internal

package
v0.3.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 23, 2024 License: MIT Imports: 16 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	P224oid = asn1.ObjectIdentifier{1, 3, 132, 0, 33}
	P256oid = asn1.ObjectIdentifier{1, 2, 840, 10045, 3, 1, 7}
	P384oid = asn1.ObjectIdentifier{1, 3, 132, 0, 34}
	P521oid = asn1.ObjectIdentifier{1, 3, 132, 0, 35}
)

Functions

func AttributeToString 

func AttributeToString(attribute *pkcs11.Attribute) string

AttributeToString converts a PKCS11 Attribute to a string

func CurveNameToCurve 

func CurveNameToCurve(curveName string) (curve elliptic.Curve, err error)

CurveNameToCurve converts a curve name to a elliptic.Curve for HSM ECC PublicKey extraction

func CurveNameToECParams 

func CurveNameToECParams(curveName string) ([]byte, error)

CurveNameToECParams converts a named curve into ecParam bytes

func CurveNameToOid 

func CurveNameToOid(curveName string) (curve asn1.ObjectIdentifier, err error)

CurveNameToOid converts a named curve to a ObjectIdentifier

func ECParamsToCurve 

func ECParamsToCurve(ecParams []byte) (elliptic.Curve, error)

ECParamsToCurve converts ecParam bytes (from the HSM) into a golang curve obj

func OidToCurveName 

func OidToCurveName(curve asn1.ObjectIdentifier) (name string, err error)

OidToCurveName converts an ObjectIdentifier to a named curve

func StringToAttribute 

func StringToAttribute(algo string) (*pkcs11.Attribute, error)

StringToAttribute converts an algo string like "RSA" to a pkcs11 uint

Types

type P11 

type P11 struct {
	Ctx      *pkcs11.Ctx
	Sessions map[uint]pkcs11.SessionHandle
	// contains filtered or unexported fields
}

func NewP11 

func NewP11(modulePath string, logger pterm.Logger) (*P11, error)

func (*P11) CloseAllSessions 

func (p *P11) CloseAllSessions() error

func (*P11) ExportCertificate 

func (p *P11) ExportCertificate(sh pkcs11.SessionHandle, oh pkcs11.ObjectHandle) ([]byte, error)

ExportCertificate extracts, parses and prints a Certificate from the HSM

func (*P11) ExportPrivateKey 

func (p *P11) ExportPrivateKey(sh pkcs11.SessionHandle, oh pkcs11.ObjectHandle) ([]byte, error)

ExportPrivateKey extracts, parses and prints an RSA/EC key using an ephemeral AES wrapping key.

func (*P11) ExportPublicKey 

func (p *P11) ExportPublicKey(sh pkcs11.SessionHandle, oh pkcs11.ObjectHandle, algorithm uint32) ([]byte, error)

ExportPublicKey extracts, parses and prints a Public Key from the HSM

func (*P11) ExportPublicKeyEC 

func (p *P11) ExportPublicKeyEC(sh pkcs11.SessionHandle, oh pkcs11.ObjectHandle) ([]byte, error)

ExportPublicKeyEC extracts, parses and prints an EC Public Key from the HSM

func (*P11) ExportPublicKeyRSA 

func (p *P11) ExportPublicKeyRSA(sh pkcs11.SessionHandle, oh pkcs11.ObjectHandle) ([]byte, error)

ExportPublicKeyRSA extracts, parses and prints an RSA Public Key from the HSM

func (*P11) ExportSecretKey 

func (p *P11) ExportSecretKey(sh pkcs11.SessionHandle, oh pkcs11.ObjectHandle) ([]byte, error)

ExportSecretKey extracts, parses and prints an AES/DES/3DES key using an ephemeral RSA_OAEP wrapping key.

func (*P11) Finalize 

func (p *P11) Finalize() error

func (*P11) FindObjects 

func (p *P11) FindObjects(slotID uint, template []*pkcs11.Attribute) ([]pkcs11.ObjectHandle, error)

func (*P11) GenerateAESKey 

func (p *P11) GenerateAESKey(sh pkcs11.SessionHandle, label string, keylength int, extractable, ephemeral bool) (pkcs11.ObjectHandle, error)

GenerateRSAKeypair generates a AES key in the HSM

func (*P11) GenerateDESKey 

func (p *P11) GenerateDESKey(sh pkcs11.SessionHandle, label string, keylength int, extractable, ephemeral bool) (pkcs11.ObjectHandle, error)

GenerateRSAKeypair generates a DES key in the HSM

func (*P11) GenerateECKeypair 

func (p *P11) GenerateECKeypair(sh pkcs11.SessionHandle, label string, curve string, extractable, ephemeral bool) (pkcs11.ObjectHandle, error)

GenerateECKeypair generates an EC Keypair in the HSM

func (*P11) GenerateRSAKeypair 

func (p *P11) GenerateRSAKeypair(sh pkcs11.SessionHandle, label string, keylength int, extractable, ephemeral bool) (pkcs11.ObjectHandle, pkcs11.ObjectHandle, error)

GenerateRSAKeypair generates an RSA Keypair in the HSM

func (*P11) GetSlots 

func (p *P11) GetSlots() (map[uint]pkcs11.TokenInfo, error)

func (*P11) ImportCertificate 

func (p *P11) ImportCertificate(sh pkcs11.SessionHandle, cert *x509.Certificate, label string, ephemeral bool) (pkcs11.ObjectHandle, error)

ImportPublicKey imports a Certificate into the hsm without wrapping

func (*P11) ImportPrivateKey 

func (p *P11) ImportPrivateKey(sh pkcs11.SessionHandle, rawKey []byte, keylabel string, ephemeral bool, algorithm string) (pkcs11.ObjectHandle, error)

ImportPrivateKey imports an RSA/EC Private Key into the HSM using an ephemeral AES 256 wrapping key

func (*P11) ImportPublicKey 

func (p *P11) ImportPublicKey(sh pkcs11.SessionHandle, pub any, keyLabel string, ephemeral bool) (pkcs11.ObjectHandle, error)

ImportPublicKey imports an RSA/EC Public Key into the hsm without wrapping

func (*P11) ImportSecretKey 

func (p *P11) ImportSecretKey(sh pkcs11.SessionHandle, rawKey []byte, keylabel string, ephemeral bool, algorithm string) (pkcs11.ObjectHandle, error)

ImportSecretKey imports an AES/DES/3DES Secret Key into the HSM using an ephemeral RSA 2048 wrapping key

func (*P11) Login 

func (p *P11) Login(slotID uint, pin string) error

func (*P11) OpenSession 

func (p *P11) OpenSession(slotID uint) (pkcs11.SessionHandle, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.