Documentation
¶
Index ¶
- func DecodePrivKeyModulus(modulus, pubExponent, privExponent string) (*rsa.PrivateKey, error)
- func DecodePrivKeyPem(privateKey string) (priv *rsa.PrivateKey, err error)
- func DecodePubKeyModulus(modulus, pubExponent string) (*rsa.PublicKey, error)
- func DecodePubKeyPem(publicKey string) (pub *rsa.PublicKey, err error)
- func DecryptOAEP(hash hash.Hash, random io.Reader, priv *rsa.PrivateKey, ciphertext []byte, ...) ([]byte, error)
- func DecryptPKCS1WithPubkey(pub *rsa.PublicKey, ciphertext []byte) ([]byte, error)
- func DecryptPKCS1v15(random io.Reader, priv *rsa.PrivateKey, ciphertext []byte) ([]byte, error)
- func DecryptPKCS1v15SessionKey(random io.Reader, priv *rsa.PrivateKey, ciphertext []byte, key []byte) error
- func EncryptOAEP(hash hash.Hash, random io.Reader, pub *rsa.PublicKey, msg []byte, label []byte) ([]byte, error)
- func EncryptPKCS1WithPrivkey(priv *rsa.PrivateKey, msg []byte) ([]byte, error)
- func EncryptPKCS1v15(random io.Reader, pub *rsa.PublicKey, msg []byte) ([]byte, error)
- func SignPKCS1v15(random io.Reader, priv *rsa.PrivateKey, hash crypto.Hash, hashed []byte) ([]byte, error)
- func SignPSS(rand io.Reader, priv *rsa.PrivateKey, hash crypto.Hash, digest []byte, ...) ([]byte, error)
- func VerifyPKCS1v15(pub *rsa.PublicKey, hash crypto.Hash, hashed []byte, sig []byte) error
- func VerifyPSS(pub *rsa.PublicKey, hash crypto.Hash, digest []byte, sig []byte, ...) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DecodePrivKeyModulus ¶
func DecodePrivKeyModulus(modulus, pubExponent, privExponent string) (*rsa.PrivateKey, error)
DecodePrivKeyModulus decode private key from modulus The modulus parameter is Key modulus, pubExponent parameter is public exponent, privExponent parameter is private exponent The parameters are hexadecimal strings
func DecodePrivKeyPem ¶
func DecodePrivKeyPem(privateKey string) (priv *rsa.PrivateKey, err error)
DecodePrivKeyPem decode private key in pem format
func DecodePubKeyModulus ¶
DecodePubKeyModulus decode private key from modulus The modulus parameter is Key modulus, pubExponent parameter is public exponent The parameters are hexadecimal strings
func DecodePubKeyPem ¶
DecodePubKeyPem decode public key in pem format
func DecryptOAEP ¶
func DecryptOAEP(hash hash.Hash, random io.Reader, priv *rsa.PrivateKey, ciphertext []byte, label []byte) ([]byte, error)
DecryptOAEP decrypts ciphertext using RSA-OAEP.
OAEP is parameterised by a hash function that is used as a random oracle. Encryption and decryption of a given message must use the same hash function and sha256.New() is a reasonable choice.
The random parameter is legacy and ignored, and it can be nil.
The label parameter must match the value given when encrypting. See EncryptOAEP for details.
func DecryptPKCS1WithPubkey ¶
DecryptPKCS1WithPubkey Decryption with public key
In normal security practice, we do not use public keys to decrypt data, but private keys, This function is provided because such irregularities do exist in practice.
func DecryptPKCS1v15 ¶
DecryptPKCS1v15 decrypts a plaintext using RSA and the padding scheme from PKCS #1 v1.5. The random parameter is legacy and ignored, and it can be nil.
Note that whether this function returns an error or not discloses secret information. If an attacker can cause this function to run repeatedly and learn whether each instance returned an error then they can decrypt and forge signatures as if they had the private key. See DecryptPKCS1v15SessionKey for a way of solving this problem.
func DecryptPKCS1v15SessionKey ¶
func DecryptPKCS1v15SessionKey(random io.Reader, priv *rsa.PrivateKey, ciphertext []byte, key []byte) error
DecryptPKCS1v15SessionKey decrypts a session key using RSA and the padding scheme from PKCS #1 v1.5. The random parameter is legacy and ignored, and it can be nil.
func EncryptOAEP ¶
func EncryptOAEP(hash hash.Hash, random io.Reader, pub *rsa.PublicKey, msg []byte, label []byte) ([]byte, error)
EncryptOAEP encrypts the given message with RSA-OAEP.
OAEP is parameterised by a hash function that is used as a random oracle. Encryption and decryption of a given message must use the same hash function and sha256.New() is a reasonable choice.
The random parameter is used as a source of entropy to ensure that encrypting the same message twice doesn't result in the same ciphertext. Most applications should use crypto/rand.Reader as random.
The label parameter may contain arbitrary data that will not be encrypted, but which gives important context to the message. For example, if a given public key is used to encrypt two types of messages then distinct label values could be used to ensure that a ciphertext for one purpose cannot be used for another by an attacker. If not required it can be empty.
The message must be no longer than the length of the public modulus minus twice the hash length, minus a further 2.
func EncryptPKCS1WithPrivkey ¶
func EncryptPKCS1WithPrivkey(priv *rsa.PrivateKey, msg []byte) ([]byte, error)
EncryptPKCS1WithPrivkey encryption with private key
In normal security practice, we do not use private keys to encrypt data, but public keys, This function is provided because such irregularities do exist in practice.
func EncryptPKCS1v15 ¶
EncryptPKCS1v15 encrypts the given message with RSA and the padding scheme from PKCS #1 v1.5. The message must be no longer than the length of the public modulus minus 11 bytes.
The random parameter is used as a source of entropy to ensure that encrypting the same message twice doesn't result in the same ciphertext. Most applications should use crypto/rand.Reader as random. Note that the returned ciphertext does not depend deterministically on the bytes read from random, and may change between calls and/or between versions.
WARNING: use of this function to encrypt plaintexts other than session keys is dangerous. Use RSA OAEP in new protocols.
func SignPKCS1v15 ¶
func SignPKCS1v15(random io.Reader, priv *rsa.PrivateKey, hash crypto.Hash, hashed []byte) ([]byte, error)
SignPKCS1v15 calculates the signature of hashed using RSASSA-PKCS1-V1_5-SIGN from RSA PKCS #1 v1.5. Note that hashed must be the result of hashing the input message using the given hash function. If hash is zero, hashed is signed directly. This isn't advisable except for interoperability.
The random parameter is legacy and ignored, and it can be nil.
This function is deterministic. Thus, if the set of possible messages is small, an attacker may be able to build a map from messages to signatures and identify the signed messages. As ever, signatures provide authenticity, not confidentiality.
func SignPSS ¶
func SignPSS(rand io.Reader, priv *rsa.PrivateKey, hash crypto.Hash, digest []byte, opts *rsa.PSSOptions) ([]byte, error)
SignPSS calculates the signature of digest using PSS.
digest must be the result of hashing the input message using the given hash function. The opts argument may be nil, in which case sensible defaults are used. If opts.Hash is set, it overrides hash.
The signature is randomized depending on the message, key, and salt size, using bytes from rand. Most applications should use crypto/rand.Reader as rand.
func VerifyPKCS1v15 ¶
VerifyPKCS1v15 verifies an RSA PKCS #1 v1.5 signature. hashed is the result of hashing the input message using the given hash function and sig is the signature. A valid signature is indicated by returning a nil error. If hash is zero then hashed is used directly. This isn't advisable except for interoperability.
func VerifyPSS ¶
func VerifyPSS(pub *rsa.PublicKey, hash crypto.Hash, digest []byte, sig []byte, opts *rsa.PSSOptions) error
VerifyPSS verifies a PSS signature.
A valid signature is indicated by returning a nil error. digest must be the result of hashing the input message using the given hash function. The opts argument may be nil, in which case sensible defaults are used. opts.Hash is ignored.
Types ¶
This section is empty.
Source Files