keyenc

package
v1.2.27 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 3, 2023 License: MIT Imports: 23 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DeriveECDHES added in v1.0.6

func DeriveECDHES(alg, apu, apv []byte, privkey interface{}, pubkey interface{}, keysize uint32) ([]byte, error)

func DeriveZ added in v1.0.7

func DeriveZ(privkeyif interface{}, pubkeyif interface{}) ([]byte, error)

func Unwrap

func Unwrap(block cipher.Block, ciphertxt []byte) ([]byte, error)

func Wrap

func Wrap(kek cipher.Block, cek []byte) ([]byte, error)

Types

type AES added in v1.0.6

type AES struct {
	// contains filtered or unexported fields
}

AES encrypts content encryption keys using AES key wrap. Contrary to what the name implies, it also decrypt encrypted keys

func NewAES added in v1.0.6

func NewAES(alg jwa.KeyEncryptionAlgorithm, sharedkey []byte) (*AES, error)

NewAES creates a key-wrap encrypter using AES. Although the name suggests otherwise, this does the decryption as well.

func (*AES) Algorithm added in v1.0.6

func (kw *AES) Algorithm() jwa.KeyEncryptionAlgorithm

Algorithm returns the key encryption algorithm being used

func (*AES) Decrypt added in v1.0.6

func (kw *AES) Decrypt(enckey []byte) ([]byte, error)

Decrypt decrypts the encrypted key using AES key unwrap

func (*AES) Encrypt added in v1.0.6

func (kw *AES) Encrypt(cek []byte) (keygen.ByteSource, error)

KeyEncrypt encrypts the given content encryption key

func (*AES) KeyID added in v1.0.6

func (kw *AES) KeyID() string

KeyID returns the key ID associated with this encrypter

func (*AES) SetKeyID added in v1.2.18

func (kw *AES) SetKeyID(v string)

type AESGCMEncrypt added in v1.0.6

type AESGCMEncrypt struct {
	// contains filtered or unexported fields
}

AESGCM encrypts content encryption keys using AES-GCM key wrap.

func NewAESGCMEncrypt added in v1.0.6

func NewAESGCMEncrypt(alg jwa.KeyEncryptionAlgorithm, sharedkey []byte) (*AESGCMEncrypt, error)

func (AESGCMEncrypt) Algorithm added in v1.0.6

func (kw AESGCMEncrypt) Algorithm() jwa.KeyEncryptionAlgorithm

func (AESGCMEncrypt) Encrypt added in v1.0.6

func (kw AESGCMEncrypt) Encrypt(cek []byte) (keygen.ByteSource, error)

func (AESGCMEncrypt) KeyID added in v1.0.6

func (kw AESGCMEncrypt) KeyID() string

func (*AESGCMEncrypt) SetKeyID added in v1.2.18

func (kw *AESGCMEncrypt) SetKeyID(v string)

type Decrypter

type Decrypter interface {
	Algorithm() jwa.KeyEncryptionAlgorithm
	Decrypt([]byte) ([]byte, error)
}

Decrypter is an interface for things that can decrypt keys

type DirectDecrypt

type DirectDecrypt struct {
	Key []byte
}

DirectDecrypt does no encryption (Note: Unimplemented)

func (DirectDecrypt) Decrypt

func (d DirectDecrypt) Decrypt() ([]byte, error)

Decrypt for DirectDecrypt does not do anything other than return a copy of the embedded key

type ECDHESDecrypt

type ECDHESDecrypt struct {
	// contains filtered or unexported fields
}

ECDHESDecrypt decrypts keys using ECDH-ES.

func NewECDHESDecrypt

func NewECDHESDecrypt(keyalg jwa.KeyEncryptionAlgorithm, contentalg jwa.ContentEncryptionAlgorithm, pubkey interface{}, apu, apv []byte, privkey interface{}) *ECDHESDecrypt

NewECDHESDecrypt creates a new key decrypter using ECDH-ES

func (ECDHESDecrypt) Algorithm

func (kw ECDHESDecrypt) Algorithm() jwa.KeyEncryptionAlgorithm

Algorithm returns the key encryption algorithm being used

func (ECDHESDecrypt) Decrypt

func (kw ECDHESDecrypt) Decrypt(enckey []byte) ([]byte, error)

Decrypt decrypts the encrypted key using ECDH-ES

type ECDHESEncrypt

type ECDHESEncrypt struct {
	// contains filtered or unexported fields
}

ECDHESEncrypt encrypts content encryption keys using ECDH-ES.

func NewECDHESEncrypt

func NewECDHESEncrypt(alg jwa.KeyEncryptionAlgorithm, enc jwa.ContentEncryptionAlgorithm, keysize int, keyif interface{}) (*ECDHESEncrypt, error)

NewECDHESEncrypt creates a new key encrypter based on ECDH-ES

func (ECDHESEncrypt) Algorithm

func (kw ECDHESEncrypt) Algorithm() jwa.KeyEncryptionAlgorithm

Algorithm returns the key encryption algorithm being used

func (ECDHESEncrypt) Encrypt

func (kw ECDHESEncrypt) Encrypt(cek []byte) (keygen.ByteSource, error)

KeyEncrypt encrypts the content encryption key using ECDH-ES

func (ECDHESEncrypt) KeyID

func (kw ECDHESEncrypt) KeyID() string

KeyID returns the key ID associated with this encrypter

func (*ECDHESEncrypt) SetKeyID added in v1.2.18

func (kw *ECDHESEncrypt) SetKeyID(v string)

type Encrypter

type Encrypter interface {
	Algorithm() jwa.KeyEncryptionAlgorithm
	Encrypt([]byte) (keygen.ByteSource, error)
	// KeyID returns the key id for this Encrypter. This exists so that
	// you can pass in a Encrypter to MultiEncrypt, you can rest assured
	// that the generated key will have the proper key ID.
	KeyID() string

	SetKeyID(string)
}

Encrypter is an interface for things that can encrypt keys

type Noop added in v1.0.6

type Noop struct {
	// contains filtered or unexported fields
}

func NewNoop added in v1.0.6

func NewNoop(alg jwa.KeyEncryptionAlgorithm, sharedkey []byte) (*Noop, error)

func (*Noop) Algorithm added in v1.0.6

func (kw *Noop) Algorithm() jwa.KeyEncryptionAlgorithm

func (*Noop) Encrypt added in v1.0.6

func (kw *Noop) Encrypt(_ []byte) (keygen.ByteSource, error)

func (*Noop) KeyID added in v1.0.6

func (kw *Noop) KeyID() string

func (*Noop) SetKeyID added in v1.2.18

func (kw *Noop) SetKeyID(v string)

type PBES2Encrypt added in v1.0.6

type PBES2Encrypt struct {
	// contains filtered or unexported fields
}

PBES2Encrypt encrypts keys with PBES2 / PBKDF2 password

func NewPBES2Encrypt added in v1.0.6

func NewPBES2Encrypt(alg jwa.KeyEncryptionAlgorithm, password []byte) (*PBES2Encrypt, error)

func (PBES2Encrypt) Algorithm added in v1.0.6

func (kw PBES2Encrypt) Algorithm() jwa.KeyEncryptionAlgorithm

func (PBES2Encrypt) Encrypt added in v1.0.6

func (kw PBES2Encrypt) Encrypt(cek []byte) (keygen.ByteSource, error)

func (PBES2Encrypt) KeyID added in v1.0.6

func (kw PBES2Encrypt) KeyID() string

func (*PBES2Encrypt) SetKeyID added in v1.2.18

func (kw *PBES2Encrypt) SetKeyID(v string)

type RSAOAEPDecrypt

type RSAOAEPDecrypt struct {
	// contains filtered or unexported fields
}

RSAOAEPDecrypt decrypts keys using RSA OAEP algorithm

func NewRSAOAEPDecrypt

func NewRSAOAEPDecrypt(alg jwa.KeyEncryptionAlgorithm, privkey *rsa.PrivateKey) (*RSAOAEPDecrypt, error)

NewRSAOAEPDecrypt creates a new key decrypter using RSA OAEP

func (RSAOAEPDecrypt) Algorithm

Algorithm returns the key encryption algorithm being used

func (RSAOAEPDecrypt) Decrypt

func (d RSAOAEPDecrypt) Decrypt(enckey []byte) ([]byte, error)

Decrypt decrypts the encrypted key using RSA OAEP

type RSAOAEPEncrypt

type RSAOAEPEncrypt struct {
	// contains filtered or unexported fields
}

RSAOAEPEncrypt encrypts keys using RSA OAEP algorithm

func NewRSAOAEPEncrypt

func NewRSAOAEPEncrypt(alg jwa.KeyEncryptionAlgorithm, pubkey *rsa.PublicKey) (*RSAOAEPEncrypt, error)

NewRSAOAEPEncrypt creates a new key encrypter using RSA OAEP

func (RSAOAEPEncrypt) Algorithm

Algorithm returns the key encryption algorithm being used

func (RSAOAEPEncrypt) Encrypt

func (e RSAOAEPEncrypt) Encrypt(cek []byte) (keygen.ByteSource, error)

KeyEncrypt encrypts the content encryption key using RSA OAEP

func (RSAOAEPEncrypt) KeyID

func (e RSAOAEPEncrypt) KeyID() string

KeyID returns the key ID associated with this encrypter

func (*RSAOAEPEncrypt) SetKeyID added in v1.2.18

func (e *RSAOAEPEncrypt) SetKeyID(v string)

type RSAPKCS15Decrypt

type RSAPKCS15Decrypt struct {
	// contains filtered or unexported fields
}

RSAPKCS15Decrypt decrypts keys using RSA PKCS1v15 algorithm

func NewRSAPKCS15Decrypt

func NewRSAPKCS15Decrypt(alg jwa.KeyEncryptionAlgorithm, privkey *rsa.PrivateKey, keysize int) *RSAPKCS15Decrypt

NewRSAPKCS15Decrypt creates a new decrypter using RSA PKCS1v15

func (RSAPKCS15Decrypt) Algorithm

Algorithm returns the key encryption algorithm being used

func (RSAPKCS15Decrypt) Decrypt

func (d RSAPKCS15Decrypt) Decrypt(enckey []byte) ([]byte, error)

Decrypt decrypts the encrypted key using RSA PKCS1v1.5

type RSAPKCSEncrypt

type RSAPKCSEncrypt struct {
	// contains filtered or unexported fields
}

RSAPKCSEncrypt encrypts keys using RSA PKCS1v15 algorithm

func NewRSAPKCSEncrypt

func NewRSAPKCSEncrypt(alg jwa.KeyEncryptionAlgorithm, pubkey *rsa.PublicKey) (*RSAPKCSEncrypt, error)

NewRSAPKCSEncrypt creates a new key encrypter using PKCS1v15

func (RSAPKCSEncrypt) Algorithm

Algorithm returns the key encryption algorithm being used

func (RSAPKCSEncrypt) Encrypt

func (e RSAPKCSEncrypt) Encrypt(cek []byte) (keygen.ByteSource, error)

KeyEncrypt encrypts the content encryption key using RSA PKCS1v15

func (RSAPKCSEncrypt) KeyID

func (e RSAPKCSEncrypt) KeyID() string

KeyID returns the key ID associated with this encrypter

func (*RSAPKCSEncrypt) SetKeyID added in v1.2.18

func (e *RSAPKCSEncrypt) SetKeyID(v string)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL