Documentation
¶
Overview ¶
Package subtle provides subtle implementations of the digital signature primitive.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GenerateRSAKey ¶ added in v1.6.0
func GenerateRSAKey(modulusSize, publicExponent int) (*rsa.PrivateKey, error)
GenerateRSAKey generates an RSA key with the given modulus size and public exponent.
Note: The public exponent is hardcoded by the underlying crypto/rsa implementation. Other Tink implementations allow for the value to be specified so we accept it as an argument here solely to validate that the desired value is compatible.
Types ¶
type ECDSASignature ¶
ECDSASignature is a struct holding the r and s values of an ECDSA signature.
func DecodeECDSASignature ¶
func DecodeECDSASignature(encodedBytes []byte, encoding string) (*ECDSASignature, error)
DecodeECDSASignature creates a new ECDSA signature using the given byte slice. The function assumes that the byte slice is the concatenation of the BigEndian representation of two big integer r and s.
func NewECDSASignature ¶
func NewECDSASignature(r, s *big.Int) *ECDSASignature
NewECDSASignature creates a new ECDSASignature instance.
func (*ECDSASignature) EncodeECDSASignature ¶
func (sig *ECDSASignature) EncodeECDSASignature(encoding, curveName string) ([]byte, error)
EncodeECDSASignature converts the signature to the given encoding format.
type ECDSASigner ¶
type ECDSASigner struct {
// contains filtered or unexported fields
}
ECDSASigner is an implementation of Signer for ECDSA. At the moment, the implementation only accepts DER encoding.
func NewECDSASigner ¶
func NewECDSASigner(hashAlg string, curve string, encoding string, keyValue []byte) (*ECDSASigner, error)
NewECDSASigner creates a new instance of ECDSASigner.
func NewECDSASignerFromPrivateKey ¶
func NewECDSASignerFromPrivateKey(hashAlg string, encoding string, privateKey *ecdsa.PrivateKey) (*ECDSASigner, error)
NewECDSASignerFromPrivateKey creates a new instance of ECDSASigner
type ECDSAVerifier ¶
type ECDSAVerifier struct {
// contains filtered or unexported fields
}
ECDSAVerifier is an implementation of Verifier for ECDSA. At the moment, the implementation only accepts signatures with strict DER encoding.
func NewECDSAVerifier ¶
func NewECDSAVerifier(hashAlg string, curve string, encoding string, x []byte, y []byte) (*ECDSAVerifier, error)
NewECDSAVerifier creates a new instance of ECDSAVerifier.
func NewECDSAVerifierFromPublicKey ¶
func NewECDSAVerifierFromPublicKey(hashAlg string, encoding string, publicKey *ecdsa.PublicKey) (*ECDSAVerifier, error)
NewECDSAVerifierFromPublicKey creates a new instance of ECDSAVerifier.
func (*ECDSAVerifier) Verify ¶
func (e *ECDSAVerifier) Verify(signatureBytes, data []byte) error
Verify verifies whether the given signature is valid for the given data. It returns an error if the signature is not valid; nil otherwise.
type ED25519Signer ¶
type ED25519Signer struct {
// contains filtered or unexported fields
}
ED25519Signer is an implementation of Signer for ED25519.
func NewED25519Signer ¶
func NewED25519Signer(keyValue []byte) (*ED25519Signer, error)
NewED25519Signer creates a new instance of ED25519Signer.
func NewED25519SignerFromPrivateKey ¶
func NewED25519SignerFromPrivateKey(privateKey *ed25519.PrivateKey) (*ED25519Signer, error)
NewED25519SignerFromPrivateKey creates a new instance of ED25519Signer
type ED25519Verifier ¶
type ED25519Verifier struct {
// contains filtered or unexported fields
}
ED25519Verifier is an implementation of Verifier for ED25519. At the moment, the implementation only accepts signatures with strict DER encoding.
func NewED25519Verifier ¶
func NewED25519Verifier(pub []byte) (*ED25519Verifier, error)
NewED25519Verifier creates a new instance of ED25519Verifier.
func NewED25519VerifierFromPublicKey ¶
func NewED25519VerifierFromPublicKey(publicKey *ed25519.PublicKey) (*ED25519Verifier, error)
NewED25519VerifierFromPublicKey creates a new instance of ED25519Verifier.
func (*ED25519Verifier) Verify ¶
func (e *ED25519Verifier) Verify(signature, data []byte) error
Verify verifies whether the given signature is valid for the given data. It returns an error if the signature is not valid; nil otherwise.
type RSAPrivateKeyData ¶ added in v1.6.0
type RSAPrivateKeyData struct {
D *big.Int
P *big.Int
Q *big.Int
Dp *big.Int
Dq *big.Int
Qinv *big.Int
PublicKeyData *RSAPublicKeyData
}
RSAPrivateKeyData contains the raw data that makes up an RSA private key.
This facilitates creating instances of rsa.PrivateKey from serialized key material.
func (*RSAPrivateKeyData) CreateKey ¶ added in v1.6.0
func (r *RSAPrivateKeyData) CreateKey() (*rsa.PrivateKey, error)
CreateKey creates an rsa.PrivateKey.
func (*RSAPrivateKeyData) Validate ¶ added in v1.6.0
func (r *RSAPrivateKeyData) Validate() error
Validate verifies that the populated data is valid.
type RSAPublicKeyData ¶ added in v1.6.0
RSAPublicKeyData contains the raw data that makes up an RSA public key.
This facilitates creating instances of rsa.PublicKey from serialized key material.
func (*RSAPublicKeyData) CreateKey ¶ added in v1.6.0
func (r *RSAPublicKeyData) CreateKey() (*rsa.PublicKey, error)
CreateKey creates an rsa.PublicKey.
func (*RSAPublicKeyData) Validate ¶ added in v1.6.0
func (r *RSAPublicKeyData) Validate() error
Validate verifies that the parameters contain valid values.
Source Files