cryptokms

package module

v0.0.0-...-94a1697 Latest Latest Go to latest Published: Apr 4, 2024 License: MIT Imports: 11 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

README ¶

cryptokms

Implements crypto.Signer and crypto.Decrypter for keys typically backed by KMS service. Currently it supports keys backed by,

Google Cloud KMS
AWS KMS
Filesystem
From memory.

Dependencies are neatly isolated. If you pull gcpkms package only google cloud dependencies should be pulled. Code has extensive unit tests and integration tests.

Uses sensible and sane defaults.

RSA keys of size less than 2048 are not supported.
ECC Keys of size less than 256 are not supported.
Signing algorithms with insecure hashes (SHA1, MD5 etc) are not supported.

Google KMS (Signing Keys)

Key Algorithm	Hash Algorithm	Supported Interfaces
`EC_SIGN_P256_SHA256`(recommended)	sha256	crypto.Signer, crypto.SignerOpts
`EC_SIGN_P384_SHA384`	sha384	crypto.Signer, crypto.SignerOpts
`RSA_SIGN_PKCS1_2048_SHA256`	sha256	crypto.Signer, crypto.SignerOpts
`RSA_SIGN_PKCS1_3072_SHA256`	sha256	crypto.Signer, crypto.SignerOpts
`RSA_SIGN_PKCS1_4096_SHA256`	sha256	crypto.Signer, crypto.SignerOpts
`RSA_SIGN_PKCS1_4096_SHA512`	sha512	crypto.Signer, crypto.SignerOpts

[!IMPORTANT]

RSA_SIGN_PSS_*, RSA_SIGN_RAW_* and external KMS keys are not supported.

Google KMS (Encryption Keys)

Key Algorithm	Hash Algorithm	Supported Interfaces
`RSA_DECRYPT_OAEP_2048_SHA1`	sha1	crypto.Decrypter
`RSA_DECRYPT_OAEP_3072_SHA1`	sha1	crypto.Decrypter
`RSA_DECRYPT_OAEP_4096_SHA1`	sha1	crypto.Decrypter
`RSA_DECRYPT_OAEP_2048_SHA256`	sha256	crypto.Decrypter
`RSA_DECRYPT_OAEP_3072_SHA256`(recommended)	sha256	crypto.Decrypter
`RSA_DECRYPT_OAEP_4096_SHA256`	sha256	crypto.Decrypter
`RSA_DECRYPT_OAEP_4096_SHA512`	sha512	crypto.Decrypter

AWS KMS (Signing Keys)

Key Algorithm	Key Usage	Hash Algorithm	Supported Interfaces
`RSA_2048`	`SIGN_VERIFY`	sha256, sha384, sha512	crypto.Signer, crypto.SignerOpts
`RSA_3072`	`SIGN_VERIFY`	sha256, sha384, sha512	crypto.Signer, crypto.SignerOpts
`RSA_4096`	`SIGN_VERIFY`	sha256, sha384, sha512	crypto.Signer, crypto.SignerOpts
`ECC_NIST_P256`(recommended)	`SIGN_VERIFY`	sha256	crypto.Signer, crypto.SignerOpts
`ECC_NIST_384`	`SIGN_VERIFY`	sha384	crypto.Signer, crypto.SignerOpts
`ECC_NIST_P521`	`SIGN_VERIFY`	sha512	crypto.Signer, crypto.SignerOpts

AWS KMS (Encryption Keys)

Key Algorithm	Key Usage	Encryption Algorithms	Supported Interfaces
`RSA_2048`	`ENCRYPT_DECRYPT`	`RSAES_OAEP_SHA_1`,`RSAES_OAEP_SHA_256`	crypto.Decrypter
`RSA_3072`	`ENCRYPT_DECRYPT`	`RSAES_OAEP_SHA_1`,`RSAES_OAEP_SHA_256`	crypto.Decrypter
`RSA_4096`	`ENCRYPT_DECRYPT`	`RSAES_OAEP_SHA_1`,`RSAES_OAEP_SHA_256`	crypto.Decrypter

Keys from filesystem

[!IMPORTANT]

Use in-memory non swap-able file system (like ramfs) or from kubernetes secret store CSI. For systems using systemd, systemd-credentials can be used as keys can be encrypted, bound to TPM and are only present in memory. In other cases this may be insecure.

Keys on disk must be not encrypted with a passphrase. Private key in PKCS #8, ASN.1 DER form(PRIVATE KEY), RSA private key in PKCS #1, ASN.1 DER form(RSA PRIVATE KEY) and EC private key in SEC 1, ASN.1 DER form (EC PRIVATE KEY) are supported.

Key Algorithm	Supported Hashes	Interfaces
`RSA_2048`	SHA1, SHA256, SHA512	crypto.Decrypter, crypto.Signer
`RSA_3072`	SHA1, SHA256, SHA512	crypto.Decrypter, crypto.Signer
`RSA_4096`	SHA1, SHA256, SHA512	crypto.Decrypter, crypto.Signer
`ECC-P256`	SHA256	crypto.Signer
`ECC-P384`	SHA384	crypto.Signer
`ECC-P521`	SHA512	crypto.Signer
`ED-25519`	SHA512 (ed25519ph only)	crypto.Signer

From memory

If keys are stored in memory or environment variables, use memkms. It is identical to filekms except keys are in-process and are provided directly. Key must be PEM encoded.

Documentation ¶

Index ¶

func VerifyDigestSignature(pub crypto.PublicKey, hash crypto.Hash, digest, signature []byte) error
func VerifySignature(pub crypto.PublicKey, hash crypto.Hash, in io.Reader, signature []byte) error
type Algorithm
- func (i Algorithm) String() string
type Decrypter
type Signer

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func VerifyDigestSignature ¶

func VerifyDigestSignature(pub crypto.PublicKey, hash crypto.Hash, digest, signature []byte) error

VerifyDigestSignature is a wrapper around following,

crypto/rsa.VerifyPKCS1v15
crypto/ecdsa.Verify
crypto/ed25519.VerifyWithOptions (only Ed25519ph with SHA512)
crypto/rsa.VerifyPSS

Public key must of one of

This does not allow insecure hashing algorithms (crypto.SHA1 and crypto.MD5, crypto.MD4) and returns an error even though signature might be valid. Similarly, RSA keys of length less than 2048 bits and ECDSA keys of size less than 256 are rejected even though signature might be valid.

func VerifySignature ¶

func VerifySignature(pub crypto.PublicKey, hash crypto.Hash, in io.Reader, signature []byte) error

VerifySignature is a wrapper around VerifyDigestSignature, but accepts an io.Reader, which can hash the data with given hash function.

Types ¶

type Algorithm ¶

type Algorithm int

Key algorithm type.

const (
	// Unknown.
	AlgorithmUnknown Algorithm = iota

	// RSA 2048 bit key.
	AlgorithmRSA2048

	// RSA 3072 bit key.
	AlgorithmRSA3072

	// RSA 4096 bit key.
	AlgorithmRSA4096

	// RSA 8192 bit key.
	AlgorithmRSA8192

	// NIST P-256 elliptic curve key algorithms.
	AlgorithmECP256

	// NIST P-384 elliptic curve key algorithms.
	AlgorithmECP384

	// NIST P-521 elliptic curve key algorithms.
	AlgorithmECP521

	// ED-25519.
	AlgorithmED25519

	// AWS symmetric key algorithm.
	AlgorithmSymmetricAWS

	// GCP symmetric key algorithm.
	AlgorithmSymmetricGCP
)

func (Algorithm) String ¶

func (i Algorithm) String() string

type Decrypter ¶

type Decrypter interface {
	crypto.Decrypter

	// Same as [crypto.Decrypter], but [context.Context] aware.
	//  - KMS libraries are already context aware and should help with tracing, and cancellation.
	//  - Do note however decryption payload limits set by the kms provider apply.
	//  - Unlike [crypto.Decrypter], rand is ignored, as decryption may happen remotely.
	//    so it can be nil.
	DecryptContext(ctx context.Context, _ io.Reader, msg []byte, opts crypto.DecrypterOpts) (plaintext []byte, err error)

	// KMS key creation time.
	//  - This can be used to calculate age of the key to help with periodic key rotation.
	//  - Building to GPG public key packets which are deterministic etc.
	CreatedAt() time.Time

	// Returns default hashing algorithm.
	//  - Some KMS providers restrict hashing algorithm.
	//  - If KMS key supports multiple algorithms, this
	//    returns sane default, typically [crypto.SHA256].
	HashFunc() crypto.Hash

	// Algorithm returns key algorithm.
	Algorithm() Algorithm
}

Context aware KMS backed crypto.Decrypter. This extends crypto.Decrypter with additional methods for usage with KMS keys.

type Signer ¶

type Signer interface {
	crypto.Signer

	// Same as [crypto.Signer], but [context.Context] aware.
	//  - KMS libraries are already context aware and should help with tracing,
	//    and cancellation.
	//  - Unlike [crypto.Signer], rand is always ignored, as signing may be remote.
	SignContext(ctx context.Context, rand io.Reader, digest []byte, opts crypto.SignerOpts) (signature []byte, err error)

	// KMS key creation time.
	//  - This can be used to calculate age of the key to help with periodic key rotation.
	//  - Building to GPG public key packets which are deterministic etc.
	CreatedAt() time.Time

	// Returns default hashing algorithm.
	//  - Some KMS providers restrict hashing algorithm. This
	//    ensures Signer selects appropriate hash supported by the KMS key.
	//  - If KMS key supports multiple signers, this
	//    returns sane default, typically [crypto.SHA256].
	HashFunc() crypto.Hash

	// Algorithm returns KMS key algorithm.
	Algorithm() Algorithm
}

Context aware KMS backed crypto.Signer. This extends crypto.Signer with additional methods for usage with KMS keys.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
awskms Package gcpkms implements crypto.Signer and crypto.Decrypter backed by AWS KMS.	Package gcpkms implements crypto.Signer and crypto.Decrypter backed by AWS KMS.
filekms Package filekms implements crypto.Signer and crypto.Decrypter for keys stored on the filesystem.	Package filekms implements crypto.Signer and crypto.Decrypter for keys stored on the filesystem.
gcpkms Package gcpkms implements crypto.Signer and crypto.Decrypter backed by Google Cloud KMS.	Package gcpkms implements crypto.Signer and crypto.Decrypter backed by Google Cloud KMS.
internal
ioutils This package exists to de-duplicate code used in testing and code generation.	This package exists to de-duplicate code used in testing and code generation.
shared
testkeys Package testkeys provides/generates test keys and test hashes.	Package testkeys provides/generates test keys and test hashes.
memkms Package memkms implements crypto.Signer and crypto.Decrypter for keys stored in memory.	Package memkms implements crypto.Signer and crypto.Decrypter for keys stored in memory.
scripts
aws
gcp

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL