keyio

package
v1.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 22, 2024 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ExtractPrimaryPublicKey

func ExtractPrimaryPublicKey(kh *keyset.Handle) (*cryptoapi.PublicKey, error)

ExtractPrimaryPublicKey is a utility function that will extract the main public key from *keyset.Handle kh.

func PrivateKeyToKeysetHandle

func PrivateKeyToKeysetHandle(privKey *cryptoapi.PrivateKey, aeadAlg ecdh.AEADAlg) (*keyset.Handle, error)

PrivateKeyToKeysetHandle converts privKey into a *keyset.Handle where privKey could be either a sender or a recipient key. The resulting handle cannot be directly used for primitive execution as the cek is not set. This function serves as a helper to get a senderKH to be used as an option for ECDH execution (for ECDH-1PU/authcrypt). The keyset handle will be set with either AES256-GCM, AES128CBC+SHA256, AES192CBC+SHA384, AES256CBC+SHA384 or AES256CBC+SHA512 AEAD key template for content encryption. With: - privKey the private key to convert. - aeadAlg the content encryption algorithm to use along the ECDH primitive.

func PublicKeyToKeysetHandle

func PublicKeyToKeysetHandle(pubKey *cryptoapi.PublicKey, aeadAlg ecdh.AEADAlg) (*keyset.Handle, error)

PublicKeyToKeysetHandle converts pubKey into a *keyset.Handle where pubKey could be either a sender or a recipient key. The resulting handle cannot be directly used for primitive execution as the cek is not set. This function serves as a helper to get a senderKH to be used as an option for ECDH execution (for ECDH-1PU/authcrypt). The keyset handle will be set with either AES256-GCM, AES128CBC+SHA256, AES192CBC+SHA384, AES256CBC+SHA384 or AES256CBC+SHA512 AEAD key template for content encryption. With: - pubKey the public key to convert. - aeadAlg the content encryption algorithm to use along the ECDH primitive.

Types

type PubKeyWriter

type PubKeyWriter struct {
	// KeyType is Key Type of the written key. It's needed as Write() is an interface function and can't return it.
	KeyType kms.KeyType
	// contains filtered or unexported fields
}

PubKeyWriter will write the raw bytes of a Tink KeySet's primary public key. The raw bytes are a marshaled composite.VerificationMethod type. The keyset must have a keyURL value equal to either one of the public key URLs:

  • `nistPECDHKWPublicKeyTypeURL`
  • `x25519ECDHKWPublicKeyTypeURL`

constants of ecdh package. Note: This writer should be used only for ECDH public key exports. Other export of public keys should be

called via localkms package.

func NewWriter

func NewWriter(w io.Writer) *PubKeyWriter

NewWriter creates a new PubKeyWriter instance.

func (*PubKeyWriter) Write

func (p *PubKeyWriter) Write(ks *tinkpb.Keyset) error

Write writes the public keyset to the underlying w.Writer.

func (*PubKeyWriter) WriteEncrypted

func (p *PubKeyWriter) WriteEncrypted(_ *tinkpb.EncryptedKeyset) error

WriteEncrypted writes the encrypted keyset to the underlying w.Writer.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL