crypto

package
v0.0.0-...-d7c4e6e Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 11, 2019 License: GPL-3.0 Imports: 34 Imported by: 0

Documentation

Overview

Package crypto is used for encyption of bytes This is TOY encryption and keep the RSA privatekey next to the encrypted AES key. The private key should be stored someone a bit more secure. ;)

Current version: experimental

Index

Constants

This section is empty.

Variables

View Source 
var CertifcatePath = filepath.Join(os.TempDir(), "blocker", "cert.pem")

Path to the certificate

View Source 
var KeyPath = filepath.Join(os.TempDir(), "blocker", "key.pem")

Path to the private key

Functions

func AesCfbDecrypt 

func AesCfbDecrypt(encryptedBytes []byte, hash string) ([]byte, error)

Encrpyt data using AES with the CFB chipher mode

func AesCfbEncrypt 

func AesCfbEncrypt(bytesToEncrypt []byte, hash string) ([]byte, error)

Encrpyt data using AES with the CFB chipher mode

func AesDecrypt 

func AesDecrypt(encryptedBytes []byte, key []byte) ([]byte, error)

Encrpyt data using AES with the CFB chipher mode

func AesEncrypt 

func AesEncrypt(bytesToEncrypt []byte, key []byte) ([]byte, error)

Encrpyt data using AES with the CFB chipher mode

func AesGCMDecrypt 

func AesGCMDecrypt(ciphertext []byte, key []byte) ([]byte, error)

AesGCMDecrypt Decrypt data using AES with the GCM chipher mode (Gives Confidentiality and Authenticity)

func AesGCMEncrypt 

func AesGCMEncrypt(plaintext []byte, key []byte) ([]byte, error)

AesGCMEncrypt Encrypt data using AES with the GCM chipher mode (Gives Confidentiality and Authenticity)

func DeleteAesSecret 

func DeleteAesSecret(hash string)

DeleteAesSecret - Remove a key if not needed

func GenerateAesSecret 

func GenerateAesSecret() []byte

Create a new Aes Secret

func GenerateRsaKey 

func GenerateRsaKey()

Generate a new key

func GetAesSecretPath 

func GetAesSecretPath(hash string) string

GetAesSecretPath - Will return a key name for a hash

func GetHmac256 

func GetHmac256(message string, secret string) string

GetHmac256 will generate a HMAC hash encoded to base64

func GetRandomInt 

func GetRandomInt(min, max int) int

Get a reandom number

func LoadOrGenerateRsaKey 

func LoadOrGenerateRsaKey()

Load or Generate a RSA certiciate

func RandomSecret 

func RandomSecret(length int) string

Generate a Random secret encoded as a b32 string If the length is <= 0, a default length of 10 bytes will be used, which will generate a secret of length 16.

func RsaDecrypt 

func RsaDecrypt(encryptedBytes []byte) ([]byte, error)

Decrypt data using RSA and a private key

func RsaEncrypt 

func RsaEncrypt(bytesToEncrypt []byte) ([]byte, error)

Encrypt data using RSA and a public key

Types

type AesKey 

type AesKey struct {
	// contains filtered or unexported fields
}

Structure to hold unencrypted AES key

func GetAesSecret 

func GetAesSecret(hash string) (AesKey, error)

Get the AES secret to be used for encryption

type AwsCryptoProvider 

type AwsCryptoProvider struct {
	// contains filtered or unexported fields
}

AwsCryptoProvider is an implementation of encryption using AWS KMS

func NewAwsCryptoProvider 

func NewAwsCryptoProvider() (AwsCryptoProvider, error)

NewAwsCryptoProvider

func (AwsCryptoProvider) Decrypt 

func (p AwsCryptoProvider) Decrypt(data []byte) ([]byte, error)

Decrypt will decrypt the passed data using a AWS KMS key

func (AwsCryptoProvider) Encrypt 

func (p AwsCryptoProvider) Encrypt(data []byte) ([]byte, error)

Encrypt will encrypt the passed data using a AWS KMS key

type CreateKeyRequest 

type CreateKeyRequest struct {
	Description string `json:"Description,omitempty"`
}

CreateKeyRequest

type CreateKeyResponse 

type CreateKeyResponse struct {
	KeyMetadata KeyMetadata `json:"KeyMetadata"`
}

CreateKeyResponse

type CryptoProvider 

type CryptoProvider interface {
	Encrypt(data []byte) ([]byte, error)
	Decrypt(data []byte) ([]byte, error)
}

