Documentation ¶
Overview ¶
Package linux contains a linux-specific client for accessing the PKCS#11 APIs directly, bypassing the RPC-mechanism of the universal client.
Index ¶
- type SecureKey
- func (sk *SecureKey) CertificateChain() [][]byte
- func (sk *SecureKey) Close()
- func (sk *SecureKey) Decrypt(_ io.Reader, msg []byte, opts crypto.DecrypterOpts) (plaintext []byte, err error)
- func (sk *SecureKey) Encrypt(_ io.Reader, msg []byte, opts any) (ciphertext []byte, err error)
- func (sk *SecureKey) Public() crypto.PublicKey
- func (sk *SecureKey) Sign(_ io.Reader, digest []byte, opts crypto.SignerOpts) (signed []byte, err error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type SecureKey ¶
type SecureKey struct {
// contains filtered or unexported fields
}
SecureKey is a public wrapper for the internal PKCS#11 implementation.
func NewSecureKey ¶
func NewSecureKey(pkcs11Module string, slotUint32Str string, label string, userPin string) (*SecureKey, error)
NewSecureKey returns a handle to the first available certificate and private key pair in the specified PKCS#11 Module matching the filters.
func (*SecureKey) CertificateChain ¶
CertificateChain returns the SecureKey's raw X509 cert chain. This contains the public key.
func (*SecureKey) Close ¶
func (sk *SecureKey) Close()
Close frees up resources associated with the underlying key.
func (*SecureKey) Decrypt ¶ added in v0.3.0
func (sk *SecureKey) Decrypt(_ io.Reader, msg []byte, opts crypto.DecrypterOpts) (plaintext []byte, err error)
Decrypt decrypts a ciphertext msg into plaintext, using the specified decrypter opts. Implements crypto.Decrypter interface.
func (*SecureKey) Encrypt ¶ added in v0.3.0
Encrypt encrypts a plaintext msg into ciphertext, using the specified encrypt opts.