cryptoutil

package
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 15, 2023 License: Apache-2.0 Imports: 15 Imported by: 7

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Digest

func Digest(r io.Reader, hash crypto.Hash) ([]byte, error)

func DigestBytes

func DigestBytes(data []byte, hash crypto.Hash) ([]byte, error)

func GeneratePublicKeyID

func GeneratePublicKeyID(pub interface{}, hash crypto.Hash) (string, error)

func HashFromString

func HashFromString(name string) (crypto.Hash, error)

func HashToString

func HashToString(h crypto.Hash) (string, error)

func HexEncode

func HexEncode(src []byte) []byte

func PublicPemBytes

func PublicPemBytes(pub interface{}) ([]byte, error)

func TryParseCertificate

func TryParseCertificate(data []byte) (*x509.Certificate, error)

func TryParseKeyFromReader

func TryParseKeyFromReader(r io.Reader) (interface{}, error)

func TryParsePEMBlock

func TryParsePEMBlock(block *pem.Block) (interface{}, error)

Types

type DigestSet

type DigestSet map[DigestValue]string

func CalculateDigestSet

func CalculateDigestSet(r io.Reader, hashes []crypto.Hash) (DigestSet, error)

func CalculateDigestSetFromBytes

func CalculateDigestSetFromBytes(data []byte, hashes []crypto.Hash) (DigestSet, error)

func CalculateDigestSetFromFile

func CalculateDigestSetFromFile(path string, hashes []crypto.Hash) (DigestSet, error)

func NewDigestSet

func NewDigestSet(digestsByName map[string]string) (DigestSet, error)

func (*DigestSet) Equal

func (ds *DigestSet) Equal(second DigestSet) bool

Equal returns true if every digest for hash functions both artifacts have in common are equal. If the two artifacts don't have any digests from common hash functions, equal will return false. If any digest from common hash functions differ between the two artifacts, equal will return false.

func (DigestSet) MarshalJSON

func (ds DigestSet) MarshalJSON() ([]byte, error)

func (*DigestSet) ToNameMap

func (ds *DigestSet) ToNameMap() (map[string]string, error)

func (*DigestSet) UnmarshalJSON

func (ds *DigestSet) UnmarshalJSON(data []byte) error

type DigestValue

type DigestValue struct {
	crypto.Hash
	GitOID bool
}

type ECDSASigner

type ECDSASigner struct {
	// contains filtered or unexported fields
}

func NewECDSASigner

func NewECDSASigner(priv *ecdsa.PrivateKey, hash crypto.Hash) *ECDSASigner

func (*ECDSASigner) KeyID

func (s *ECDSASigner) KeyID() (string, error)

func (*ECDSASigner) Sign

func (s *ECDSASigner) Sign(r io.Reader) ([]byte, error)

func (*ECDSASigner) Verifier

func (s *ECDSASigner) Verifier() (Verifier, error)

type ECDSAVerifier

type ECDSAVerifier struct {
	// contains filtered or unexported fields
}

func NewECDSAVerifier

func NewECDSAVerifier(pub *ecdsa.PublicKey, hash crypto.Hash) *ECDSAVerifier

func (*ECDSAVerifier) Bytes

func (v *ECDSAVerifier) Bytes() ([]byte, error)

func (*ECDSAVerifier) KeyID

func (v *ECDSAVerifier) KeyID() (string, error)

func (*ECDSAVerifier) Verify

func (v *ECDSAVerifier) Verify(data io.Reader, sig []byte) error

type ED25519Signer

type ED25519Signer struct {
	// contains filtered or unexported fields
}

func NewED25519Signer

func NewED25519Signer(priv ed25519.PrivateKey) *ED25519Signer

func (*ED25519Signer) KeyID

func (s *ED25519Signer) KeyID() (string, error)

func (*ED25519Signer) Sign

func (s *ED25519Signer) Sign(r io.Reader) ([]byte, error)

func (*ED25519Signer) Verifier

func (s *ED25519Signer) Verifier() (Verifier, error)

type ED25519Verifier

type ED25519Verifier struct {
	// contains filtered or unexported fields
}

func NewED25519Verifier

func NewED25519Verifier(pub ed25519.PublicKey) *ED25519Verifier

func (*ED25519Verifier) Bytes

func (v *ED25519Verifier) Bytes() ([]byte, error)

func (*ED25519Verifier) KeyID

func (v *ED25519Verifier) KeyID() (string, error)

