crypto

package
v0.0.0-...-ea1d8b2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 22, 2019 License: Apache-2.0 Imports: 26 Imported by: 3

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DecryptAndVerify

func DecryptAndVerify(dataBytes []byte, enrollmentID string) ([]byte, error)

DecryptAndVerify accepts data bytes and the specified enrollment id, decrypt the data and verify the signature according to the enrollmentId's certs, if success, return the raw plaintext data。

func GenerateCert

func GenerateCert(host string)

func GetCryptoLib

func GetCryptoLib(name string) (cryptoLib pki.ICryptoLib, err error)

GetCryptoLib can get the specific enrollment id's CryptoLib instance, then you can invoke following API use this Cryptolib instance:

Sign(data []byte) ([]byte, error)
Verify(data []byte, sig []byte) error
Encrypt(data []byte) ([]byte, error)
Decrypt(ciphertext []byte) ([]byte, error)

func SetEncryptFlag

func SetEncryptFlag(isEncrypt bool)

SetEncryptFlag sets the encryption flag

If not set, the default value is "true".

func SetEncryptType

func SetEncryptType(encryptType EncryptType)

SetEncryptType sets the encryption type 0: ecc 1: rsa

If not set, the default value is 0.

func SetSecurityLevel

func SetSecurityLevel(securityLevel int, hashAlgorithm string)

SetSecurityLevel sets the security level and hash algorithm of cryptp library

If not set, the default value is:

SecurityLevel: 256
HashAlgorithm: "SHA3"

func SetServerClientMode

func SetServerClientMode(mode ServerClientMode)

SetServerClientMode sets the server or client mode 0: server mode 1: client mode

If not set, the default value is 0.

func SetSignFlag

func SetSignFlag(isSign bool)

SetSignFlag sets the signature falg

If not set, the default value is "true".

func SignAndEncrypt

func SignAndEncrypt(databytes []byte, enrollmentID string) (string, error)

SignAndEncrypt accepts data bytes and the specified enrollment id, sign and encrypt the data according to the enrollmentId's certs, if success, return the encrypted data.

func VerifySignatureED25519

func VerifySignatureED25519(wr *wallet.WalletRequest, ipk pki.IPublicKey) error

VerifySignatureED25519 verify signature of the given data

Types

type CertGroup

type CertGroup struct {
	EnrollmentID   string
	PrivateKeyFile string
	PeerCertFile   string
	// contains filtered or unexported fields
}

type CertsStore

type CertsStore struct {
	// contains filtered or unexported fields
}

func NewCertsStore

func NewCertsStore(path string) (certsStore *CertsStore, err error)

NewCertsStore New and initialize the certs store, must be called before using crypto library parameters:

path: path to the certs store witch contains all the enrollment id server-side certificates

Certs Store Dir Structure:

  • root-dir: tls: tls.key enrollmentID1: enrollmentID1.cert enrollmentID2: enrollmentID2.cert

func (*CertsStore) Reload

func (this *CertsStore) Reload() error

type EncryptType

type EncryptType int
const (
	ECC_TYPE EncryptType = iota
	RSA_TYPE
)

type ICryptoLib

type ICryptoLib interface {
	Sign(data []byte) ([]byte, error)
	Verify(data []byte, sig []byte) error
	Encrypt(data []byte) ([]byte, error)
	Decrypt(ciphertext []byte) ([]byte, error)
}

type ServerClientMode

type ServerClientMode int
const (
	SERVER_MODE ServerClientMode = iota
	CLIENT_MODE
)

type SignedData

type SignedData struct {
	Data      string `json:"data" yaml:"data"`
	Signature string `json:"signature" yaml:"signature"`
}

Directories

Path Synopsis
ecc
sign
tools
library
util.go
util.go

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL