Versions in this module Expand all Collapse all v1 v1.4.1 Jul 9, 2021 Changes in this version + func ReadPrivateKeyFromHex(Dhex string) (*sm2.PrivateKey, error) + func ReadPublicKeyFromHex(Qhex string) (*sm2.PublicKey, error) + func WritePrivateKeyToHex(key *sm2.PrivateKey) string + func WritePublicKeyToHex(key *sm2.PublicKey) string v1.4.0 Dec 4, 2020 Changes in this version + const EncryptionAlgorithmAES128GCM + const EncryptionAlgorithmDESCBC + var ContentEncryptionAlgorithm = EncryptionAlgorithmDESCBC + var ErrNotEncryptedContent = errors.New("pkcs7: content data is a decryptable data type") + var ErrPKCS7UnsupportedAlgorithm = errors.New(...) + var ErrUnsupportedAlgorithm = errors.New("x509: cannot verify signature: algorithm unimplemented") + var ErrUnsupportedContentType = errors.New("pkcs7: cannot parse data: unimplemented content type") + var ErrUnsupportedEncryptionAlgorithm = errors.New("pkcs7: cannot encrypt content: only DES-CBC and AES-128-GCM supported") + func CreateCertificate(template, parent *Certificate, publicKey *sm2.PublicKey, signer crypto.Signer) ([]byte, error) + func CreateCertificateRequest(rand io.Reader, template *CertificateRequest, signer crypto.Signer) (csr []byte, err error) + func CreateCertificateRequestToPem(template *CertificateRequest, signer crypto.Signer) ([]byte, error) + func CreateCertificateToPem(template, parent *Certificate, pubKey *sm2.PublicKey, signer crypto.Signer) ([]byte, error) + func DegenerateCertificate(cert []byte) ([]byte, error) + func MarshalPKCS1PrivateKey(key *rsa.PrivateKey) []byte + func MarshalPKIXPublicKey(pub interface{}) ([]byte, error) + func MarshalSm2EcryptedPrivateKey(PrivKey *sm2.PrivateKey, pwd []byte) ([]byte, error) + func MarshalSm2PrivateKey(key *sm2.PrivateKey, pwd []byte) ([]byte, error) + func MarshalSm2PublicKey(key *sm2.PublicKey) ([]byte, error) + func MarshalSm2UnecryptedPrivateKey(key *sm2.PrivateKey) ([]byte, error) + func PKCS7Encrypt(content []byte, recipients []*Certificate) ([]byte, error) + func ParseCRL(crlBytes []byte) (*pkix.CertificateList, error) + func ParseDERCRL(derBytes []byte) (*pkix.CertificateList, error) + func ParsePKCS1PrivateKey(der []byte) (*rsa.PrivateKey, error) + func ParsePKCS8EcryptedPrivateKey(der, pwd []byte) (*sm2.PrivateKey, error) + func ParsePKCS8PrivateKey(der, pwd []byte) (*sm2.PrivateKey, error) + func ParsePKCS8UnecryptedPrivateKey(der []byte) (*sm2.PrivateKey, error) + func ParsePKIXPublicKey(derBytes []byte) (pub interface{}, err error) + func ParseSm2CertifateToX509(asn1data []byte) (*x509.Certificate, error) + func ParseSm2PrivateKey(der []byte) (*sm2.PrivateKey, error) + func ParseSm2PublicKey(der []byte) (*sm2.PublicKey, error) + func ReadPrivateKeyFromPem(privateKeyPem []byte, pwd []byte) (*sm2.PrivateKey, error) + func ReadPublicKeyFromPem(publicKeyPem []byte) (*sm2.PublicKey, error) + func RegisterHash(h Hash, f func() hash.Hash) + func WritePrivateKeyToPem(key *sm2.PrivateKey, pwd []byte) ([]byte, error) + func WritePublicKeyToPem(key *sm2.PublicKey) ([]byte, error) + type Attribute struct + Type asn1.ObjectIdentifier + Value interface{} + type CertPool struct + func NewCertPool() *CertPool + func SystemCertPool() (*CertPool, error) + func (s *CertPool) AddCert(cert *Certificate) + func (s *CertPool) AppendCertsFromPEM(pemCerts []byte) (ok bool) + func (s *CertPool) Subjects() [][]byte + type Certificate struct + AuthorityKeyId []byte + BasicConstraintsValid bool + CRLDistributionPoints []string + DNSNames []string + EmailAddresses []string + ExtKeyUsage []ExtKeyUsage + Extensions []pkix.Extension + ExtraExtensions []pkix.Extension + IPAddresses []net.IP + IsCA bool + Issuer pkix.Name + IssuingCertificateURL []string + KeyUsage KeyUsage + MaxPathLen int + MaxPathLenZero bool + NotAfter time.Time + NotBefore time.Time + OCSPServer []string + PermittedDNSDomains []string + PermittedDNSDomainsCritical bool + PolicyIdentifiers []asn1.ObjectIdentifier + PublicKey interface{} + PublicKeyAlgorithm PublicKeyAlgorithm + Raw []byte + RawIssuer []byte + RawSubject []byte + RawSubjectPublicKeyInfo []byte + RawTBSCertificate []byte + SerialNumber *big.Int + Signature []byte + SignatureAlgorithm SignatureAlgorithm + Subject pkix.Name + SubjectKeyId []byte + UnhandledCriticalExtensions []asn1.ObjectIdentifier + UnknownExtKeyUsage []asn1.ObjectIdentifier + Version int + func ParseCertificate(asn1Data []byte) (*Certificate, error) + func ParseCertificates(asn1Data []byte) ([]*Certificate, error) + func ReadCertificateFromPem(certPem []byte) (*Certificate, error) + func (c *Certificate) CheckCRLSignature(crl *pkix.CertificateList) error + func (c *Certificate) CheckSignature(algo SignatureAlgorithm, signed, signature []byte) error + func (c *Certificate) CheckSignatureFrom(parent *Certificate) error + func (c *Certificate) CreateCRL(rand io.Reader, priv interface{}, revokedCerts []pkix.RevokedCertificate, ...) (crlBytes []byte, err error) + func (c *Certificate) Equal(other *Certificate) bool + func (c *Certificate) FromX509Certificate(x509Cert *x509.Certificate) + func (c *Certificate) ToX509Certificate() *x509.Certificate + func (c *Certificate) Verify(opts VerifyOptions) (chains [][]*Certificate, err error) + func (c *Certificate) VerifyHostname(h string) error + type CertificateInvalidError struct + Cert *Certificate + Reason InvalidReason + func (e CertificateInvalidError) Error() string + type CertificateRequest struct + Attributes []pkix.AttributeTypeAndValueSET + DNSNames []string + EmailAddresses []string + Extensions []pkix.Extension + ExtraExtensions []pkix.Extension + IPAddresses []net.IP + PublicKey interface{} + PublicKeyAlgorithm PublicKeyAlgorithm + Raw []byte + RawSubject []byte + RawSubjectPublicKeyInfo []byte + RawTBSCertificateRequest []byte + Signature []byte + SignatureAlgorithm SignatureAlgorithm + Subject pkix.Name + Version int + func ParseCertificateRequest(asn1Data []byte) (*CertificateRequest, error) + func ReadCertificateRequestFromPem(certPem []byte) (*CertificateRequest, error) + func (c *CertificateRequest) CheckSignature() error + type ConstraintViolationError struct + func (ConstraintViolationError) Error() string + type EncryptedPrivateKeyInfo struct + EncryptedData []byte + EncryptionAlgorithm Pbes2Algorithms + type ExtKeyUsage int + const ExtKeyUsageAny + const ExtKeyUsageClientAuth + const ExtKeyUsageCodeSigning + const ExtKeyUsageEmailProtection + const ExtKeyUsageIPSECEndSystem + const ExtKeyUsageIPSECTunnel + const ExtKeyUsageIPSECUser + const ExtKeyUsageMicrosoftServerGatedCrypto + const ExtKeyUsageNetscapeServerGatedCrypto + const ExtKeyUsageOCSPSigning + const ExtKeyUsageServerAuth + const ExtKeyUsageTimeStamping + type Hash uint + const MD4 + const MD5 + const MD5SHA1 + const RIPEMD160 + const SHA1 + const SHA224 + const SHA256 + const SHA384 + const SHA3_224 + const SHA3_256 + const SHA3_384 + const SHA3_512 + const SHA512 + const SHA512_224 + const SHA512_256 + const SM3 + func (h Hash) Available() bool + func (h Hash) HashFunc() crypto.Hash + func (h Hash) New() hash.Hash + func (h Hash) Size() int + type HostnameError struct + Certificate *Certificate + Host string + func (h HostnameError) Error() string + type InsecureAlgorithmError SignatureAlgorithm + func (e InsecureAlgorithmError) Error() string + type InvalidReason int + const CANotAuthorizedForThisName + const Expired + const IncompatibleUsage + const NameMismatch + const NotAuthorizedToSign + const TooManyIntermediates + type KeyUsage int + const KeyUsageCRLSign + const KeyUsageCertSign + const KeyUsageContentCommitment + const KeyUsageDataEncipherment + const KeyUsageDecipherOnly + const KeyUsageDigitalSignature + const KeyUsageEncipherOnly + const KeyUsageKeyAgreement + const KeyUsageKeyEncipherment + type MessageDigestMismatchError struct + ActualDigest []byte + ExpectedDigest []byte + func (err *MessageDigestMismatchError) Error() string + type PKCS7 struct + CRLs []pkix.CertificateList + Certificates []*Certificate + Content []byte + Signers []signerInfo + func ParsePKCS7(data []byte) (p7 *PKCS7, err error) + func (p7 *PKCS7) Decrypt(cert *Certificate, pk crypto.PrivateKey) ([]byte, error) + func (p7 *PKCS7) GetOnlySigner() *Certificate + func (p7 *PKCS7) UnmarshalSignedAttribute(attributeType asn1.ObjectIdentifier, out interface{}) error + func (p7 *PKCS7) Verify() (err error) + type Pbes2Algorithms struct + IdPBES2 asn1.ObjectIdentifier + Pbes2Params Pbes2Params + type Pbes2Encs struct + EncryAlgo asn1.ObjectIdentifier + IV []byte + type Pbes2KDfs struct + IdPBKDF2 asn1.ObjectIdentifier + Pkdf2Params Pkdf2Params + type Pbes2Params struct + EncryptionScheme Pbes2Encs + KeyDerivationFunc Pbes2KDfs + type Pkdf2Params struct + IterationCount int + Prf pkix.AlgorithmIdentifier + Salt []byte + type PrivateKeyInfo struct + PrivateKey []byte + PrivateKeyAlgorithm []asn1.ObjectIdentifier + Version int + type PublicKeyAlgorithm int + const DSA + const ECDSA + const RSA + const SM2 + const UnknownPublicKeyAlgorithm + type SignatureAlgorithm int + const DSAWithSHA1 + const DSAWithSHA256 + const ECDSAWithSHA1 + const ECDSAWithSHA256 + const ECDSAWithSHA384 + const ECDSAWithSHA512 + const MD2WithRSA + const MD5WithRSA + const SHA1WithRSA + const SHA256WithRSA + const SHA256WithRSAPSS + const SHA384WithRSA + const SHA384WithRSAPSS + const SHA512WithRSA + const SHA512WithRSAPSS + const SM2WithSHA1 + const SM2WithSHA256 + const SM2WithSM3 + const UnknownSignatureAlgorithm + func (algo SignatureAlgorithm) String() string + type SignedData struct + func NewSignedData(data []byte) (*SignedData, error) + func (sd *SignedData) AddCertificate(cert *Certificate) + func (sd *SignedData) AddSigner(cert *Certificate, pkey crypto.PrivateKey, config SignerInfoConfig) error + func (sd *SignedData) Detach() + func (sd *SignedData) Finish() ([]byte, error) + type SignerInfoConfig struct + ExtraSignedAttributes []Attribute + type SystemRootsError struct + Err error + func (se SystemRootsError) Error() string + type UnhandledCriticalExtension struct + func (h UnhandledCriticalExtension) Error() string + type UnknownAuthorityError struct + Cert *Certificate + func (e UnknownAuthorityError) Error() string + type VerifyOptions struct + CurrentTime time.Time + DNSName string + Intermediates *CertPool + KeyUsages []ExtKeyUsage + Roots *CertPool Other modules containing this package github.com/tjfoc/gmsm/v2