crypto

package
v1.1.22 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 19, 2026 License: MIT Imports: 15 Imported by: 1

Documentation

Index

Constants

View Source 
const (
	// MLDSA87SignatureSize ML-DSA-87 裸签名长度(字节)。
	MLDSA87SignatureSize = fmldsa.MLDSA87SignatureSize
	// MLDSA87PublicKeySize ML-DSA-87 公钥编码长度(字节)。
	MLDSA87PublicKeySize = fmldsa.MLDSA87PublicKeySize
	// MLDSA87PrivateKeySeedSize ML-DSA-87 私钥种子长度(字节)。
	MLDSA87PrivateKeySeedSize = fmldsa.PrivateKeySize

	// MLKEM1024EncapsulationKeySize ML-KEM-1024 封装公钥长度(字节)。
	MLKEM1024EncapsulationKeySize = 1568
	// MLKEM1024CiphertextSize ML-KEM-1024 KEM 密文长度(字节)。
	MLKEM1024CiphertextSize = 1568
	// MLKEM1024DecapsulationKeySize ML-KEM-1024 解封装私钥种子长度(字节)。
	MLKEM1024DecapsulationKeySize = 64
)

Variables

This section is empty.

Functions

func CheckOuterSignatureB64Valid added in v1.1.22 

func CheckOuterSignatureB64Valid(b64 string) bool

CheckOuterSignatureB64Valid 校验 JsonBody.Valid / JsonResp.Valid 外层签名 Base64 长度(ML-DSA-87)。

func CheckRPCXSignatureValid added in v1.1.22 

func CheckRPCXSignatureValid(sig []byte) bool

CheckRPCXSignatureValid 校验 RPCX protobuf 字段 e 的 ML-DSA-87 裸签名长度。

func DecapsulatePeerCiphertext added in v1.1.22 

func DecapsulatePeerCiphertext(dkB64, kemCtB64 string) ([]byte, error)

DecapsulatePeerCiphertext 服务端用缓存的解封装私钥从客户端 KEM 密文恢复共享秘密。

func EncapsulateToPeer added in v1.1.22 

func EncapsulateToPeer(serverEncapKeyB64 string) (sharedKey, kemCtB64 string, err error)

EncapsulateToPeer 向服务端封装密钥(Plan2 /key 之后客户端调用):返回共享秘密与 KEM 密文。

func LabelSeedSHA256 added in v1.1.22 

func LabelSeedSHA256(label string) []byte

LabelSeedSHA256 将标签转为 32 字节种子(测试夹具用)。

func MLDSA87SignatureB64Len added in v1.1.22 

func MLDSA87SignatureB64Len() int

MLDSA87SignatureB64Len 标准 Base64 编码后的 ML-DSA-87 签名长度(无换行)。

func MLKEM1024CiphertextB64Len added in v1.1.22 

func MLKEM1024CiphertextB64Len() int

MLKEM1024CiphertextB64Len KEM 密文 Base64 长度。

func MLKEM1024EncapsulationKeyB64Len added in v1.1.22 

func MLKEM1024EncapsulationKeyB64Len() int

MLKEM1024EncapsulationKeyB64Len 封装公钥 Base64 长度。

func MaxPlan2AuthorizationB64Len added in v1.1.22 

func MaxPlan2AuthorizationB64Len() int

MaxPlan2AuthorizationB64Len Authorization 头中 base64(PublicKey JSON) 的最大长度。

func MaxPublicKeyJSONLen added in v1.1.22 

func MaxPublicKeyJSONLen() int

MaxPublicKeyJSONLen Plan2 PublicKey JSON 最大长度(key + tag + sig + noc 等)。

func MinFasthttpReadBufferSize added in v1.1.22 

func MinFasthttpReadBufferSize() int

MinFasthttpReadBufferSize fasthttp 单连接读缓冲下限(默认 4096 无法容纳 Plan2 Authorization)。 含 Authorization 与其它常规请求头余量。

func PeerMLDSA87PublicKeyB64FromSeed added in v1.1.22 

func PeerMLDSA87PublicKeyB64FromSeed(seed []byte) (string, error)

PeerMLDSA87PublicKeyB64FromSeed 由种子派生本端密钥对并返回本端公钥 Base64。

func PrintMLDSA87Base64 added in v1.1.22 

func PrintMLDSA87Base64()

PrintMLDSA87Base64 本地快速打印一对 Base64 ML-DSA-87 密钥(调试用)。

Types

type Cipher 

type Cipher interface {
	GetPrivateKey() (interface{}, string)
	GetPublicKey() (interface{}, string)
	Encrypt(msg, aad []byte) (string, error)
	Decrypt(msg string, aad []byte) ([]byte, error)
	Sign(msg []byte) ([]byte, error)
	Verify(msg, sign []byte) error
}

type MLDSA87Object added in v1.1.22 

type MLDSA87Object struct {
	PrivateKeyBase64 string
	PublicKeyBase64  string
	// contains filtered or unexported fields
}