CryptoProvider provides an interface for crypto provider solutions

type DecryptRequest 

type DecryptRequest struct {
	CiphertextBlob []byte `json:"CiphertextBlob"`
}

DecryptRequest

type DecryptResponse 

type DecryptResponse struct {
	Plaintext []byte `json:"Plaintext"`
}

DecryptResponse

type DisableKeyRequest 

type DisableKeyRequest struct {
	KeyID string `json:"KeyID"`
}

DisableKeyRequest

type DisableKeyResponse 

type DisableKeyResponse struct {
	KeyMetadata KeyMetadata `json:"KeyMetadata"`
}

DisableKeyResponse

type EnableKeyRequest 

type EnableKeyRequest struct {
	KeyID string `json:"KeyID"`
}

EnableKeyRequest

type EnableKeyResponse 

type EnableKeyResponse struct {
	KeyMetadata KeyMetadata `json:"KeyMetadata"`
}

EnableKeyResponse

type EncryptRequest 

type EncryptRequest struct {
	KeyID     string `json:"KeyID"`
	Plaintext []byte `json:"Plaintext"`
}

EncryptRequest

type EncryptResponse 

type EncryptResponse struct {
	CiphertextBlob []byte `json:"CiphertextBlob"`
}

EncryptResponse

type GenerateDataKeyRequest 

type GenerateDataKeyRequest struct {
	KeyID string `json:"KeyID"`
}

GenerateDataKeyRequest

type GenerateDataKeyResponse 

type GenerateDataKeyResponse struct {
	Plaintext      []byte `json:"Plaintext"`
	CiphertextBlob []byte `json:"CiphertextBlob"`
}

GenerateDataKeyResponse

type GoKMSCryptoProvider 

type GoKMSCryptoProvider struct {
	// contains filtered or unexported fields
}

GoKMSCryptoProvider is an implementation of encryption using GO KMS

func NewGoKMSCryptoProvider 

func NewGoKMSCryptoProvider() (GoKMSCryptoProvider, error)

NewGoKMSCryptoProvider

func (GoKMSCryptoProvider) Decrypt 

func (p GoKMSCryptoProvider) Decrypt(data []byte) ([]byte, error)

Decrypt will decrypt the passed data using a GO KMS key

func (GoKMSCryptoProvider) Encrypt 

func (p GoKMSCryptoProvider) Encrypt(data []byte) ([]byte, error)

Encrypt will encrypt the passed data using a GO KMS key

type JSONClient 

type JSONClient struct {
	Client   *http.Client
	Endpoint string
	// authKey is the key used for authentication
	AuthKey string
}

JSONClient is the underlying client for JSON APIs.

func (*JSONClient) Do 

func (c *JSONClient) Do(method, uri string, req, resp interface{}) error

Do sends an HTTP request and returns an HTTP response, following policy (e.g. redirects, cookies, auth) as configured on the client.

func (*JSONClient) SetAuth 

func (c *JSONClient) SetAuth(request *http.Request, method string, resource string) *http.Request

SetAuth will set kms auth headers

type KeyByCreated 

type KeyByCreated []KeyMetadata

KeyByCreated - Will sort the Keys by CreationDate

func (KeyByCreated) Len 

func (a KeyByCreated) Len() int

func (KeyByCreated) Less 

func (a KeyByCreated) Less(i, j int) bool

func (KeyByCreated) Swap 

func (a KeyByCreated) Swap(i, j int)

type KeyMetadata 

type KeyMetadata struct {
	KeyID        string    `json:"KeyId"`
	CreationDate time.Time `json:"CreationDate"`
	Description  string    `json:"Description"`
	Enabled      bool      `json:"Enabled"`
}

KeyMetadata is the associated meta data of any key

type ListKeysRequest 

type ListKeysRequest struct {
}

listKeysHandler

type ListKeysResponse 

type ListKeysResponse struct {
	KeyMetadata []KeyMetadata `json:"KeyMetadata"`
}

ListKeysResponse

type OpenPGPCryptoProvider 

type OpenPGPCryptoProvider struct {
	// contains filtered or unexported fields
}

AwsCryptoProvider is an implementation of encryption using AWS KMS

func NewOpenPGPCryptoProvider 

func NewOpenPGPCryptoProvider() (OpenPGPCryptoProvider, error)

NewAwsCryptoProvider

func (OpenPGPCryptoProvider) Decrypt 

func (p OpenPGPCryptoProvider) Decrypt(data []byte) ([]byte, error)

Decrypt decrypts data that has been encrypted and compressed

func (OpenPGPCryptoProvider) Encrypt 

func (p OpenPGPCryptoProvider) Encrypt(data []byte) ([]byte, error)

Encrypt - Encrypts the data

type ReEncryptRequest 

type ReEncryptRequest struct {
	CiphertextBlob   []byte `json:"CiphertextBlob"`
	DestinationKeyID string `json:"DestinationKeyId"`
}

ReEncryptRequest

type ReEncryptResponse 

type ReEncryptResponse struct {
	CiphertextBlob []byte `json:"CiphertextBlob"`
	KeyID          string `json:"KeyID"`
	SourceKeyID    string `json:"SourceKeyID"`
}

ReEncryptResponse

type RsaChipher 

type RsaChipher struct {
	PrivateKey     *rsa.PrivateKey
	PrivateKeyPath string
	PublicKey      *rsa.PublicKey
	PublicKeyPath  string
}

Structure for encryption chipher 

var RsaEncryptionChipher RsaChipher

The key to be used to encrypt and decrypt when using RSA encryption

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.