crypto

package
v0.14.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 8, 2021 License: Apache-2.0 Imports: 7 Imported by: 161

Documentation

Index

Constants

View Source
const MinSeedLength = crypto.MinSeedLen

MinSeedLength is the generic minimum seed length required to guarantee sufficient entropy when generating keys.

This minimum is used when the seed source is not necessarily a CSPRG and the seed should be expanded before being passed to the key generation process.

Variables

This section is empty.

Functions

func CompatibleAlgorithms

func CompatibleAlgorithms(sigAlgo SignatureAlgorithm, hashAlgo HashAlgorithm) bool

CompatibleAlgorithms returns true if the signature and hash algorithms are compatible.

Types

type Hash

type Hash = hash.Hash

type HashAlgorithm

type HashAlgorithm int

HashAlgorithm is an identifier for a hash algorithm.

const (
	UnknownHashAlgorithm HashAlgorithm = iota
	SHA2_256
	SHA2_384
	SHA3_256
	SHA3_384
)

func StringToHashAlgorithm

func StringToHashAlgorithm(s string) HashAlgorithm

StringToHashAlgorithm converts a string to a HashAlgorithm.

func (HashAlgorithm) String

func (f HashAlgorithm) String() string

String returns the string representation of this hash algorithm.

type Hasher

type Hasher = hash.Hasher

func NewHasher

func NewHasher(algo HashAlgorithm) (Hasher, error)

NewHasher initializes and returns a new hasher with the given hash algorithm.

This function returns an error if the hash algorithm is invalid.

func NewSHA2_256

func NewSHA2_256() Hasher

NewSHA2_256 returns a new instance of SHA2-256 hasher.

func NewSHA2_384

func NewSHA2_384() Hasher

NewSHA2_384 returns a new instance of SHA2-384 hasher.

func NewSHA3_256

func NewSHA3_256() Hasher

NewSHA3_256 returns a new instance of SHA3-256 hasher.

func NewSHA3_384

func NewSHA3_384() Hasher

NewSHA3_384 returns a new instance of SHA3-384 hasher.

type InMemorySigner

type InMemorySigner struct {
	PrivateKey PrivateKey
	Hasher     Hasher
}

An InMemorySigner is a signer that generates signatures using an in-memory private key.

InMemorySigner implements simple signing that does not protect the private key against any tampering or side channel attacks.

func NewInMemorySigner

func NewInMemorySigner(privateKey PrivateKey, hashAlgo HashAlgorithm) InMemorySigner

NewInMemorySigner initializes and returns a new in-memory signer with the provided private key and hasher.

func (InMemorySigner) Sign

func (s InMemorySigner) Sign(message []byte) ([]byte, error)

type NaiveSigner

type NaiveSigner = InMemorySigner

NaiveSigner is an alias for InMemorySigner.

func NewNaiveSigner

func NewNaiveSigner(privateKey PrivateKey, hashAlgo HashAlgorithm) NaiveSigner

NewNaiveSigner is an alias for NewInMemorySigner.

type PrivateKey

type PrivateKey struct {
	// contains filtered or unexported fields
}

A PrivateKey is a cryptographic private key that can be used for in-memory signing.

func DecodePrivateKey

func DecodePrivateKey(sigAlgo SignatureAlgorithm, b []byte) (PrivateKey, error)

DecodePrivateKey decodes a raw byte encoded private key with the given signature algorithm.

func DecodePrivateKeyHex

func DecodePrivateKeyHex(sigAlgo SignatureAlgorithm, s string) (PrivateKey, error)

DecodePrivateKeyHex decodes a raw hex encoded private key with the given signature algorithm.

func GeneratePrivateKey

func GeneratePrivateKey(sigAlgo SignatureAlgorithm, seed []byte) (PrivateKey, error)

GeneratePrivateKey generates a private key with the specified signature algorithm from the given seed.

func (PrivateKey) Algorithm

func (sk PrivateKey) Algorithm() SignatureAlgorithm

Algorithm returns the signature algorithm for this private key.

func (PrivateKey) Encode

func (sk PrivateKey) Encode() []byte

Encode returns the raw byte encoding of this private key.

func (PrivateKey) PublicKey

func (sk PrivateKey) PublicKey() PublicKey

PublicKey returns the public key for this private key.

func (PrivateKey) Sign

func (sk PrivateKey) Sign(message []byte, hasher Hasher) ([]byte, error)

Sign signs the given message with this private key and the provided hasher.

This function returns an error if a signature cannot be generated.

type PublicKey

type PublicKey struct {
	// contains filtered or unexported fields
}

A PublicKey is a cryptographic public key that can be used to verify signatures.

func DecodePublicKey

func DecodePublicKey(sigAlgo SignatureAlgorithm, b []byte) (PublicKey, error)

DecodePublicKey decodes a raw byte encoded public key with the given signature algorithm.

func DecodePublicKeyHex

func DecodePublicKeyHex(sigAlgo SignatureAlgorithm, s string) (PublicKey, error)

DecodePublicKeyHex decodes a raw hex encoded public key with the given signature algorithm.

func DecodePublicKeyPEM added in v0.11.0

func DecodePublicKeyPEM(sigAlgo SignatureAlgorithm, s string) (PublicKey, error)

DecodePublicKeyHex decodes a PEM public key with the given signature algorithm.

func (PublicKey) Algorithm

func (pk PublicKey) Algorithm() SignatureAlgorithm

Algorithm returns the signature algorithm for this public key.

func (PublicKey) Encode

func (pk PublicKey) Encode() []byte

Encode returns the raw byte encoding of this public key.

func (PublicKey) Verify

func (pk PublicKey) Verify(sig, message []byte, hasher Hasher) (bool, error)

Verify verifies the given signature against a message with this public key and the provided hasher.

This function returns true if the signature is valid for the message, and false otherwise. An error is returned if the signature cannot be verified.

type SignatureAlgorithm

type SignatureAlgorithm int

SignatureAlgorithm is an identifier for a signature algorithm (and parameters if applicable).

const (
	UnknownSignatureAlgorithm SignatureAlgorithm = iota
	// BLS_BLS12381 is BLS on BLS 12-381 curve
	BLS_BLS12381
	// ECDSA_P256 is ECDSA on NIST P-256 curve
	ECDSA_P256
	// ECDSA_secp256k1 is ECDSA on secp256k1 curve
	ECDSA_secp256k1
)

func StringToSignatureAlgorithm

func StringToSignatureAlgorithm(s string) SignatureAlgorithm

StringToSignatureAlgorithm converts a string to a SignatureAlgorithm.

func (SignatureAlgorithm) String

func (f SignatureAlgorithm) String() string

String returns the string representation of this signature algorithm.

type Signer

type Signer interface {
	// Sign signs the given message with this signer.
	Sign(message []byte) ([]byte, error)
}

A Signer is capable of generating cryptographic signatures.

Directories

Path Synopsis
Package cloudkms provides a Google Cloud Key Management Service (KMS) implementation of the crypto.Signer interface.
Package cloudkms provides a Google Cloud Key Management Service (KMS) implementation of the crypto.Signer interface.
internal

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL