crypto

package
v0.0.0-...-d7c4e6e Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 11, 2019 License: GPL-3.0 Imports: 34 Imported by: 0

Documentation

Overview

Package crypto is used for encyption of bytes This is TOY encryption and keep the RSA privatekey next to the encrypted AES key. The private key should be stored someone a bit more secure. ;)

Current version: experimental

Index

Constants

This section is empty.

Variables

View Source
var CertifcatePath = filepath.Join(os.TempDir(), "blocker", "cert.pem")

Path to the certificate

View Source
var KeyPath = filepath.Join(os.TempDir(), "blocker", "key.pem")

Path to the private key

Functions

func AesCfbDecrypt

func AesCfbDecrypt(encryptedBytes []byte, hash string) ([]byte, error)

Encrpyt data using AES with the CFB chipher mode

func AesCfbEncrypt

func AesCfbEncrypt(bytesToEncrypt []byte, hash string) ([]byte, error)

Encrpyt data using AES with the CFB chipher mode

func AesDecrypt

func AesDecrypt(encryptedBytes []byte, key []byte) ([]byte, error)

Encrpyt data using AES with the CFB chipher mode

func AesEncrypt

func AesEncrypt(bytesToEncrypt []byte, key []byte) ([]byte, error)

Encrpyt data using AES with the CFB chipher mode

func AesGCMDecrypt

func AesGCMDecrypt(ciphertext []byte, key []byte) ([]byte, error)

AesGCMDecrypt Decrypt data using AES with the GCM chipher mode (Gives Confidentiality and Authenticity)

func AesGCMEncrypt

func AesGCMEncrypt(plaintext []byte, key []byte) ([]byte, error)

AesGCMEncrypt Encrypt data using AES with the GCM chipher mode (Gives Confidentiality and Authenticity)

func DeleteAesSecret

func DeleteAesSecret(hash string)

DeleteAesSecret - Remove a key if not needed

func GenerateAesSecret

func GenerateAesSecret() []byte

Create a new Aes Secret

func GenerateRsaKey

func GenerateRsaKey()

Generate a new key

func GetAesSecretPath

func GetAesSecretPath(hash string) string

GetAesSecretPath - Will return a key name for a hash

func GetHmac256

func GetHmac256(message string, secret string) string

GetHmac256 will generate a HMAC hash encoded to base64

func GetRandomInt

func GetRandomInt(min, max int) int

Get a reandom number

func LoadOrGenerateRsaKey

func LoadOrGenerateRsaKey()

Load or Generate a RSA certiciate

func RandomSecret

func RandomSecret(length int) string

Generate a Random secret encoded as a b32 string If the length is <= 0, a default length of 10 bytes will be used, which will generate a secret of length 16.

func RsaDecrypt

func RsaDecrypt(encryptedBytes []byte) ([]byte, error)

Decrypt data using RSA and a private key

func RsaEncrypt

func RsaEncrypt(bytesToEncrypt []byte) ([]byte, error)

Encrypt data using RSA and a public key

Types

type AesKey

type AesKey struct {
	// contains filtered or unexported fields
}

Structure to hold unencrypted AES key

func GetAesSecret

func GetAesSecret(hash string) (AesKey, error)

Get the AES secret to be used for encryption

type AwsCryptoProvider

type AwsCryptoProvider struct {
	// contains filtered or unexported fields
}

AwsCryptoProvider is an implementation of encryption using AWS KMS

func NewAwsCryptoProvider

func NewAwsCryptoProvider() (AwsCryptoProvider, error)

NewAwsCryptoProvider

func (AwsCryptoProvider) Decrypt

func (p AwsCryptoProvider) Decrypt(data []byte) ([]byte, error)

Decrypt will decrypt the passed data using a AWS KMS key

func (AwsCryptoProvider) Encrypt

func (p AwsCryptoProvider) Encrypt(data []byte) ([]byte, error)

Encrypt will encrypt the passed data using a AWS KMS key

type CreateKeyRequest

type CreateKeyRequest struct {
	Description string `json:"Description,omitempty"`
}

CreateKeyRequest

type CreateKeyResponse

type CreateKeyResponse struct {
	KeyMetadata KeyMetadata `json:"KeyMetadata"`
}

CreateKeyResponse

type CryptoProvider

type CryptoProvider interface {
	Encrypt(data []byte) ([]byte, error)
	Decrypt(data []byte) ([]byte, error)
}

