Documentation ¶
Index ¶
Constants ¶
const MinSeedLength = crypto.MinSeedLen
MinSeedLength is the generic minimum seed length required to guarantee sufficient entropy when generating keys.
This minimum is used when the seed source is not necessarily a CSPRG and the seed should be expanded before being passed to the key generation process.
Variables ¶
This section is empty.
Functions ¶
func CompatibleAlgorithms ¶
func CompatibleAlgorithms(sigAlgo SignatureAlgorithm, hashAlgo HashAlgorithm) bool
CompatibleAlgorithms returns true if the signature and hash algorithms are compatible.
Types ¶
type HashAlgorithm ¶
type HashAlgorithm int
HashAlgorithm is an identifier for a hash algorithm.
const ( UnknownHashAlgorithm HashAlgorithm = iota SHA2_256 SHA2_384 SHA3_256 SHA3_384 )
func StringToHashAlgorithm ¶
func StringToHashAlgorithm(s string) HashAlgorithm
StringToHashAlgorithm converts a string to a HashAlgorithm.
func (HashAlgorithm) String ¶
func (f HashAlgorithm) String() string
String returns the string representation of this hash algorithm.
type Hasher ¶
func NewHasher ¶
func NewHasher(algo HashAlgorithm) (Hasher, error)
NewHasher initializes and returns a new hasher with the given hash algorithm.
This function returns an error if the hash algorithm is invalid.
type InMemorySigner ¶
type InMemorySigner struct { PrivateKey PrivateKey Hasher Hasher }
An InMemorySigner is a signer that generates signatures using an in-memory private key.
InMemorySigner implements simple signing that does not protect the private key against any tampering or side channel attacks.
func NewInMemorySigner ¶
func NewInMemorySigner(privateKey PrivateKey, hashAlgo HashAlgorithm) InMemorySigner
NewInMemorySigner initializes and returns a new in-memory signer with the provided private key and hasher.
type NaiveSigner ¶
type NaiveSigner = InMemorySigner
NaiveSigner is an alias for InMemorySigner.
func NewNaiveSigner ¶
func NewNaiveSigner(privateKey PrivateKey, hashAlgo HashAlgorithm) NaiveSigner
NewNaiveSigner is an alias for NewInMemorySigner.
type PrivateKey ¶
type PrivateKey struct {
// contains filtered or unexported fields
}
A PrivateKey is a cryptographic private key that can be used for in-memory signing.
func DecodePrivateKey ¶
func DecodePrivateKey(sigAlgo SignatureAlgorithm, b []byte) (PrivateKey, error)
DecodePrivateKey decodes a raw byte encoded private key with the given signature algorithm.
func DecodePrivateKeyHex ¶
func DecodePrivateKeyHex(sigAlgo SignatureAlgorithm, s string) (PrivateKey, error)
DecodePrivateKeyHex decodes a raw hex encoded private key with the given signature algorithm.
func GeneratePrivateKey ¶
func GeneratePrivateKey(sigAlgo SignatureAlgorithm, seed []byte) (PrivateKey, error)
GeneratePrivateKey generates a private key with the specified signature algorithm from the given seed.
func (PrivateKey) Algorithm ¶
func (sk PrivateKey) Algorithm() SignatureAlgorithm
Algorithm returns the signature algorithm for this private key.
func (PrivateKey) Encode ¶
func (sk PrivateKey) Encode() []byte
Encode returns the raw byte encoding of this private key.
func (PrivateKey) PublicKey ¶
func (sk PrivateKey) PublicKey() PublicKey
PublicKey returns the public key for this private key.
type PublicKey ¶
type PublicKey struct {
// contains filtered or unexported fields
}
A PublicKey is a cryptographic public key that can be used to verify signatures.
func DecodePublicKey ¶
func DecodePublicKey(sigAlgo SignatureAlgorithm, b []byte) (PublicKey, error)
DecodePublicKey decodes a raw byte encoded public key with the given signature algorithm.
func DecodePublicKeyHex ¶
func DecodePublicKeyHex(sigAlgo SignatureAlgorithm, s string) (PublicKey, error)
DecodePublicKeyHex decodes a raw hex encoded public key with the given signature algorithm.
func DecodePublicKeyPEM ¶ added in v0.11.0
func DecodePublicKeyPEM(sigAlgo SignatureAlgorithm, s string) (PublicKey, error)
DecodePublicKeyHex decodes a PEM public key with the given signature algorithm.
func (PublicKey) Algorithm ¶
func (pk PublicKey) Algorithm() SignatureAlgorithm
Algorithm returns the signature algorithm for this public key.
type SignatureAlgorithm ¶
type SignatureAlgorithm int
SignatureAlgorithm is an identifier for a signature algorithm (and parameters if applicable).
const ( UnknownSignatureAlgorithm SignatureAlgorithm = iota // BLS_BLS12381 is BLS on BLS 12-381 curve BLS_BLS12381 // ECDSA_P256 is ECDSA on NIST P-256 curve ECDSA_P256 // ECDSA_secp256k1 is ECDSA on secp256k1 curve ECDSA_secp256k1 )
func StringToSignatureAlgorithm ¶
func StringToSignatureAlgorithm(s string) SignatureAlgorithm
StringToSignatureAlgorithm converts a string to a SignatureAlgorithm.
func (SignatureAlgorithm) String ¶
func (f SignatureAlgorithm) String() string
String returns the string representation of this signature algorithm.
Directories ¶
Path | Synopsis |
---|---|
Package cloudkms provides a Google Cloud Key Management Service (KMS) implementation of the crypto.Signer interface.
|
Package cloudkms provides a Google Cloud Key Management Service (KMS) implementation of the crypto.Signer interface. |
internal
|
|