Documentation
¶
Index ¶
Constants ¶
const ( SHA1 = HashAlgorithm("SHA-1") SHA256 = HashAlgorithm("SHA-256") )
Variables ¶
This section is empty.
Functions ¶
func NewRSAKeyPair ¶
func NewRSAKeyPair(keySizeBits int) (pubKey *RSAPublicKey, privKey *RSAPrivateKey, err error)
NewRSAKeyPair creates an RSA key pair of the provided size and returns the public and private keys for the pair.
func RandomBytes ¶
RandomBytes returns a slice that contains the specified number of cryptographically strong pseudo-random bytes.
Types ¶
type AESGCMCipher ¶
type AESGCMCipher struct {
// contains filtered or unexported fields
}
AESGCMCipher is a cipher that supports encrypting and decrypting values using AES keys. Uses the specified nonce and tag sizes.
func AESGCMCipherWithNonceAndTagSize ¶
func AESGCMCipherWithNonceAndTagSize(nonceSizeBytes, tagSizeBytes int) *AESGCMCipher
AESGCMCipherWithNonceAndTagSize returns a new Cipher that uses AES with GCM using the specified sizes (in bytes) for for the nonce and tag.
func NewAESGCMCipher ¶
func NewAESGCMCipher() *AESGCMCipher
NewAESGCMCipher returns a new Cipher that uses AES with GCM using default parameters (96-bit nonce, 128-bit tag).
func (*AESGCMCipher) Decrypt ¶
func (a *AESGCMCipher) Decrypt(data []byte, key Key) ([]byte, error)
Decrypt decrypts the provided value using the specified key. The key must be of type *AESKey. The provided data must be of the form [nonce+ciphertext+tag]. Returns the bytes for the decrypted ciphertext (the input originally provided to Encrypt).
type AESKey ¶
type AESKey struct {
// contains filtered or unexported fields
}
AESKey is an AES key that can be used for AES encryption and decryption operations.
func AESKeyFromBytes ¶
type Cipher ¶
type Cipher interface {
// Encrypt encrypts the provided data using the provided key. The provided key must be capable of encrypting
// values for this cipher. The specific nature of the output bytes depends on the algorithm of the cipher (for
// example, for an AES cipher, the returned bytes may include the nonce and tag in addition to the raw
// ciphertext). Refer to the concrete implementation of the cipher for information on how the format of the
// returned bytes. Returns an error if the provided key cannot be used to encrypt values for this cipher or if
// an error is encountered during encryption.
Encrypt(data []byte, key Key) ([]byte, error)
// Decrypt decrypts the provided data using the provided key. The provided key must be capable of decrypting
// values for this cipher. The input should be the output of an Encrypt operation for this cipher. Returns an
// error if the provided key cannot be used to encrypt values for this cipher or if an error is encountered
// during encryption.
Decrypt(data []byte, key Key) ([]byte, error)
}
func NewRSAOAEPCipher ¶
func NewRSAOAEPCipher() Cipher
NewRSAOAEPCipher returns a new Cipher that uses RSA with OAEP/MDF1 padding using default parameters (SHA-256 as the hash algorithim for OAEP amd MDF1 padding).
type HashAlgorithm ¶
type HashAlgorithm string
HashAlgorithm represents a hash algorithm.
func (HashAlgorithm) Hash ¶
func (a HashAlgorithm) Hash() hash.Hash
type Key ¶
type Key interface {
// Bytes returns the byte representation of this key. Refer to the concrete implementation for information on
// the exact format of the returned bytes.
Bytes() []byte
}
Key represents a key that can be used for encryption or decryption operations. This is used as a marker interface -- structs that implement this interface will typically have more structured key information, and implementations of Cipher will assert that a Key is of a particular type before proceeding.
type RSAOAEPCipher ¶
type RSAOAEPCipher struct {
// contains filtered or unexported fields
}
RSAOAEPCipher is a cipher that supports encrypting values using RSA public keys and decrypting values using RSA private keys. Uses OAEP/MDF1 padding with the specified hash algorithms.
func RSAOAEPCipherWithAlgorithms ¶
func RSAOAEPCipherWithAlgorithms(oaepHashAlg, mdf1HashAlg HashAlgorithm) *RSAOAEPCipher
RSAOAEPCipherWithAlgorithms returns a new Cipher that uses RSA with OAEP/MDF1 padding using the specified hash algorithms for OAEP and MDF1 padding.
func (*RSAOAEPCipher) Decrypt ¶
func (r *RSAOAEPCipher) Decrypt(data []byte, key Key) ([]byte, error)
Decrypt decrypts the provided value using the specified key. The key must be of type *RSAPrivateKey.
func (*RSAOAEPCipher) Encrypt ¶
func (r *RSAOAEPCipher) Encrypt(data []byte, key Key) ([]byte, error)
Encrypt encrypts the provided value using the specified key. The key must be of type *RSAPublicKey. The returned bytes are the encrypted ciphertext.
func (*RSAOAEPCipher) MDF1HashAlg ¶
func (r *RSAOAEPCipher) MDF1HashAlg() HashAlgorithm
MDF1HashAlg returns the hash algorithm used for the MDF1 XOR operation in the OAEP padding for this cipher.
func (*RSAOAEPCipher) OAEPHashAlg ¶
func (r *RSAOAEPCipher) OAEPHashAlg() HashAlgorithm
OAEPHashAlg returns the hash algorithm used for the OAEP padding for this cipher.
type RSAPrivateKey ¶
type RSAPrivateKey rsa.PrivateKey
RSAPrivateKey is an RSA private key that can be used for RSA decryption operations.
func RSAPrivateKeyFromPKCS8Bytes ¶
func RSAPrivateKeyFromPKCS8Bytes(key []byte) (*RSAPrivateKey, error)
RSAPrivateKeyFromPKCS8Bytes returns a new RSA private key using the provided bytes, which should be the PKCS#8 representation of the private key.
func (*RSAPrivateKey) Bytes ¶
func (r *RSAPrivateKey) Bytes() []byte
Bytes returns the PKCS#8 representation of this private key.
type RSAPublicKey ¶
RSAPublicKey is an RSA public key that can be used for RSA encryption operations.
func RSAPublicKeyFromPEMBytes ¶
func RSAPublicKeyFromPEMBytes(key []byte) (*RSAPublicKey, error)
RSAPublicKeyFromPEMBytes returns a new RSA public key using the provided bytes, which should be the PEM representation of the public key.
func (*RSAPublicKey) Bytes ¶
func (r *RSAPublicKey) Bytes() []byte
Bytes returns the PEM representation of this public key.
Source Files