crypto

package
v0.2.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 19, 2023 License: BSD-3-Clause Imports: 20 Imported by: 1

Documentation

Overview

This package contains the implementation of all cryptographic utilities used by this client library.

Index

Examples

Constants

This section is empty.

Variables

View Source 
var (
	// The private key is invalid.
	ErrInvalidPrivateKey = fmt.Errorf("invalid private key")
	// The public key is invalid.
	ErrInvalidPublicKey = fmt.Errorf("invalid public key")
	// The size of the IV is invalid.
	ErrInvalidBlockCipherIv = fmt.Errorf("invalid block size IV")
	// The encrypted message is invalid.
	ErrInvalidEncryptedMessage = fmt.Errorf("invalid encrypted message")
	// The message padding is invalid.
	ErrInvalidPadding = fmt.Errorf("invalid message padding")
	// Invalid certificate file.
	ErrInvalidCertificateFile = fmt.Errorf("invalid cetificate file")
)
View Source 
var PUBLIC_KEY_HEADER = []byte("PubKey!")

Header of the public key.

Functions

func ConvertPublicKey 

func ConvertPublicKey(publicKey crypto.PublicKey) ([]byte, error)

Converts the given public key into a format suitable for use with IL2 API.

func CreatePublicKeyHash 

func CreatePublicKeyHash(publicKey crypto.PublicKey) (string, error)

Computes the public key hash according to the IL2 standard.

func CreatePublicKeyHashBin 

func CreatePublicKeyHashBin(publicKey []byte) (string, error)

Computes the public key hash according to the IL2 standard.

func CreateReaderId 

func CreateReaderId(data []byte) (string, error)

Creates a probably unique ReaderId from a string of bytes. It may be a key, the certificate payload or even a random value.

Example 
// Load the certificate with keys
cert, err := LoadCertificateWithKey("certs.pem", "key.pem")
if err != nil {
	os.Exit(0)
}
// Compute the ID from the certificate bytes.
id, err := CreateReaderId(cert.Certificate[0])
if err != nil {
	os.Exit(0)
}
fmt.Println(id)

// Load the certificate
certs, err := LoadCertificate("certs.pem")
if err != nil {
	os.Exit(0)
}
// Compute the ID from the certificate bytes.
id, err = CreateReaderId(certs[0].Raw)
if err != nil {
	os.Exit(0)
}
fmt.Println(id)

Output:

func DecipherAESCBC 

func DecipherAESCBC(key, iv, encrypted []byte) ([]byte, int, error)

Decipher the specified block using the specified key and IV.

func DecipherJSON 

func DecipherJSON(key, iv, encrypted []byte) (string, error)

Decipher the specified block using the specified key and IV.

func DecryptRSAWithPrivate 

func DecryptRSAWithPrivate(privateKey *rsa.PrivateKey, encrypted []byte) ([]byte, error)

Deciphers the message using the specified private key.

func DecryptWithPrivate 

func DecryptWithPrivate(privateKey crypto.PrivateKey, encrypted []byte) ([]byte, error)

Deciphers the message using the specified private key.

func LoadCertificate 

func LoadCertificate(certificateFile string) ([]*x509.Certificate, error)

Loads all certificates inside the specified file and returns them as a list. The certificates must be in PEM format.

It fails if there is no certificates to load or if one of them is invalid.

func LoadCertificateWithKey 

func LoadCertificateWithKey(certificateFile string, keyFile string) (tls.Certificate, error)

Loads a certificate with its private key. Both the certificate and the key must be in PEM format.

func LoadCertificateWithKeyFromPKCS12 added in v0.2.0 

func LoadCertificateWithKeyFromPKCS12(file string, password string) (tls.Certificate, error)

Loads a certificate with its private key from a PKCS #12 file.

func LoadPrivateKey 

func LoadPrivateKey(keyFile string) (crypto.PrivateKey, error)

Loads the private key from a PEM file. It can load RSA, ECDSA and EdDSA keys.

func ParseCertificate added in v0.2.0 

func ParseCertificate(bytes []byte) ([]*x509.Certificate, error)

Parses all certificates inside the specified file and returns them as a list. The certificates must be in PEM format.

It fails if there is no certificates to load or if one of them is invalid.

func ParseCertificateWithKeyFromPKCS12 added in v0.2.0 

func ParseCertificateWithKeyFromPKCS12(bytes []byte, password string) (tls.Certificate, error)

Parses a certificate with its private key from a PKCS #12 file.

func ParsePrivateKey added in v0.2.0 

func ParsePrivateKey(bytes []byte) (crypto.PrivateKey, error)

Parses the private key from a PEM file. It can load RSA, ECDSA and EdDSA keys.

func RemoveISO10126Padding 

func RemoveISO10126Padding(blockSize int, plain []byte) ([]byte, error)

Remove the ISO 10126 padding and return a subslice of plain that contains the actual data. Due to the way this padding works, it can also removes the PKCS#5, PKCS#7 and ANSI X9.23 padding as they are special cases of ISO 10126 padding.

func RemoveZeroPadding 

func RemoveZeroPadding(plain []byte) []byte

Remove the padding zero padding and return a subslice of plain that contains the actual data.

Types

type ReaderKey 

type ReaderKey interface {
	/*
		Returns the public key hash of this key.
	*/
	PublicKeyHash() string
	/*
		Returns the public key.
	*/
	PublicKey() crypto.PublicKey
	/*
		Returns the encoded public key suitable to be sent to the node.

		It returns the encoded key and a reader key id derived from the public key.
	*/
	EncodedPublicKey() (string, string, error)
	/*
		Unwraps the given wrapped value with the specified private key.
	*/
	Unwrap(enc []byte) ([]byte, error)
	/*
		Returns true if the private key is present.
	*/
	HasPrivateKey() bool
}

This is the interface of all reader key. Reader keys are used to decipher some types of payloads stored inside IL2 blocks.

func NewReaderKey 

func NewReaderKey(publicKey crypto.PublicKey, privateKey crypto.PrivateKey) (ReaderKey, error)

Creates a new ReaderKey from a public and private key.

func NewReaderKeyFromPrivateKey 

func NewReaderKeyFromPrivateKey(privateKey crypto.PrivateKey) (ReaderKey, error)

Helper function that attempts to create a new ReaderKey from the private key. It will succeed only if the private key format is known to this function.

For now, only RSA keys are supported.

Example 
pair, err := LoadCertificateWithKey("cert.pem", "key.pem")
if err != nil {
	fmt.Printf("Unable to load the key pair: %v\n", err.Error())
	os.Exit(1)
}
rk, err := NewReaderKeyFromPrivateKey(pair.PrivateKey)
if err != nil {
	fmt.Printf("Unable create the ReaderKey: %v\n", err.Error())
	os.Exit(1)
}
fmt.Printf("The public key hash is: %s\n", rk.PublicKeyHash())

Output:

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.