crypto

package

v0.9.9 Latest Latest Go to latest Published: Feb 1, 2020 License: Apache-2.0 Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

This section is empty.

View Source

var ErrTooShort = errors.New("SealedSecret data is too short")

ErrTooShort indicates the provided data is too short to be valid

func GeneratePrivateKeyAndCert(keySize int, validFor time.Duration, cn string) (*rsa.PrivateKey, *x509.Certificate, error)

GeneratePrivateKeyAndCert generates a keypair and signed certificate.

func HybridDecrypt(rnd io.Reader, privKeys map[string]*rsa.PrivateKey, ciphertext, label []byte) ([]byte, error)

HybridDecrypt performs a regular AES-GCM + RSA-OAEP decryption. The private keys map has a fingerprint of each public key as the map key.

func HybridEncrypt(rnd io.Reader, pubKey *rsa.PublicKey, plaintext, label []byte) ([]byte, error)

HybridEncrypt performs a regular AES-GCM + RSA-OAEP encryption. The output bytestring is:

RSA ciphertext length || RSA ciphertext || AES ciphertext

func PublicKeyFingerprint(rp *rsa.PublicKey) (string, error)

PublicKeyFingerprint returns a fingerprint for a public key.

func SessionKeyProvider(sessionKeySeed string, input []byte) (io.Reader, error)

func SignKey(r io.Reader, key *rsa.PrivateKey, validFor time.Duration, cn string) (*x509.Certificate, error)

SignKey returns a signed certificate.

type Reader struct {
	// contains filtered or unexported fields
}

func (r *Reader) Read(p []byte) (n int, err error)