crypto

package
v1.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 24, 2019 License: AGPL-3.0 Imports: 30 Imported by: 0

Documentation

Overview

Package crypto provides tools for data encryption and certificates management

Index

Constants

View Source 
const (
	AESGCMAuthTagSize = 16
	AESGCMNonceSize   = 12
)

Variables

View Source 
var SALT = []byte{224, 32, 00, 33, 78, 3, 25, 56, 54, 5, 54, 9, 79, 76, 189, 8}

Functions

func CreateRsaKey 

func CreateRsaKey() (*rsa.PrivateKey, error)

CreateRsaKey generates a new private key

func DeleteKeyringPassword 

func DeleteKeyringPassword(service string, user string) error

DeleteKeyringPassword removes all key that matches "service" and "user"

func EncodePrivate 

func EncodePrivate(password []byte, key crypto.PrivateKey) ([]byte, error)

func GenerateCACertificate 

func GenerateCACertificate(t *Template) (*x509.Certificate, error)

GenerateCACertificate generates a certificate for a CA

func GenerateServiceCertificate 

func GenerateServiceCertificate(t *Template) (*x509.Certificate, error)

GenerateServiceCertificate generates a certificate for a service

func GetKeyringPassword 

func GetKeyringPassword(service string, user string, createIfNotExist bool) ([]byte, error)

GetKeyringPassword retrieves password from keyring If no key matches "service" and "user" a key is generated if "createIfNotExist" is true

func GetSignature 

func GetSignature(key *ecdsa.PrivateKey, data []byte) (string, error)

func KeyFromPassword 

func KeyFromPassword(password []byte, l int) []byte

func LoadCertificate 

func LoadCertificate(file string) (*x509.Certificate, error)

LoadCertificate load file contenant and decode it into a x509.Certificate

func LoadPrivateKey 

func LoadPrivateKey(password []byte, file string) (crypto.PrivateKey, error)

LoadPrivateKey load encrypted private key from "file" and decrypts it

func Md5 added in v1.6.0 

func Md5(data []byte) []byte

func NewEcdsaPrivateKey 

func NewEcdsaPrivateKey(alg string) (*ecdsa.PrivateKey, error)

func NewRangeAESGCMMaterials added in v1.5.0 

func NewRangeAESGCMMaterials(info *encryption.NodeInfo) *legacyReadMaterials

NewRangeAESGCMMaterials creates an encryption materials that use AES GCM

func Open 

func Open(key []byte, nonce []byte, cipherData []byte) ([]byte, error)

func ParsePrivate 

func ParsePrivate(password []byte, bytes []byte) (crypto.PrivateKey, error)

func PublicKeyFromRsaKey 

func PublicKeyFromRsaKey(privateKey *rsa.PrivateKey) rsa.PublicKey

Extract public key from private key

func RandomBytes 

func RandomBytes(size int) ([]byte, error)

func RsaKeyFromPEM 

func RsaKeyFromPEM(pemString string) (*rsa.PrivateKey, error)

Parse a PEM string

func RsaKeyFromPEMFile 

func RsaKeyFromPEMFile(filename string) (*rsa.PrivateKey, error)

Loads a PEM file and parse Private Key

func RsaKeyToPEM 

func RsaKeyToPEM(key *rsa.PrivateKey, filename ...string) (string, error)

RsaKeyToPEM encodes the private key in PEM format

func RsaPublicKeyToPEM 

func RsaPublicKeyToPEM(pubKey rsa.PublicKey, filename ...string) (string, error)

RsaPublicKeyToPEM encodes the public key to PEM format

func Seal 

func Seal(key []byte, data []byte) ([]byte, error)

func SealWithNonce added in v1.6.0 

func SealWithNonce(key []byte, nonce []byte, data []byte) ([]byte, error)

func SetKeyringPassword 

func SetKeyringPassword(service string, user string, password []byte) error

SetKeyringPassword base64-encodes password and store it

func StoreCertificate 

func StoreCertificate(cert *x509.Certificate, file string, perm os.FileMode) error

StoreCertificate encode certificate and store the result in "file"

func StorePrivateKey 

func StorePrivateKey(key crypto.PrivateKey, password []byte, file string) error

StorePrivateKey encrypts the private key and save it in "file"

func VerifySignature 

func VerifySignature(data []byte, key *ecdsa.PublicKey, signature string) bool

Types

type AESGCMEncryptionMaterials added in v1.6.0 

type AESGCMEncryptionMaterials struct {
	// contains filtered or unexported fields
}

AESGCMEncryptionMaterials

func NewAESGCMMaterials 

func NewAESGCMMaterials(info *encryption.NodeInfo, blockHandler BlockHandler) *AESGCMEncryptionMaterials

NewRangeAESGCMMaterials creates an encryption materials that use AES GCM

func (*AESGCMEncryptionMaterials) CalculateOutputSize added in v1.6.0 

func (m *AESGCMEncryptionMaterials) CalculateOutputSize(plainSize int64, user string) int64

func (*AESGCMEncryptionMaterials) Close added in v1.6.0 

func (m *AESGCMEncryptionMaterials) Close() error

func (*AESGCMEncryptionMaterials) Read added in v1.6.0 

func (m *AESGCMEncryptionMaterials) Read(b []byte) (int, error)

func (*AESGCMEncryptionMaterials) SetPlainRange added in v1.6.0 

func (m *AESGCMEncryptionMaterials) SetPlainRange(offset, length int64)

func (*AESGCMEncryptionMaterials) SetupDecryptMode added in v1.6.0 

func (m *AESGCMEncryptionMaterials) SetupDecryptMode(stream io.Reader) error

func (*AESGCMEncryptionMaterials) SetupEncryptMode added in v1.6.0 

func (m *AESGCMEncryptionMaterials) SetupEncryptMode(stream io.Reader) error

type BlockHandler added in v1.6.0 

type BlockHandler interface {
	SendKey(key *encryption.NodeKey) error
	SendBlock(block *encryption.Block) error
	Close() error
}

type EncryptedBlock added in v1.6.0 

type EncryptedBlock struct {
	Header     *EncryptedBlockHeader
	HeaderSize uint32
	Payload    []byte
}

EncryptedBlock

func (*EncryptedBlock) GetPayloadLength added in v1.6.0 

func (b *EncryptedBlock) GetPayloadLength() uint32

func (*EncryptedBlock) Read added in v1.6.0 

func (b *EncryptedBlock) Read(reader io.Reader) (int, error)

func (*EncryptedBlock) SetPayload added in v1.6.0 

func (b *EncryptedBlock) SetPayload(payload []byte) error

func (*EncryptedBlock) Write added in v1.6.0 

func (b *EncryptedBlock) Write(writer io.Writer) (int, error)

type EncryptedBlockHeader added in v1.6.0 

type EncryptedBlockHeader struct {
	Options *Options
	Nonce   []byte
	// contains filtered or unexported fields
}

EncryptionBlockHeader

func (*EncryptedBlockHeader) GetDataLength added in v1.6.0 

func (h *EncryptedBlockHeader) GetDataLength() uint32

func (*EncryptedBlockHeader) Read added in v1.6.0 

func (h *EncryptedBlockHeader) Read(reader io.Reader) (int, error)

func (*EncryptedBlockHeader) String added in v1.6.0 

func (h *EncryptedBlockHeader) String() string

func (*EncryptedBlockHeader) Write added in v1.6.0 

func (h *EncryptedBlockHeader) Write(writer io.Writer) (int, error)

type EncryptedBlockHeaderOption added in v1.6.0 

type EncryptedBlockHeaderOption struct {
	// contains filtered or unexported fields
}

EncryptedBlockHeaderOption

func (*EncryptedBlockHeaderOption) GetID added in v1.6.0 

func (op *EncryptedBlockHeaderOption) GetID() uint8

func (*EncryptedBlockHeaderOption) GetValue added in v1.6.0 

func (op *EncryptedBlockHeaderOption) GetValue() []byte

func (*EncryptedBlockHeaderOption) HasValue added in v1.6.0 

func (op *EncryptedBlockHeaderOption) HasValue() bool

func (*EncryptedBlockHeaderOption) IsTheLast added in v1.6.0 

func (op *EncryptedBlockHeaderOption) IsTheLast() bool

func (*EncryptedBlockHeaderOption) Read added in v1.6.0 

func (op *EncryptedBlockHeaderOption) Read(reader io.Reader) (int, error)

func (*EncryptedBlockHeaderOption) SetId added in v1.6.0 

func (op *EncryptedBlockHeaderOption) SetId(id uint8) error

func (*EncryptedBlockHeaderOption) SetIsTheLast added in v1.6.0 

func (op *EncryptedBlockHeaderOption) SetIsTheLast(last bool)

func (*EncryptedBlockHeaderOption) SetValue added in v1.6.0 

func (op *EncryptedBlockHeaderOption) SetValue(value []byte) error

func (*EncryptedBlockHeaderOption) Write added in v1.6.0 

func (op *EncryptedBlockHeaderOption) Write(writer io.Writer) (int, error)

type Options added in v1.6.0 

type Options struct {
	Position int16
	PartId   int16
	Key      []byte
	UserId   string
}

EncryptedBlockHeaderOptions

func (*Options) Read added in v1.6.0 

func (opts *Options) Read(reader io.Reader) (int, error)

func (*Options) Write added in v1.6.0 

func (opts *Options) Write(writer io.Writer) (int, error)

type Template 

type Template struct {
	Name              string
	Domains           []string
	IPs               []net.IP
	Expiry            time.Duration
	PublicKey         crypto.PublicKey
	SignerPrivateKey  crypto.PrivateKey
	SignerCertificate *x509.Certificate
}

Template specs for generating a certificate

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.