Versions in this module Expand all Collapse all v0 v0.1.0 Mar 8, 2019 Changes in this version + const CKM_NCIPHER + const CKM_NC_MD5_HMAC_KEY_GEN + const CKM_NC_SHA224_HMAC_KEY_GEN + const CKM_NC_SHA256_HMAC_KEY_GEN + const CKM_NC_SHA384_HMAC_KEY_GEN + const CKM_NC_SHA512_HMAC_KEY_GEN + const CKM_NC_SHA_1_HMAC_KEY_GEN + const DefaultMaxSessions + const NFCK_VENDOR_NCIPHER + const PaddingNone + const PaddingPKCS + var CipherAES = SymmetricCipher + var CipherDES3 = SymmetricCipher + var CipherGeneric = SymmetricCipher + var CipherHMACSHA1 = SymmetricCipher + var CipherHMACSHA224 = SymmetricCipher + var CipherHMACSHA256 = SymmetricCipher + var CipherHMACSHA384 = SymmetricCipher + var CipherHMACSHA512 = SymmetricCipher + var Ciphers = map[int]*SymmetricCipher + var ErrCannotGetRandomData = errors.New("crypto11: cannot get random data from PKCS#11") + var ErrCannotOpenPKCS11 = errors.New("crypto11: could not open PKCS#11") + var ErrHmacClosed = errors.New("already called Sum()") + var ErrKeyNotFound = errors.New("crypto11: could not find PKCS#11 key") + var ErrMalformedDER = errors.New("crypto11: malformed DER message") + var ErrMalformedPoint = errors.New("crypto11/ecdsa: malformed elliptic curve point") + var ErrMalformedRSAKey = errors.New("crypto11/rsa: malformed RSA key") + var ErrMalformedSignature = errors.New("crypto11xo: malformed signature") + var ErrNotConfigured = errors.New("crypto11: PKCS#11 not yet configured") + var ErrTokenNotFound = errors.New("crypto11: could not find PKCS#11 token") + var ErrUnrecognizedRSAOptions = errors.New("crypto11/rsa: unrecognized RSA options type") + var ErrUnsupportedEllipticCurve = errors.New("crypto11/ecdsa: unsupported elliptic curve") + var ErrUnsupportedKeyType = errors.New("crypto11: unrecognized key type") + var ErrUnsupportedRSAOptions = errors.New("crypto11/rsa: unsupported RSA option value") + func Close() error + func Configure(config *PKCS11Config) (*pkcs11.Ctx, error) + func ConfigureFromFile(configLocation string) (ctx *pkcs11.Ctx, err error) + func FindKeyPair(id []byte, label []byte) (crypto.PrivateKey, error) + func FindKeyPairOnSession(session *PKCS11Session, slot uint, id []byte, label []byte) (crypto.PrivateKey, error) + func FindKeyPairOnSlot(slot uint, id []byte, label []byte) (crypto.PrivateKey, error) + type BlockModeCloser interface + Close func() + type PKCS11Config struct + IdleTimeout time.Duration + MaxSessions int + Path string + Pin string + PoolWaitTimeout time.Duration + TokenLabel string + TokenSerial string + type PKCS11Object struct + Handle pkcs11.ObjectHandle + Slot uint + func (object *PKCS11Object) Identify() (id []byte, label []byte, err error) + type PKCS11PrivateKey struct + PubKey crypto.PublicKey + func (signer PKCS11PrivateKey) Public() crypto.PublicKey + type PKCS11PrivateKeyDSA struct + func GenerateDSAKeyPair(params *dsa.Parameters) (*PKCS11PrivateKeyDSA, error) + func GenerateDSAKeyPairOnSession(session *PKCS11Session, slot uint, id []byte, label []byte, ...) (*PKCS11PrivateKeyDSA, error) + func GenerateDSAKeyPairOnSlot(slot uint, id []byte, label []byte, params *dsa.Parameters) (*PKCS11PrivateKeyDSA, error) + func (signer *PKCS11PrivateKeyDSA) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) (signature []byte, err error) + type PKCS11PrivateKeyECDSA struct + func GenerateECDSAKeyPair(c elliptic.Curve) (*PKCS11PrivateKeyECDSA, error) + func GenerateECDSAKeyPairOnSession(session *PKCS11Session, slot uint, id []byte, label []byte, c elliptic.Curve) (*PKCS11PrivateKeyECDSA, error) + func GenerateECDSAKeyPairOnSlot(slot uint, id []byte, label []byte, c elliptic.Curve) (*PKCS11PrivateKeyECDSA, error) + func (signer *PKCS11PrivateKeyECDSA) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) ([]byte, error) + type PKCS11PrivateKeyRSA struct + func GenerateRSAKeyPair(bits int) (*PKCS11PrivateKeyRSA, error) + func GenerateRSAKeyPairOnSession(session *PKCS11Session, slot uint, id []byte, label []byte, bits int) (*PKCS11PrivateKeyRSA, error) + func GenerateRSAKeyPairOnSlot(slot uint, id []byte, label []byte, bits int) (*PKCS11PrivateKeyRSA, error) + func (priv *PKCS11PrivateKeyRSA) Decrypt(rand io.Reader, ciphertext []byte, options crypto.DecrypterOpts) (plaintext []byte, err error) + func (priv *PKCS11PrivateKeyRSA) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) (signature []byte, err error) + func (priv *PKCS11PrivateKeyRSA) Validate() error + type PKCS11RandReader struct + func (reader PKCS11RandReader) Read(data []byte) (n int, err error) + type PKCS11SecretKey struct + Cipher *SymmetricCipher + func FindKey(id []byte, label []byte) (*PKCS11SecretKey, error) + func FindKeyOnSession(session *PKCS11Session, slot uint, id []byte, label []byte) (key *PKCS11SecretKey, err error) + func FindKeyOnSlot(slot uint, id []byte, label []byte) (*PKCS11SecretKey, error) + func GenerateSecretKey(bits int, cipher *SymmetricCipher) (*PKCS11SecretKey, error) + func GenerateSecretKeyOnSession(session *PKCS11Session, slot uint, id []byte, label []byte, bits int, ...) (key *PKCS11SecretKey, err error) + func GenerateSecretKeyOnSlot(slot uint, id []byte, label []byte, bits int, cipher *SymmetricCipher) (*PKCS11SecretKey, error) + func (key *PKCS11SecretKey) BlockSize() int + func (key *PKCS11SecretKey) Decrypt(dst, src []byte) + func (key *PKCS11SecretKey) Encrypt(dst, src []byte) + func (key *PKCS11SecretKey) NewCBC(paddingMode int) (g cipher.AEAD, err error) + func (key *PKCS11SecretKey) NewCBCDecrypter(iv []byte) (bm cipher.BlockMode, err error) + func (key *PKCS11SecretKey) NewCBCDecrypterCloser(iv []byte) (bmc BlockModeCloser, err error) + func (key *PKCS11SecretKey) NewCBCEncrypter(iv []byte) (bm cipher.BlockMode, err error) + func (key *PKCS11SecretKey) NewCBCEncrypterCloser(iv []byte) (bmc BlockModeCloser, err error) + func (key *PKCS11SecretKey) NewGCM() (g cipher.AEAD, err error) + func (key *PKCS11SecretKey) NewHMAC(mech int, length int) (h hash.Hash, err error) + type PKCS11Session struct + Ctx *pkcs11.Ctx + Handle pkcs11.SessionHandle + func (session *PKCS11Session) Close() + func (session *PKCS11Session) CloseSession() error + type SymmetricCipher struct + BlockSize int + CBCMech uint + CBCPKCSMech uint + ECBMech uint + Encrypt bool + GCMMech uint + GenParams []SymmetricGenParams + MAC bool + type SymmetricGenParams struct + GenMech uint + KeyType uint