keypair

package
v1.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 11, 2025 License: MIT Imports: 14 Imported by: 0

Documentation

Overview

Package keypair manages cryptographic key pairs (RSA, SM2): generate, parse and format keys. SM2 uses PKCS#8 (private), PKIX/SPKI (public), and CipherOrder to control C1/C2/C3 ciphertext order.

Package keypair provides RSA key pair management functionality. It supports key generation, formatting, parsing, and manipulation for both PKCS1 and PKCS8 formats.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type CipherOrder added in v1.2.0 

type CipherOrder string

CipherOrder specifies the concatenation order of SM2 ciphertext components. It controls how the library assembles (encrypt) and interprets (decrypt) the C1, C2, C3 parts.

C1: EC point (x1||y1) in uncompressed form; C2: XORed plaintext; C3: SM3 digest over x2 || M || y2. 

const (
	// C1C2C3 means ciphertext bytes are C1 || C2 || C3.
	C1C2C3 CipherOrder = "c1c2c3"
	// C1C3C2 means ciphertext bytes are C1 || C3 || C2.
	C1C3C2 CipherOrder = "c1c3c2"
)

Supported SM2 ciphertext orders.

type Ed25519KeyPair added in v1.1.1 

type Ed25519KeyPair struct {
	// PublicKey contains the PEM-encoded public key
	PublicKey []byte

	// PrivateKey contains the PEM-encoded private key
	PrivateKey []byte

	// Sign contains the signature bytes for verification
	Sign []byte
}

Ed25519KeyPair represents an ED25519 key pair with public and private keys. It supports PKCS8 format and provides methods for key generation, formatting, and parsing.

func NewEd25519KeyPair added in v1.1.1 

func NewEd25519KeyPair() *Ed25519KeyPair

NewEd25519KeyPair returns a new Ed25519KeyPair instance.

func (*Ed25519KeyPair) CompressPrivateKey added in v1.2.0 

func (k *Ed25519KeyPair) CompressPrivateKey(privateKey []byte) []byte

CompressPrivateKey removes the PEM headers and footers from the private key. It supports PKCS8 format and removes all whitespace characters. The resulting byte slice contains only the base64-encoded key data.

func (*Ed25519KeyPair) CompressPublicKey added in v1.2.0 

func (k *Ed25519KeyPair) CompressPublicKey(publicKey []byte) []byte

CompressPublicKey removes the PEM headers and footers from the public key. It supports PKCS8 format and removes all whitespace characters. The resulting byte slice contains only the base64-encoded key data.

func (*Ed25519KeyPair) FormatPrivateKey added in v1.2.0 

func (k *Ed25519KeyPair) FormatPrivateKey(privateKey []byte) ([]byte, error)

FormatPrivateKey formats base64-encoded der private key into the specified PEM format.

func (*Ed25519KeyPair) FormatPublicKey added in v1.2.0 

func (k *Ed25519KeyPair) FormatPublicKey(publicKey []byte) ([]byte, error)

FormatPublicKey formats base64-encoded der public key into the specified PEM format.

func (*Ed25519KeyPair) GenKeyPair added in v1.1.1 

func (k *Ed25519KeyPair) GenKeyPair() error

GenKeyPair generates a new Ed25519KeyPair instance. The generated keys are formatted in PEM format using PKCS8 format.

Note: The generated keys are automatically formatted in PEM format using PKCS8 format.

func (*Ed25519KeyPair) ParsePrivateKey added in v1.1.1 

func (k *Ed25519KeyPair) ParsePrivateKey() (ed25519.PrivateKey, error)

ParsePrivateKey parses the private key from PEM format and returns a Go crypto/ed25519.PrivateKey. It supports PKCS8 format.

Note: This method automatically detects the key format from the PEM headers.

func (*Ed25519KeyPair) ParsePublicKey added in v1.1.1 

func (k *Ed25519KeyPair) ParsePublicKey() (ed25519.PublicKey, error)

ParsePublicKey parses the public key from PEM format and returns a Go crypto/ed25519.PublicKey. It supports PKCS8 format.

Note: This method automatically detects the key format from the PEM headers.

func (*Ed25519KeyPair) SetPrivateKey added in v1.1.1 

func (k *Ed25519KeyPair) SetPrivateKey(privateKey []byte) error

SetPrivateKey sets the private key and formats it in PKCS8 format. The input key is expected to be in PEM format and will be reformatted if necessary.

func (*Ed25519KeyPair) SetPublicKey added in v1.1.1 

func (k *Ed25519KeyPair) SetPublicKey(publicKey []byte) error

SetPublicKey sets the public key and formats it in PKCS8 format. The input key is expected to be in PEM format and will be reformatted if necessary.

type EmptyPrivateKeyError added in v1.2.0 

type EmptyPrivateKeyError struct {
}

func (EmptyPrivateKeyError) Error added in v1.2.0 

func (e EmptyPrivateKeyError) Error() string

type EmptyPublicKeyError added in v1.2.0 

type EmptyPublicKeyError struct {
}

func (EmptyPublicKeyError) Error added in v1.2.0 

func (e EmptyPublicKeyError) Error() string

type InvalidPrivateKeyError 

type InvalidPrivateKeyError struct {
	Err error
}

func (InvalidPrivateKeyError) Error 

func (e InvalidPrivateKeyError) Error() string

type InvalidPublicKeyError 

type InvalidPublicKeyError struct {
	Err error
}

func (InvalidPublicKeyError) Error 

func (e InvalidPublicKeyError) Error() string

type KeyFormat 

type KeyFormat string

KeyFormat represents the format of RSA keys. It can be either PKCS1 or PKCS8 format. 

const (
	// PKCS1 represents the PKCS#1 format for RSA keys.
	// This format uses specific headers like "-----BEGIN RSA PUBLIC KEY-----".
	PKCS1 KeyFormat = "pkcs1"

	// PKCS8 represents the PKCS#8 format for RSA keys.
	// This format uses generic headers like "-----BEGIN PUBLIC KEY-----".
	PKCS8 KeyFormat = "pkcs8"
)

Key format constants for RSA key pairs.

type RsaKeyPair 

type RsaKeyPair struct {
	// PublicKey contains the PEM-encoded public key
	PublicKey []byte

	// PrivateKey contains the PEM-encoded private key
	PrivateKey []byte

	// Sign contains the signature bytes for verification
	Sign []byte

	// Format specifies the key format (PKCS1 or PKCS8)
	Format KeyFormat

	// Hash specifies the hash function used for RSA operations
	// This is used for OAEP padding in encryption and for signature generation/verification
	Hash crypto.Hash
}

RsaKeyPair represents an RSA key pair with public and private keys. It supports both PKCS1 and PKCS8 formats and provides methods for key generation, formatting, and parsing.

func NewRsaKeyPair 

func NewRsaKeyPair() *RsaKeyPair

NewRsaKeyPair returns a new RsaKeyPair instance. The default format is PKCS8 and the default hash function is SHA256.

func (*RsaKeyPair) CompressPrivateKey added in v1.2.0 

func (k *RsaKeyPair) CompressPrivateKey(privateKey []byte) []byte

CompressPrivateKey removes the PEM headers and footers from the private key. It supports both PKCS1 and PKCS8 formats and removes all whitespace characters. The resulting byte slice contains only the base64-encoded key data.

func (*RsaKeyPair) CompressPublicKey added in v1.2.0 

func (k *RsaKeyPair) CompressPublicKey(publicKey []byte) []byte

CompressPublicKey removes the PEM headers and footers from the public key. It supports both PKCS1 and PKCS8 formats and removes all whitespace characters. The resulting byte slice contains only the base64-encoded key data.

func (*RsaKeyPair) FormatPrivateKey added in v1.2.0 

func (k *RsaKeyPair) FormatPrivateKey(privateKey []byte) ([]byte, error)

FormatPrivateKey formats base64-encoded der private key into the specified PEM format.

func (*RsaKeyPair) FormatPublicKey added in v1.2.0 

func (k *RsaKeyPair) FormatPublicKey(publicKey []byte) ([]byte, error)

FormatPublicKey formats base64-encoded der public key into the specified PEM format.

func (*RsaKeyPair) GenKeyPair 

func (k *RsaKeyPair) GenKeyPair(size int) error

GenKeyPair generates a new RsaKeyPair with the specified key size. The generated keys are formatted according to the current Format setting.

Note: The generated keys are automatically formatted in PEM format according to the current Format setting (PKCS1 or PKCS8).

func (*RsaKeyPair) ParsePrivateKey 

func (k *RsaKeyPair) ParsePrivateKey() (*rsa.PrivateKey, error)

ParsePrivateKey parses the private key from PEM format. It supports both PKCS1 and PKCS8 formats automatically.

Note: This method automatically detects the key format from the PEM headers.

func (*RsaKeyPair) ParsePublicKey 

func (k *RsaKeyPair) ParsePublicKey() (*rsa.PublicKey, error)

ParsePublicKey parses the public key from PEM format. It supports both PKCS1 and PKCS8 formats automatically.

Note: This method automatically detects the key format from the PEM headers.

func (*RsaKeyPair) SetFormat 

func (k *RsaKeyPair) SetFormat(format KeyFormat)

SetFormat sets the key format for the RSA key pair. This affects how keys are generated, formatted, and parsed. The format can be either PKCS1 or PKCS8.

func (*RsaKeyPair) SetHash 

func (k *RsaKeyPair) SetHash(hash crypto.Hash)

SetHash sets the hash function used for OAEP padding in RSA operations. This is particularly important for PKCS8 format keys that use OAEP padding.

func (*RsaKeyPair) SetPrivateKey 

func (k *RsaKeyPair) SetPrivateKey(privateKey []byte) error

SetPrivateKey sets the private key and formats it according to the current format. The input key is expected to be in PEM format and will be reformatted if necessary.

func (*RsaKeyPair) SetPublicKey 

func (k *RsaKeyPair) SetPublicKey(publicKey []byte) error

SetPublicKey sets the public key and formats it according to the current format. The input key is expected to be in PEM format and will be reformatted if necessary.

type Sm2KeyPair added in v1.2.0 

type Sm2KeyPair struct {
	// PublicKey contains the PEM-encoded public key
	PublicKey []byte

	// PrivateKey contains the PEM-encoded private key
	PrivateKey []byte

	Order CipherOrder
	// Window controls internal SM2 fixed-base/wNAF window size (2..6).
	// 4 means use library default.
	Window int
}

Sm2KeyPair represents an SM2 key pair with public and private keys. Keys are handled in PKCS8 (for private) and PKIX (for public) PEM formats.

func NewSm2KeyPair added in v1.2.0 

func NewSm2KeyPair() *Sm2KeyPair

NewSm2KeyPair returns a new Sm2KeyPair with defaults (Order=C1C3C2, Window=4).

func (*Sm2KeyPair) CompressPrivateKey added in v1.2.0 

func (k *Sm2KeyPair) CompressPrivateKey(privateKey []byte) []byte

CompressPrivateKey strips headers/footers and whitespace from the PEM private key.

func (*Sm2KeyPair) CompressPublicKey added in v1.2.0 

func (k *Sm2KeyPair) CompressPublicKey(publicKey []byte) []byte

CompressPublicKey strips headers/footers and whitespace from the PEM public key.

func (*Sm2KeyPair) FormatPrivateKey added in v1.2.0 

func (k *Sm2KeyPair) FormatPrivateKey(privateKey []byte) ([]byte, error)

FormatPrivateKey formats base64-encoded der private key into the specified PEM format.

func (*Sm2KeyPair) FormatPublicKey added in v1.2.0 

func (k *Sm2KeyPair) FormatPublicKey(publicKey []byte) ([]byte, error)

FormatPublicKey formats base64-encoded der public key into the specified PEM format.

func (*Sm2KeyPair) GenKeyPair added in v1.2.0 

func (k *Sm2KeyPair) GenKeyPair() error

GenKeyPair generates a new SM2 key pair and fills PublicKey/PrivateKey. Private key is PKCS#8 (PEM "PRIVATE KEY"), public key is SPKI/PKIX (PEM "PUBLIC KEY").

func (*Sm2KeyPair) LoadPrivateKey added in v1.2.0 

func (k *Sm2KeyPair) LoadPrivateKey(f fs.File) error

LoadPrivateKey reads a PEM-encoded private key from a file.

func (*Sm2KeyPair) LoadPublicKey added in v1.2.0 

func (k *Sm2KeyPair) LoadPublicKey(f fs.File) error

LoadPublicKey reads a PEM-encoded public key from a file.

func (*Sm2KeyPair) ParsePrivateKey added in v1.2.0 

func (k *Sm2KeyPair) ParsePrivateKey() (*ecdsa.PrivateKey, error)

ParsePrivateKey parses the PEM-encoded private key and returns *sm2.PrivateKey.

func (*Sm2KeyPair) ParsePublicKey added in v1.2.0 

func (k *Sm2KeyPair) ParsePublicKey() (*ecdsa.PublicKey, error)

ParsePublicKey parses the PEM-encoded public key and returns *sm2.PublicKey.

func (*Sm2KeyPair) SetOrder added in v1.2.0 

func (k *Sm2KeyPair) SetOrder(order CipherOrder)

SetOrder sets ciphertext component order to C1C3C2 or C1C2C3. It affects how Encrypt assembles and Decrypt interprets ciphertext.

func (*Sm2KeyPair) SetPrivateKey added in v1.2.0 

func (k *Sm2KeyPair) SetPrivateKey(privateKey []byte) error

SetPrivateKey sets the private key after formatting to PEM. Accepts base64-encoded DER of PKCS#8 PrivateKeyInfo.

func (*Sm2KeyPair) SetPublicKey added in v1.2.0 

func (k *Sm2KeyPair) SetPublicKey(publicKey []byte) error

SetPublicKey sets the public key after formatting to PEM. Accepts base64-encoded DER of SubjectPublicKeyInfo.

func (*Sm2KeyPair) SetWindow added in v1.2.0 

func (k *Sm2KeyPair) SetWindow(window int)

SetWindow sets scalar-multiplication window (2..6). Values outside the range are clamped.

type UnsupportedPemTypeError added in v1.2.0 

type UnsupportedPemTypeError struct {
}

func (UnsupportedPemTypeError) Error added in v1.2.0 

func (e UnsupportedPemTypeError) Error() string

Error returns a formatted error message describing the unsupported padding mode. The message includes the mode name and explains why it's not supported.

Source Files

  • ed25519.go
  • errors.go
  • keypair.go
  • rsa.go
  • sm2.go

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.