Documentation
¶
Overview ¶
Package cfca handles cfca issued key and certificate
Index ¶
- func EnvelopeMessage(cipher pkcs.Cipher, content []byte, recipients []*smx509.Certificate) ([]byte, error)
- func EnvelopeMessageLegacy(cipher pkcs.Cipher, content []byte, recipients []*smx509.Certificate) ([]byte, error)
- func MarshalSM2(password []byte, key *sm2.PrivateKey, cert *smx509.Certificate) ([]byte, error)
- func OpenEnvelopedMessage(data []byte, recipientCert *smx509.Certificate, key crypto.PrivateKey) ([]byte, error)
- func OpenEnvelopedMessageLegacy(data []byte, recipientCert *smx509.Certificate, key crypto.PrivateKey) ([]byte, error)
- func ParseSM2(password, data []byte) (*sm2.PrivateKey, *smx509.Certificate, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func EnvelopeMessage ¶ added in v0.29.5
func EnvelopeMessage(cipher pkcs.Cipher, content []byte, recipients []*smx509.Certificate) ([]byte, error)
EnvelopeMessage creates and returns an envelope data PKCS7 structure (DER encoded) with encrypted recipient keys for each recipient public key.
The OIDs use GM/T 0010 - 2012 set and the encrypted key uses ASN.1 format. This function uses recipient's SubjectKeyIdentifier to identify the recipient.
func EnvelopeMessageLegacy ¶ added in v0.29.5
func EnvelopeMessageLegacy(cipher pkcs.Cipher, content []byte, recipients []*smx509.Certificate) ([]byte, error)
EnvelopeMessageLegacy creates and returns an envelope data PKCS7 structure (DER encoded) with encrypted recipient keys for each recipient public key. This method is used for CFCA SADK verion less than 3.2 compatibility.
The OIDs use GM/T 0010 - 2012 set and the encrypted key use C1C2C3 format and without 0x4 prefix. This function uses recipient's IssuerAndSerialNumber to identify the recipient.
func MarshalSM2 ¶
func MarshalSM2(password []byte, key *sm2.PrivateKey, cert *smx509.Certificate) ([]byte, error)
MarshalSM2 encodes sm2 private key and related certificate to cfca defined format
func OpenEnvelopedMessage ¶ added in v0.29.5
func OpenEnvelopedMessage(data []byte, recipientCert *smx509.Certificate, key crypto.PrivateKey) ([]byte, error)
OpenEnvelopedMessage decrypts the enveloped message (DER encoded) using the provided certificate and private key. The certificate is used to identify the recipient and the private key is used to decrypt the encrypted key.
func OpenEnvelopedMessageLegacy ¶ added in v0.29.5
func OpenEnvelopedMessageLegacy(data []byte, recipientCert *smx509.Certificate, key crypto.PrivateKey) ([]byte, error)
OpenEnvelopedMessageLegacy decrypts the enveloped message (DER encoded) using the provided certificate and private key. The certificate is used to identify the recipient and the private key is used to decrypt the encrypted key.
This method is used for CFCA SADK verion less than 3.2 compatibility.
func ParseSM2 ¶
func ParseSM2(password, data []byte) (*sm2.PrivateKey, *smx509.Certificate, error)
ParseSM2 parses the der data, returns private key and related certificate, it's CFCA private structure.
Types ¶
This section is empty.
Source Files