keyutils

package
v1.12.1-0...-676f45f Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 14, 2022 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Overview

Package keyutils serves as a utility to parse, encrypt and decrypt PKCS#1 and PKCS#8 private keys based on current FIPS mode status, supporting only EC type keys. It always allows PKCS#8 private keys and disallow PKCS#1 private keys in FIPS-mode.

Index

Constants

This section is empty.

Variables

View Source 
var ErrFIPSUnsupportedKeyFormat = errors.New("unsupported key format due to FIPS compliance")

ErrFIPSUnsupportedKeyFormat is returned when encryption/decryption operations are attempted on a PKCS1 key when FIPS mode is enabled.

Functions

func IsEncryptedPEMBlock 

func IsEncryptedPEMBlock(block *pem.Block) bool

IsEncryptedPEMBlock checks if a PKCS#1 or PKCS#8 PEM-block is encrypted or not

func IsPKCS8 

func IsPKCS8(derBytes []byte) bool

IsPKCS8 returns true if the provided der bytes is encrypted/unencrypted PKCS#8 key

Types

type Formatter 

type Formatter interface {
	ParsePrivateKeyPEMWithPassword(pemBytes, password []byte) (crypto.Signer, error)
	DecryptPEMBlock(block *pem.Block, password []byte) ([]byte, error)
	EncryptPEMBlock(data, password []byte) (*pem.Block, error)
}

Formatter provides an interface for converting keys to the right format, and encrypting and decrypting keys 

var Default Formatter = &utils{fips: false}

Default is the default key util, where FIPS is not required 

var FIPS Formatter = &utils{fips: true}

FIPS is the key utility which enforces FIPS compliance

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.