func (*ED25519Verifier) Verify

func (v *ED25519Verifier) Verify(r io.Reader, sig []byte) error

type ErrInvalidCertificate

type ErrInvalidCertificate struct{}

func (ErrInvalidCertificate) Error

func (e ErrInvalidCertificate) Error() string

type ErrInvalidPemBlock

type ErrInvalidPemBlock struct{}

func (ErrInvalidPemBlock) Error

func (e ErrInvalidPemBlock) Error() string

type ErrInvalidSigner

type ErrInvalidSigner struct{}

func (ErrInvalidSigner) Error

func (e ErrInvalidSigner) Error() string

type ErrUnsupportedHash

type ErrUnsupportedHash string

func (ErrUnsupportedHash) Error

func (e ErrUnsupportedHash) Error() string

type ErrUnsupportedKeyType

type ErrUnsupportedKeyType struct {
	// contains filtered or unexported fields
}

func (ErrUnsupportedKeyType) Error

func (e ErrUnsupportedKeyType) Error() string

type ErrUnsupportedPEM

type ErrUnsupportedPEM struct {
	// contains filtered or unexported fields
}

func (ErrUnsupportedPEM) Error

func (e ErrUnsupportedPEM) Error() string

type ErrVerifyFailed

type ErrVerifyFailed struct{}

func (ErrVerifyFailed) Error

func (e ErrVerifyFailed) Error() string

type KeyIdentifier

type KeyIdentifier interface {
	KeyID() (string, error)
}

type RSASigner

type RSASigner struct {
	// contains filtered or unexported fields
}

func NewRSASigner

func NewRSASigner(priv *rsa.PrivateKey, hash crypto.Hash) *RSASigner

func (*RSASigner) KeyID

func (s *RSASigner) KeyID() (string, error)

func (*RSASigner) Sign

func (s *RSASigner) Sign(r io.Reader) ([]byte, error)

func (*RSASigner) Verifier

func (s *RSASigner) Verifier() (Verifier, error)

type RSAVerifier

type RSAVerifier struct {
	// contains filtered or unexported fields
}

func NewRSAVerifier

func NewRSAVerifier(pub *rsa.PublicKey, hash crypto.Hash) *RSAVerifier

func (*RSAVerifier) Bytes

func (v *RSAVerifier) Bytes() ([]byte, error)

func (*RSAVerifier) KeyID

func (v *RSAVerifier) KeyID() (string, error)

func (*RSAVerifier) Verify

func (v *RSAVerifier) Verify(data io.Reader, sig []byte) error

type Signer

type Signer interface {
	KeyIdentifier
	Sign(r io.Reader) ([]byte, error)
	Verifier() (Verifier, error)
}

func NewSigner

func NewSigner(priv interface{}, opts ...SignerOption) (Signer, error)

func NewSignerFromReader

func NewSignerFromReader(r io.Reader, opts ...SignerOption) (Signer, error)

type SignerOption

type SignerOption func(*signerOptions)

func SignWithCertificate

func SignWithCertificate(cert *x509.Certificate) SignerOption

func SignWithHash

func SignWithHash(h crypto.Hash) SignerOption

func SignWithIntermediates

func SignWithIntermediates(intermediates []*x509.Certificate) SignerOption

func SignWithRoots

func SignWithRoots(roots []*x509.Certificate) SignerOption

type TrustBundler

type TrustBundler interface {
	Certificate() *x509.Certificate
	Intermediates() []*x509.Certificate
	Roots() []*x509.Certificate
}

type Verifier

type Verifier interface {
	KeyIdentifier
	Verify(body io.Reader, sig []byte) error
	Bytes() ([]byte, error)
}

func NewVerifier

func NewVerifier(pub interface{}, opts ...VerifierOption) (Verifier, error)

func NewVerifierFromReader

func NewVerifierFromReader(r io.Reader, opts ...VerifierOption) (Verifier, error)

type VerifierOption

type VerifierOption func(*verifierOptions)

func VerifyWithHash

func VerifyWithHash(h crypto.Hash) VerifierOption

func VerifyWithIntermediates

func VerifyWithIntermediates(intermediates []*x509.Certificate) VerifierOption

func VerifyWithRoots

func VerifyWithRoots(roots []*x509.Certificate) VerifierOption

func VerifyWithTrustedTime

func VerifyWithTrustedTime(t time.Time) VerifierOption

type X509Signer

type X509Signer struct {
	// contains filtered or unexported fields
}

func NewX509Signer

func NewX509Signer(signer Signer, cert *x509.Certificate, intermediates, roots []*x509.Certificate) (*X509Signer, error)

func (*X509Signer) Certificate

func (s *X509Signer) Certificate() *x509.Certificate

func (*X509Signer) Intermediates

func (s *X509Signer) Intermediates() []*x509.Certificate

func (*X509Signer) KeyID

func (s *X509Signer) KeyID() (string, error)

func (*X509Signer) Roots

func (s *X509Signer) Roots() []*x509.Certificate

func (*X509Signer) Sign

func (s *X509Signer) Sign(r io.Reader) ([]byte, error)

func (*X509Signer) Verifier

func (s *X509Signer) Verifier() (Verifier, error)

type X509Verifier

type X509Verifier struct {
	// contains filtered or unexported fields
}

func NewX509Verifier

func NewX509Verifier(cert *x509.Certificate, intermediates, roots []*x509.Certificate, trustedTime time.Time) (*X509Verifier, error)

func (*X509Verifier) BelongsToRoot

func (v *X509Verifier) BelongsToRoot(root *x509.Certificate) error

func (*X509Verifier) Bytes

func (v *X509Verifier) Bytes() ([]byte, error)

func (*X509Verifier) Certificate

func (v *X509Verifier) Certificate() *x509.Certificate

func (*X509Verifier) Intermediates

func (v *X509Verifier) Intermediates() []*x509.Certificate

func (*X509Verifier) KeyID

func (v *X509Verifier) KeyID() (string, error)

func (*X509Verifier) Roots

func (v *X509Verifier) Roots() []*x509.Certificate

func (*X509Verifier) Verify

func (v *X509Verifier) Verify(body io.Reader, sig []byte) error

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL