crypto

package
v1.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 15, 2019 License: AGPL-3.0 Imports: 27 Imported by: 0

Documentation

Overview

Package crypto provides tools for data encryption and certificates management

Index

Constants

View Source
const (
	AESGCMAuthTagSize = 16
	AESGCMNonceSize   = 12
)

Variables

View Source
var AESGCMFileEncryptionBlockSize = 4 * 1024 * 1024

AESGCMFileEncryptionBlockSize is the default size of encryption block used in material

View Source
var SALT = []byte{224, 32, 00, 33, 78, 3, 25, 56, 54, 5, 54, 9, 79, 76, 189, 8}

Functions

func CreateRsaKey

func CreateRsaKey() (*rsa.PrivateKey, error)

CreateRsaKey generates a new private key

func DeleteKeyringPassword

func DeleteKeyringPassword(service string, user string) error

DeleteKeyringPassword removes all key that matches "service" and "user"

func EncodePrivate

func EncodePrivate(password []byte, key crypto.PrivateKey) ([]byte, error)

func GenerateCACertificate

func GenerateCACertificate(t *Template) (*x509.Certificate, error)

GenerateCACertificate generates a certificate for a CA

func GenerateServiceCertificate

func GenerateServiceCertificate(t *Template) (*x509.Certificate, error)

GenerateServiceCertificate generates a certificate for a service

func GetKeyringPassword

func GetKeyringPassword(service string, user string, createIfNotExist bool) ([]byte, error)

GetKeyringPassword retrieves password from keyring If no key matches "service" and "user" a key is generated if "createIfNotExist" is true

func GetSignature

func GetSignature(key *ecdsa.PrivateKey, data []byte) (string, error)

func KeyFromPassword

func KeyFromPassword(password []byte, l int) []byte

func LoadCertificate

func LoadCertificate(file string) (*x509.Certificate, error)

LoadCertificate load file contenant and decode it into a x509.Certificate

func LoadPrivateKey

func LoadPrivateKey(password []byte, file string) (crypto.PrivateKey, error)

LoadPrivateKey load encrypted private key from "file" and decrypts it

func NewEcdsaPrivateKey

func NewEcdsaPrivateKey(alg string) (*ecdsa.PrivateKey, error)

func Open

func Open(key []byte, nonce []byte, cipherData []byte) ([]byte, error)

func ParsePrivate

func ParsePrivate(password []byte, bytes []byte) (crypto.PrivateKey, error)

func PublicKeyFromRsaKey

func PublicKeyFromRsaKey(privateKey *rsa.PrivateKey) rsa.PublicKey

Extract public key from private key

func RandomBytes

func RandomBytes(size int) ([]byte, error)

func RsaKeyFromPEM

func RsaKeyFromPEM(pemString string) (*rsa.PrivateKey, error)

Parse a PEM string

func RsaKeyFromPEMFile

func RsaKeyFromPEMFile(filename string) (*rsa.PrivateKey, error)

Loads a PEM file and parse Private Key

func RsaKeyToPEM

func RsaKeyToPEM(key *rsa.PrivateKey, filename ...string) (string, error)

RsaKeyToPEM encodes the private key in PEM format

func RsaPublicKeyToPEM

func RsaPublicKeyToPEM(pubKey rsa.PublicKey, filename ...string) (string, error)

RsaPublicKeyToPEM encodes the public key to PEM format

func Seal

func Seal(key []byte, data []byte) ([]byte, error)

func SetKeyringPassword

func SetKeyringPassword(service string, user string, password []byte) error

SetKeyringPassword base64-encodes password and store it

func StoreCertificate

func StoreCertificate(cert *x509.Certificate, file string, perm os.FileMode) error

StoreCertificate encode certificate and store the result in "file"

func StorePrivateKey

func StorePrivateKey(key crypto.PrivateKey, password []byte, file string) error

StorePrivateKey encrypts the private key and save it in "file"

func VerifySignature

func VerifySignature(data []byte, key *ecdsa.PublicKey, signature string) bool

Types

type AESGCMMaterials

type AESGCMMaterials struct {
	// contains filtered or unexported fields
}

AESGCMMaterials ...

func NewAESGCMMaterials

func NewAESGCMMaterials(key []byte, params *encryption.Params) *AESGCMMaterials

NewAESGCMMaterials creates an encryption materials that use AES GCM

func (*AESGCMMaterials) Close

func (m *AESGCMMaterials) Close() error

Close closes the underlying stream

func (*AESGCMMaterials) GetDesc

func (m *AESGCMMaterials) GetDesc() (desc string)

GetDesc returns a string description of the materials

func (*AESGCMMaterials) GetEncryptedParameters

func (m *AESGCMMaterials) GetEncryptedParameters() *encryption.Params

GetEncryptedParameters returns the additional parameters that are generated for encryption

func (*AESGCMMaterials) GetIV

func (m *AESGCMMaterials) GetIV() (iv string)

GetIV returns the IV used to encrypt/decrypt as a string

func (*AESGCMMaterials) GetKey

func (m *AESGCMMaterials) GetKey() (key string)

GetKey returns the key used to encrypt/decrypt

func (*AESGCMMaterials) Read

func (m *AESGCMMaterials) Read(b []byte) (int, error)

func (*AESGCMMaterials) SetupDecryptMode

func (m *AESGCMMaterials) SetupDecryptMode(stream io.Reader, iv string, key string) error

SetupDecryptMode set underlying read function in decrypt mode

func (*AESGCMMaterials) SetupEncryptMode

func (m *AESGCMMaterials) SetupEncryptMode(stream io.Reader) error

SetupEncryptMode set underlying read function in encrypt mode

type RangeAESGCMMaterials added in v1.5.0

type RangeAESGCMMaterials struct {
	// contains filtered or unexported fields
}

*************************************************

RANGE ENCRYPTION MATERIAL READER

*************************************************

func NewRangeAESGCMMaterials added in v1.5.0

func NewRangeAESGCMMaterials(key []byte, params *encryption.Params) *RangeAESGCMMaterials

NewRangeAESGCMMaterials creates an encryption materials that use AES GCM

func (*RangeAESGCMMaterials) CalculateEncryptedRange added in v1.5.0

func (m *RangeAESGCMMaterials) CalculateEncryptedRange(plainFileSize int64) (int64, int64)

func (*RangeAESGCMMaterials) Close added in v1.5.0

func (m *RangeAESGCMMaterials) Close() error

Close closes the underlying stream

func (*RangeAESGCMMaterials) GetDesc added in v1.5.0

func (m *RangeAESGCMMaterials) GetDesc() (desc string)

GetDesc returns a string description of the materials

func (*RangeAESGCMMaterials) GetEncryptedParameters added in v1.5.0

func (m *RangeAESGCMMaterials) GetEncryptedParameters() *encryption.Params

GetEncryptedParameters returns the additional parameters that are generated for encryption

func (*RangeAESGCMMaterials) GetIV added in v1.5.0

func (m *RangeAESGCMMaterials) GetIV() (iv string)

GetIV returns the IV used to encrypt/decrypt as a string

func (*RangeAESGCMMaterials) GetKey added in v1.5.0

func (m *RangeAESGCMMaterials) GetKey() (key string)

GetKey returns the key used to encrypt/decrypt

func (*RangeAESGCMMaterials) Read added in v1.5.0

func (m *RangeAESGCMMaterials) Read(b []byte) (int, error)

func (*RangeAESGCMMaterials) SetPlainRange added in v1.5.0

func (m *RangeAESGCMMaterials) SetPlainRange(offset, length int64) error

func (*RangeAESGCMMaterials) SetupDecryptMode added in v1.5.0

func (m *RangeAESGCMMaterials) SetupDecryptMode(stream io.Reader, iv string, key string) error

SetupDecryptMode set underlying read function in decrypt mode

func (*RangeAESGCMMaterials) SetupEncryptMode added in v1.5.0

func (m *RangeAESGCMMaterials) SetupEncryptMode(stream io.Reader) error

SetupEncryptMode set underlying read function in encrypt mode

type Template

type Template struct {
	Name              string
	Domains           []string
	IPs               []net.IP
	Expiry            time.Duration
	PublicKey         crypto.PublicKey
	SignerPrivateKey  crypto.PrivateKey
	SignerCertificate *x509.Certificate
}

Template specs for generating a certificate

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL