Documentation ¶
Index ¶
- type Encrypter
- type EncrypterEntity
- type EncrypterSignerEntity
- func GetEncrypterSignerEntityForTest(id string) (EncrypterSignerEntity, error)
- func NewAES256EncrypterECDSASignerEntity(ID string, b bccsp.BCCSP, encKeyBytes, signKeyBytes []byte) (EncrypterSignerEntity, error)
- func NewEncrypterSignerEntity(ID string, bccsp bccsp.BCCSP, eKey, sKey bccsp.Key, eOpts bccsp.EncrypterOpts, ...) (EncrypterSignerEntity, error)
- type Entity
- type SignedMessage
- type Signer
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Encrypter ¶
type Encrypter interface { // Encrypt returns the ciphertext for the supplied plaintext message Encrypt(plaintext []byte) (ciphertext []byte, err error) // Decrypt returns the plaintext for the supplied ciphertext message Decrypt(ciphertext []byte) (plaintext []byte, err error) }
Encrypter is an interface that provides basic encrypt/decrypt capabilities
type EncrypterEntity ¶
Encrypter entity is an entity which is capable of performing encryption
func GetEncrypterEntityForTest ¶
func GetEncrypterEntityForTest(id string) (EncrypterEntity, error)
func NewAES256EncrypterEntity ¶
NewAES256EncrypterEntity returns an encrypter entity that is capable of performing AES 256 bit encryption using PKCS#7 padding. Optionally, the IV can be provided in which case it is used during the encryption; othjerwise, a random one is generated.
func NewEncrypterEntity ¶
func NewEncrypterEntity(ID string, bccsp bccsp.BCCSP, eKey bccsp.Key, eOpts bccsp.EncrypterOpts, dOpts bccsp.DecrypterOpts) (EncrypterEntity, error)
NewEncrypterEntity returns an EncrypterEntity that is capable of performing encryption using i) the supplied BCCSP instance; ii) the supplied encryption key and iii) the supplied encryption and decryption options. The identifier of the entity is supplied as an argument as well - it's the caller's responsibility to choose it in a way that it is meaningful
type EncrypterSignerEntity ¶
EncrypterSignerEntity is an entity which is capable of performing encryption and of generating signatures
func GetEncrypterSignerEntityForTest ¶
func GetEncrypterSignerEntityForTest(id string) (EncrypterSignerEntity, error)
func NewAES256EncrypterECDSASignerEntity ¶
func NewAES256EncrypterECDSASignerEntity(ID string, b bccsp.BCCSP, encKeyBytes, signKeyBytes []byte) (EncrypterSignerEntity, error)
NewAES256EncrypterECDSASignerEntity returns an encrypter entity that is capable of performing AES 256 bit encryption using PKCS#7 padding and signing using ECDSA
func NewEncrypterSignerEntity ¶
func NewEncrypterSignerEntity(ID string, bccsp bccsp.BCCSP, eKey, sKey bccsp.Key, eOpts bccsp.EncrypterOpts, dOpts bccsp.DecrypterOpts, sOpts bccsp.SignerOpts, hOpts bccsp.HashOpts) (EncrypterSignerEntity, error)
NewEncrypterSignerEntity returns an EncrypterSignerEntity (which is also an EncrypterEntity) that is capable of performing encryption AND of generating signatures using i) the supplied BCCSP instance; ii) the supplied encryption and signing keys and iii) the supplied encryption, decryption, signing and hashing options. The identifier of the entity is supplied as an argument as well - it's the caller's responsibility to choose it in a way that it is meaningful
type Entity ¶
type Entity interface { // ID returns an identifier for the entity; // the identifier can be set arbitrarily by // the entity's constructor in a manner that // is relevant for its usage at the cc-level ID() string // Equals compares this entity with the supplied // one and returns a boolean that is true if the // two entities are identical. This includes any // and all key material that the entity uses Equals(Entity) bool // Public returns the public version of this entity // in case asymmetric cryptography is used. If not, // Public returns itself Public() (Entity, error) }
Entity is the basic interface for all crypto entities that are used by the library to obtain cc-level encryption
type SignedMessage ¶
type SignedMessage struct { // ID contains a description of the entity signing this message ID []byte `json:"id"` // Payload contains the message that is signed Payload []byte `json:"payload"` // Sig contains a signature over ID and Payload Sig []byte `json:"sig"` }
SignedMessage is a simple struct that contains space for a payload and a signature over it, and convenience functions to sign, verify, marshal and unmarshal
func (*SignedMessage) FromBytes ¶
func (m *SignedMessage) FromBytes(d []byte) error
FromBytes populates the instance from the supplied byte array
func (*SignedMessage) Sign ¶
func (m *SignedMessage) Sign(signer Signer) error
Sign signs the SignedMessage and stores the signature in the Sig field
func (*SignedMessage) ToBytes ¶
func (m *SignedMessage) ToBytes() ([]byte, error)
ToBytes serializes the intance to bytes
func (*SignedMessage) Verify ¶
func (m *SignedMessage) Verify(verifier Signer) (bool, error)
Verify verifies the signature over Payload stored in Sig
type Signer ¶
type Signer interface { // Sign returns a signature of the supplied message (or an error) Sign(msg []byte) (signature []byte, err error) // Verify checks whether the supplied signature // over the supplied message is valid according to this interface Verify(signature, msg []byte) (valid bool, err error) }
Signer is an interface that provides basic sign/verify capabilities