CryptoProvider provides an interface for crypto provider solutions

type DecryptRequest

type DecryptRequest struct {
	CiphertextBlob []byte `json:"CiphertextBlob"`
}

DecryptRequest

type DecryptResponse

type DecryptResponse struct {
	Plaintext []byte `json:"Plaintext"`
}

DecryptResponse

type DisableKeyRequest

type DisableKeyRequest struct {
	KeyID string `json:"KeyID"`
}

DisableKeyRequest

type DisableKeyResponse

type DisableKeyResponse struct {
	KeyMetadata KeyMetadata `json:"KeyMetadata"`
}

DisableKeyResponse

type EnableKeyRequest

type EnableKeyRequest struct {
	KeyID string `json:"KeyID"`
}

EnableKeyRequest

type EnableKeyResponse

type EnableKeyResponse struct {
	KeyMetadata KeyMetadata `json:"KeyMetadata"`
}

EnableKeyResponse

type EncryptRequest

type EncryptRequest struct {
	KeyID     string `json:"KeyID"`
	Plaintext []byte `json:"Plaintext"`
}

EncryptRequest

type EncryptResponse

type EncryptResponse struct {
	CiphertextBlob []byte `json:"CiphertextBlob"`
}

EncryptResponse

type GenerateDataKeyRequest

type GenerateDataKeyRequest struct {
	KeyID string `json:"KeyID"`
}

GenerateDataKeyRequest

type GenerateDataKeyResponse

type GenerateDataKeyResponse struct {
	Plaintext      []byte `json:"Plaintext"`
	CiphertextBlob []byte `json:"CiphertextBlob"`
}

GenerateDataKeyResponse

type GoKMSCryptoProvider

type GoKMSCryptoProvider struct {
	// contains filtered or unexported fields
}

GoKMSCryptoProvider is an implementation of encryption using GO KMS

func NewGoKMSCryptoProvider

func NewGoKMSCryptoProvider() (GoKMSCryptoProvider, error)

NewGoKMSCryptoProvider

func (GoKMSCryptoProvider) Decrypt

func (p GoKMSCryptoProvider) Decrypt(data []byte) ([]byte, error)

Decrypt will decrypt the passed data using a GO KMS key

func (GoKMSCryptoProvider) Encrypt

func (p GoKMSCryptoProvider) Encrypt(data []byte) ([]byte, error)

Encrypt will encrypt the passed data using a GO KMS key

type JSONClient

type JSONClient struct {
	Client   *http.Client
	Endpoint string
	// authKey is the key used for authentication
	AuthKey string
}

JSONClient is the underlying client for JSON APIs.

func (*JSONClient) Do

func (c *JSONClient) Do(method, uri string, req, resp interface{}) error

Do sends an HTTP request and returns an HTTP response, following policy (e.g. redirects, cookies, auth) as configured on the client.

func (*JSONClient) SetAuth

func (c *JSONClient) SetAuth(request *http.Request, method string, resource string) *http.Request

SetAuth will set kms auth headers

type KeyByCreated

type KeyByCreated []KeyMetadata

KeyByCreated - Will sort the Keys by CreationDate

func (KeyByCreated) Len

func (a KeyByCreated) Len() int

func (KeyByCreated) Less

func (a KeyByCreated) Less(i, j int) bool

func (KeyByCreated) Swap

func (a KeyByCreated) Swap(i, j int)

type KeyMetadata

type KeyMetadata struct {
	KeyID        string    `json:"KeyId"`
	CreationDate time.Time `json:"CreationDate"`
	Description  string    `json:"Description"`
	Enabled      bool      `json:"Enabled"`
}

KeyMetadata is the associated meta data of any key

type ListKeysRequest

type ListKeysRequest struct {
}

listKeysHandler

type ListKeysResponse

type ListKeysResponse struct {
	KeyMetadata []KeyMetadata `json:"KeyMetadata"`
}

ListKeysResponse

type OpenPGPCryptoProvider

type OpenPGPCryptoProvider struct {
	// contains filtered or unexported fields
}

AwsCryptoProvider is an implementation of encryption using AWS KMS

func NewOpenPGPCryptoProvider

func NewOpenPGPCryptoProvider() (OpenPGPCryptoProvider, error)

NewAwsCryptoProvider

func (OpenPGPCryptoProvider) Decrypt

func (p OpenPGPCryptoProvider) Decrypt(data []byte) ([]byte, error)

Decrypt decrypts data that has been encrypted and compressed

func (OpenPGPCryptoProvider) Encrypt

func (p OpenPGPCryptoProvider) Encrypt(data []byte) ([]byte, error)

Encrypt - Encrypts the data

type ReEncryptRequest

type ReEncryptRequest struct {
	CiphertextBlob   []byte `json:"CiphertextBlob"`
	DestinationKeyID string `json:"DestinationKeyId"`
}

ReEncryptRequest

type ReEncryptResponse

type ReEncryptResponse struct {
	CiphertextBlob []byte `json:"CiphertextBlob"`
	KeyID          string `json:"KeyID"`
	SourceKeyID    string `json:"SourceKeyID"`
}

ReEncryptResponse

type RsaChipher

type RsaChipher struct {
	PrivateKey     *rsa.PrivateKey
	PrivateKeyPath string
	PublicKey      *rsa.PublicKey
	PublicKeyPath  string
}

Structure for encryption chipher

var RsaEncryptionChipher RsaChipher

The key to be used to encrypt and decrypt when using RSA encryption

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL