ added in v1.0.2052
func (this SignerOpts) GetUid() []byte
func (SignerOpts) HashFunc ¶
func (this SignerOpts) HashFunc() crypto.Hash