Documentation
¶
Index ¶
Constants ¶
const ( // ProviderMSPlatform represents the Microsoft Platform Crypto Provider ProviderMSPlatform = "Microsoft Platform Crypto Provider" // ProviderMSSoftware represents the Microsoft Software Key Storage Provider ProviderMSSoftware = "Microsoft Software Key Storage Provider" // ProviderMSLegacy represents the CryptoAPI compatible Enhanced Cryptographic Provider ProviderMSLegacy = "Microsoft Enhanced Cryptographic Provider v1.0" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Credential ¶
type Credential interface {
// Public returns the public key corresponding to the leaf certificate.
Public() crypto.PublicKey
// Sign signs digest with the private key.
Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) (signature []byte, err error)
// Decrypt decrypts msg. Returns an error if not implemented.
Decrypt(rand io.Reader, msg []byte, opts crypto.DecrypterOpts) (plaintext []byte, err error)
}
Credential provides access to a certificate and is a crypto.Signer and crypto.Decrypter.
type DecrypterOpts ¶
type DecrypterOpts struct {
// Hashfunc represents the hashing function that was used during
// encryption and is mapped to the Microsoft equivalent LPCWSTR.
Hashfunc crypto.Hash
// Flags represents the dwFlags parameter for NCryptDecrypt
Flags uint32
}
DecrypterOpts implements crypto.DecrypterOpts and contains the flags required for the NCryptDecrypt system call.
type Key ¶
type Key struct {
Container string
LegacyContainer string
AlgorithmGroup string
// contains filtered or unexported fields
}
Key implements crypto.Signer and crypto.Decrypter for key based operations.
func (Key) Decrypt ¶
Decrypt returns the decrypted contents of the encrypted blob, and implements crypto.Decrypter for Key.
type WinCertStore ¶
WinCertStore is a CertStorage implementation for the Windows Certificate Store.
func OpenWinCertStore ¶
func OpenWinCertStore(provider, container string, issuers, intermediateIssuers []string, legacyKey, openStoreWithHandle bool) (*WinCertStore, error)
OpenWinCertStore creates a WinCertStore. when using openStoreWithHandle with handle, it is the responsbility of the caller to call Cstore.Close from the returned object
func (*WinCertStore) CertBySubjectName ¶
func (w *WinCertStore) CertBySubjectName(subjectName string) (*x509.Certificate, *windows.CertContext, error)
cert is a function to lookup certificates based on a subject name.
func (*WinCertStore) CertKey ¶
func (w *WinCertStore) CertKey(cert *windows.CertContext) (*Key, error)
CertKey wraps CryptAcquireCertificatePrivateKey. It obtains the CNG private key of a known certificate and returns a pointer to a Key which implements both crypto.Signer and crypto.Decrypter. When a nil cert context is passed a nil key is intentionally returned, to model the expected behavior of a non-existent cert having no private key. https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptacquirecertificateprivatekey
func (*WinCertStore) Key ¶
func (w *WinCertStore) Key() (Credential, error)
Key opens a handle to an existing private key and returns key. Key implements both crypto.Signer and crypto.Decrypter
Source Files