crypto

package
v0.9.9 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 1, 2020 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var ErrTooShort = errors.New("SealedSecret data is too short")

ErrTooShort indicates the provided data is too short to be valid

Functions

func GeneratePrivateKeyAndCert added in v0.9.7

func GeneratePrivateKeyAndCert(keySize int, validFor time.Duration, cn string) (*rsa.PrivateKey, *x509.Certificate, error)

GeneratePrivateKeyAndCert generates a keypair and signed certificate.

func HybridDecrypt

func HybridDecrypt(rnd io.Reader, privKeys map[string]*rsa.PrivateKey, ciphertext, label []byte) ([]byte, error)

HybridDecrypt performs a regular AES-GCM + RSA-OAEP decryption. The private keys map has a fingerprint of each public key as the map key.

func HybridEncrypt

func HybridEncrypt(rnd io.Reader, pubKey *rsa.PublicKey, plaintext, label []byte) ([]byte, error)

HybridEncrypt performs a regular AES-GCM + RSA-OAEP encryption. The output bytestring is:

RSA ciphertext length || RSA ciphertext || AES ciphertext

func PublicKeyFingerprint added in v0.9.7

func PublicKeyFingerprint(rp *rsa.PublicKey) (string, error)

PublicKeyFingerprint returns a fingerprint for a public key.

func SessionKeyProvider added in v0.9.7

func SessionKeyProvider(sessionKeySeed string, input []byte) (io.Reader, error)

func SignKey added in v0.9.7

func SignKey(r io.Reader, key *rsa.PrivateKey, validFor time.Duration, cn string) (*x509.Certificate, error)

SignKey returns a signed certificate.

Types

type Reader added in v0.9.7

type Reader struct {
	// contains filtered or unexported fields
}

func (*Reader) Read added in v0.9.7

func (r *Reader) Read(p []byte) (n int, err error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL