Documentation ¶
Index ¶
- func DeriveECDHES(alg, apu, apv []byte, privkey interface{}, pubkey interface{}, keysize uint32) ([]byte, error)
- func DeriveZ(privkeyif interface{}, pubkeyif interface{}) ([]byte, error)
- func Unwrap(block cipher.Block, ciphertxt []byte) ([]byte, error)
- func Wrap(kek cipher.Block, cek []byte) ([]byte, error)
- type AES
- type AESGCMEncrypt
- type Decrypter
- type DirectDecrypt
- type ECDHESDecrypt
- type ECDHESEncrypt
- type Encrypter
- type Noop
- type PBES2Encrypt
- type RSAOAEPDecrypt
- type RSAOAEPEncrypt
- type RSAPKCS15Decrypt
- type RSAPKCSEncrypt
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DeriveECDHES ¶
Types ¶
type AES ¶
type AES struct {
// contains filtered or unexported fields
}
AES encrypts content encryption keys using AES key wrap. Contrary to what the name implies, it also decrypt encrypted keys
func NewAES ¶
func NewAES(alg jwa.KeyEncryptionAlgorithm, sharedkey []byte) (*AES, error)
NewAES creates a key-wrap encrypter using AES. Although the name suggests otherwise, this does the decryption as well.
func (*AES) Algorithm ¶
func (kw *AES) Algorithm() jwa.KeyEncryptionAlgorithm
Algorithm returns the key encryption algorithm being used
func (*AES) Encrypt ¶
func (kw *AES) Encrypt(cek []byte) (keygen.ByteSource, error)
KeyEncrypt encrypts the given content encryption key
type AESGCMEncrypt ¶
type AESGCMEncrypt struct {
// contains filtered or unexported fields
}
AESGCM encrypts content encryption keys using AES-GCM key wrap.
func NewAESGCMEncrypt ¶
func NewAESGCMEncrypt(alg jwa.KeyEncryptionAlgorithm, sharedkey []byte) (*AESGCMEncrypt, error)
func (AESGCMEncrypt) Algorithm ¶
func (kw AESGCMEncrypt) Algorithm() jwa.KeyEncryptionAlgorithm
func (AESGCMEncrypt) Encrypt ¶
func (kw AESGCMEncrypt) Encrypt(cek []byte) (keygen.ByteSource, error)
func (AESGCMEncrypt) KeyID ¶
func (kw AESGCMEncrypt) KeyID() string
func (*AESGCMEncrypt) SetKeyID ¶
func (kw *AESGCMEncrypt) SetKeyID(v string)
type Decrypter ¶
type Decrypter interface { Algorithm() jwa.KeyEncryptionAlgorithm Decrypt([]byte) ([]byte, error) }
Decrypter is an interface for things that can decrypt keys
type DirectDecrypt ¶
type DirectDecrypt struct {
Key []byte
}
DirectDecrypt does no encryption (Note: Unimplemented)
func (DirectDecrypt) Decrypt ¶
func (d DirectDecrypt) Decrypt() ([]byte, error)
Decrypt for DirectDecrypt does not do anything other than return a copy of the embedded key
type ECDHESDecrypt ¶
type ECDHESDecrypt struct {
// contains filtered or unexported fields
}
ECDHESDecrypt decrypts keys using ECDH-ES.
func NewECDHESDecrypt ¶
func NewECDHESDecrypt(keyalg jwa.KeyEncryptionAlgorithm, contentalg jwa.ContentEncryptionAlgorithm, pubkey interface{}, apu, apv []byte, privkey interface{}) *ECDHESDecrypt
NewECDHESDecrypt creates a new key decrypter using ECDH-ES
func (ECDHESDecrypt) Algorithm ¶
func (kw ECDHESDecrypt) Algorithm() jwa.KeyEncryptionAlgorithm
Algorithm returns the key encryption algorithm being used
type ECDHESEncrypt ¶
type ECDHESEncrypt struct {
// contains filtered or unexported fields
}
ECDHESEncrypt encrypts content encryption keys using ECDH-ES.
func NewECDHESEncrypt ¶
func NewECDHESEncrypt(alg jwa.KeyEncryptionAlgorithm, enc jwa.ContentEncryptionAlgorithm, keysize int, keyif interface{}) (*ECDHESEncrypt, error)
NewECDHESEncrypt creates a new key encrypter based on ECDH-ES
func (ECDHESEncrypt) Algorithm ¶
func (kw ECDHESEncrypt) Algorithm() jwa.KeyEncryptionAlgorithm
Algorithm returns the key encryption algorithm being used
func (ECDHESEncrypt) Encrypt ¶
func (kw ECDHESEncrypt) Encrypt(cek []byte) (keygen.ByteSource, error)
KeyEncrypt encrypts the content encryption key using ECDH-ES
func (ECDHESEncrypt) KeyID ¶
func (kw ECDHESEncrypt) KeyID() string
KeyID returns the key ID associated with this encrypter
func (*ECDHESEncrypt) SetKeyID ¶
func (kw *ECDHESEncrypt) SetKeyID(v string)
type Encrypter ¶
type Encrypter interface { Algorithm() jwa.KeyEncryptionAlgorithm Encrypt([]byte) (keygen.ByteSource, error) // KeyID returns the key id for this Encrypter. This exists so that // you can pass in a Encrypter to MultiEncrypt, you can rest assured // that the generated key will have the proper key ID. KeyID() string SetKeyID(string) }
Encrypter is an interface for things that can encrypt keys
type Noop ¶
type Noop struct {
// contains filtered or unexported fields
}
func (*Noop) Algorithm ¶
func (kw *Noop) Algorithm() jwa.KeyEncryptionAlgorithm
type PBES2Encrypt ¶
type PBES2Encrypt struct {
// contains filtered or unexported fields
}
PBES2Encrypt encrypts keys with PBES2 / PBKDF2 password
func NewPBES2Encrypt ¶
func NewPBES2Encrypt(alg jwa.KeyEncryptionAlgorithm, password []byte) (*PBES2Encrypt, error)
func (PBES2Encrypt) Algorithm ¶
func (kw PBES2Encrypt) Algorithm() jwa.KeyEncryptionAlgorithm
func (PBES2Encrypt) Encrypt ¶
func (kw PBES2Encrypt) Encrypt(cek []byte) (keygen.ByteSource, error)
func (PBES2Encrypt) KeyID ¶
func (kw PBES2Encrypt) KeyID() string
func (*PBES2Encrypt) SetKeyID ¶
func (kw *PBES2Encrypt) SetKeyID(v string)
type RSAOAEPDecrypt ¶
type RSAOAEPDecrypt struct {
// contains filtered or unexported fields
}
RSAOAEPDecrypt decrypts keys using RSA OAEP algorithm
func NewRSAOAEPDecrypt ¶
func NewRSAOAEPDecrypt(alg jwa.KeyEncryptionAlgorithm, privkey *rsa.PrivateKey) (*RSAOAEPDecrypt, error)
NewRSAOAEPDecrypt creates a new key decrypter using RSA OAEP
func (RSAOAEPDecrypt) Algorithm ¶
func (d RSAOAEPDecrypt) Algorithm() jwa.KeyEncryptionAlgorithm
Algorithm returns the key encryption algorithm being used
type RSAOAEPEncrypt ¶
type RSAOAEPEncrypt struct {
// contains filtered or unexported fields
}
RSAOAEPEncrypt encrypts keys using RSA OAEP algorithm
func NewRSAOAEPEncrypt ¶
func NewRSAOAEPEncrypt(alg jwa.KeyEncryptionAlgorithm, pubkey *rsa.PublicKey) (*RSAOAEPEncrypt, error)
NewRSAOAEPEncrypt creates a new key encrypter using RSA OAEP
func (RSAOAEPEncrypt) Algorithm ¶
func (e RSAOAEPEncrypt) Algorithm() jwa.KeyEncryptionAlgorithm
Algorithm returns the key encryption algorithm being used
func (RSAOAEPEncrypt) Encrypt ¶
func (e RSAOAEPEncrypt) Encrypt(cek []byte) (keygen.ByteSource, error)
KeyEncrypt encrypts the content encryption key using RSA OAEP
func (RSAOAEPEncrypt) KeyID ¶
func (e RSAOAEPEncrypt) KeyID() string
KeyID returns the key ID associated with this encrypter
func (*RSAOAEPEncrypt) SetKeyID ¶
func (e *RSAOAEPEncrypt) SetKeyID(v string)
type RSAPKCS15Decrypt ¶
type RSAPKCS15Decrypt struct {
// contains filtered or unexported fields
}
RSAPKCS15Decrypt decrypts keys using RSA PKCS1v15 algorithm
func NewRSAPKCS15Decrypt ¶
func NewRSAPKCS15Decrypt(alg jwa.KeyEncryptionAlgorithm, privkey *rsa.PrivateKey, keysize int) *RSAPKCS15Decrypt
NewRSAPKCS15Decrypt creates a new decrypter using RSA PKCS1v15
func (RSAPKCS15Decrypt) Algorithm ¶
func (d RSAPKCS15Decrypt) Algorithm() jwa.KeyEncryptionAlgorithm
Algorithm returns the key encryption algorithm being used
type RSAPKCSEncrypt ¶
type RSAPKCSEncrypt struct {
// contains filtered or unexported fields
}
RSAPKCSEncrypt encrypts keys using RSA PKCS1v15 algorithm
func NewRSAPKCSEncrypt ¶
func NewRSAPKCSEncrypt(alg jwa.KeyEncryptionAlgorithm, pubkey *rsa.PublicKey) (*RSAPKCSEncrypt, error)
NewRSAPKCSEncrypt creates a new key encrypter using PKCS1v15
func (RSAPKCSEncrypt) Algorithm ¶
func (e RSAPKCSEncrypt) Algorithm() jwa.KeyEncryptionAlgorithm
Algorithm returns the key encryption algorithm being used
func (RSAPKCSEncrypt) Encrypt ¶
func (e RSAPKCSEncrypt) Encrypt(cek []byte) (keygen.ByteSource, error)
KeyEncrypt encrypts the content encryption key using RSA PKCS1v15
func (RSAPKCSEncrypt) KeyID ¶
func (e RSAPKCSEncrypt) KeyID() string
KeyID returns the key ID associated with this encrypter
func (*RSAPKCSEncrypt) SetKeyID ¶
func (e *RSAPKCSEncrypt) SetKeyID(v string)