Documentation ¶
Index ¶
- Variables
- func GeneratePrivateKeyAndCert(keySize int, validFor time.Duration, cn string) (*rsa.PrivateKey, *x509.Certificate, error)
- func HybridDecrypt(rnd io.Reader, privKeys map[string]*rsa.PrivateKey, ciphertext, label []byte) ([]byte, error)
- func HybridEncrypt(rnd io.Reader, pubKey *rsa.PublicKey, plaintext, label []byte) ([]byte, error)
- func PublicKeyFingerprint(rp *rsa.PublicKey) (string, error)
- func SessionKeyProvider(sessionKeySource string, input []byte) (io.Reader, error)
- func SignKey(r io.Reader, key *rsa.PrivateKey, validFor time.Duration, cn string) (*x509.Certificate, error)
- type Reader
Constants ¶
This section is empty.
Variables ¶
View Source
var ErrTooShort = errors.New("SealedSecret data is too short")
ErrTooShort indicates the provided data is too short to be valid
Functions ¶
func GeneratePrivateKeyAndCert ¶ added in v0.9.7
func GeneratePrivateKeyAndCert(keySize int, validFor time.Duration, cn string) (*rsa.PrivateKey, *x509.Certificate, error)
GeneratePrivateKeyAndCert generates a keypair and signed certificate.
func HybridDecrypt ¶
func HybridDecrypt(rnd io.Reader, privKeys map[string]*rsa.PrivateKey, ciphertext, label []byte) ([]byte, error)
HybridDecrypt performs a regular AES-GCM + RSA-OAEP decryption. The private keys map has a fingerprint of each public key as the map key.
func HybridEncrypt ¶
HybridEncrypt performs a regular AES-GCM + RSA-OAEP encryption. The output bytestring is:
RSA ciphertext length || RSA ciphertext || AES ciphertext
func PublicKeyFingerprint ¶ added in v0.9.7
PublicKeyFingerprint returns a fingerprint for a public key.
func SessionKeyProvider ¶ added in v0.9.7
Types ¶
Click to show internal directories.
Click to hide internal directories.