Documentation
¶
Index ¶
- func ExtractPrimaryPublicKey(kh *keyset.Handle) (*cryptoapi.PublicKey, error)
- func PrivateKeyToKeysetHandle(privKey *cryptoapi.PrivateKey, aeadAlg ecdh.AEADAlg) (*keyset.Handle, error)
- func PublicKeyToKeysetHandle(pubKey *cryptoapi.PublicKey, aeadAlg ecdh.AEADAlg) (*keyset.Handle, error)
- type PubKeyWriter
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ExtractPrimaryPublicKey ¶
ExtractPrimaryPublicKey is a utility function that will extract the main public key from *keyset.Handle kh.
func PrivateKeyToKeysetHandle ¶ added in v0.1.7
func PrivateKeyToKeysetHandle(privKey *cryptoapi.PrivateKey, aeadAlg ecdh.AEADAlg) (*keyset.Handle, error)
PrivateKeyToKeysetHandle converts privKey into a *keyset.Handle where privKey could be either a sender or a recipient key. The resulting handle cannot be directly used for primitive execution as the cek is not set. This function serves as a helper to get a senderKH to be used as an option for ECDH execution (for ECDH-1PU/authcrypt). The keyset handle will be set with either AES256-GCM, AES128CBC+SHA256, AES192CBC+SHA384, AES256CBC+SHA384 or AES256CBC+SHA512 AEAD key template for content encryption. With: - privKey the private key to convert. - aeadAlg the content encryption algorithm to use along the ECDH primitive.
func PublicKeyToKeysetHandle ¶ added in v0.1.5
func PublicKeyToKeysetHandle(pubKey *cryptoapi.PublicKey, aeadAlg ecdh.AEADAlg) (*keyset.Handle, error)
PublicKeyToKeysetHandle converts pubKey into a *keyset.Handle where pubKey could be either a sender or a recipient key. The resulting handle cannot be directly used for primitive execution as the cek is not set. This function serves as a helper to get a senderKH to be used as an option for ECDH execution (for ECDH-1PU/authcrypt). The keyset handle will be set with either AES256-GCM, AES128CBC+SHA256, AES192CBC+SHA384, AES256CBC+SHA384 or AES256CBC+SHA512 AEAD key template for content encryption. With: - pubKey the public key to convert. - aeadAlg the content encryption algorithm to use along the ECDH primitive.
Types ¶
type PubKeyWriter ¶
type PubKeyWriter struct {
// KeyType is Key Type of the written key. It's needed as Write() is an interface function and can't return it.
KeyType kms.KeyType
// contains filtered or unexported fields
}
PubKeyWriter will write the raw bytes of a Tink KeySet's primary public key. The raw bytes are a marshaled composite.VerificationMethod type. The keyset must have a keyURL value equal to either one of the public key URLs:
- `nistPECDHKWPublicKeyTypeURL`
- `x25519ECDHKWPublicKeyTypeURL`
constants of ecdh package. Note: This writer should be used only for ECDH public key exports. Other export of public keys should be
called via localkms package.
func NewWriter ¶
func NewWriter(w io.Writer) *PubKeyWriter
NewWriter creates a new PubKeyWriter instance.
func (*PubKeyWriter) Write ¶
func (p *PubKeyWriter) Write(ks *tinkpb.Keyset) error
Write writes the public keyset to the underlying w.Writer.
func (*PubKeyWriter) WriteEncrypted ¶
func (p *PubKeyWriter) WriteEncrypted(_ *tinkpb.EncryptedKeyset) error
WriteEncrypted writes the encrypted keyset to the underlying w.Writer.
Source Files