MLDSA87Object 双向身份:Sign 用本端 ML-DSA-87 私钥,Verify 用对端公钥。

func CreateMLDSA87WithBase64 added in v1.1.22 

func CreateMLDSA87WithBase64(prkB64, peerPubB64 string) (*MLDSA87Object, error)

CreateMLDSA87WithBase64 按「本端私钥 + 对端公钥」加载身份(Sign/Verify)。

func CreateMLDSA87WithSeed added in v1.1.22 

func CreateMLDSA87WithSeed(seed []byte, peerPubB64 string) (*MLDSA87Object, error)

CreateMLDSA87WithSeed 从 32 字节种子确定性加载私钥并派生对端公钥(测试/主种子派生场景)。

func (*MLDSA87Object) CreateMLDSA87 added in v1.1.22 

func (self *MLDSA87Object) CreateMLDSA87() error

func (*MLDSA87Object) Decrypt added in v1.1.22 

func (self *MLDSA87Object) Decrypt(msg string, aad []byte) ([]byte, error)

func (*MLDSA87Object) Encrypt added in v1.1.22 

func (self *MLDSA87Object) Encrypt(msg, aad []byte) (string, error)

func (*MLDSA87Object) GetPrivateKey added in v1.1.22 

func (self *MLDSA87Object) GetPrivateKey() (interface{}, string)

func (*MLDSA87Object) GetPublicKey added in v1.1.22 

func (self *MLDSA87Object) GetPublicKey() (interface{}, string)

func (*MLDSA87Object) LoadMLDSA87FromBase64 added in v1.1.22 

func (self *MLDSA87Object) LoadMLDSA87FromBase64(b64 string) error

func (*MLDSA87Object) Sign added in v1.1.22 

func (self *MLDSA87Object) Sign(msg []byte) ([]byte, error)

func (*MLDSA87Object) Verify added in v1.1.22 

func (self *MLDSA87Object) Verify(msg, sign []byte) error

type MLKEM1024Object added in v1.1.22 

type MLKEM1024Object struct {
	PrivateKeyBase64 string
	PublicKeyBase64  string
	// contains filtered or unexported fields
}

MLKEM1024Object Plan2 / 匿名通道:对端封装公钥 + 本端解封装私钥,Encrypt/Decrypt 走 ecc.EncryptMLKEM1024。

func (*MLKEM1024Object) CreateMLKEM1024 added in v1.1.22 

func (self *MLKEM1024Object) CreateMLKEM1024() error

func (*MLKEM1024Object) Decrypt added in v1.1.22 

func (self *MLKEM1024Object) Decrypt(msg string, aad []byte) ([]byte, error)

func (*MLKEM1024Object) Encrypt added in v1.1.22 

func (self *MLKEM1024Object) Encrypt(msg, aad []byte) (string, error)

func (*MLKEM1024Object) GetPrivateKey added in v1.1.22 

func (self *MLKEM1024Object) GetPrivateKey() (interface{}, string)

func (*MLKEM1024Object) GetPublicKey added in v1.1.22 

func (self *MLKEM1024Object) GetPublicKey() (interface{}, string)

func (*MLKEM1024Object) LoadMLKEM1024DecapsulationFromBase64 added in v1.1.22 

func (self *MLKEM1024Object) LoadMLKEM1024DecapsulationFromBase64(b64 string) error

func (*MLKEM1024Object) SetPeerEncapsulationKeyForEncrypt added in v1.1.22 

func (self *MLKEM1024Object) SetPeerEncapsulationKeyForEncrypt(peerEncapKey []byte)

SetPeerEncapsulationKeyForEncrypt 设置接收方 ML-KEM 封装公钥(1568 字节);Encrypt 前必须调用。

func (*MLKEM1024Object) Sign added in v1.1.22 

func (self *MLKEM1024Object) Sign(msg []byte) ([]byte, error)

func (*MLKEM1024Object) Verify added in v1.1.22 

func (self *MLKEM1024Object) Verify(msg, sign []byte) error

type RsaObj 

type RsaObj struct {
	// 16字节string字段组
	PrivateKeyBase64 string
	PublicKeyBase64  string
	// contains filtered or unexported fields
}

func (*RsaObj) CreateRsa1024 

func (self *RsaObj) CreateRsa1024() error

func (*RsaObj) CreateRsa2048 

func (self *RsaObj) CreateRsa2048() error

func (*RsaObj) CreateRsaFile 

func (self *RsaObj) CreateRsaFile(keyfile, pemfile string) error

func (*RsaObj) CreateRsaFileBase64 

func (self *RsaObj) CreateRsaFileBase64(b ...int) error

func (*RsaObj) CreateRsaPemFile 

func (self *RsaObj) CreateRsaPemFile(pemfile string) error

func (*RsaObj) Decrypt 

func (self *RsaObj) Decrypt(msg string, aad []byte) ([]byte, error)

func (*RsaObj) Encrypt 

func (self *RsaObj) Encrypt(msg, aad []byte) (string, error)

func (*RsaObj) GetPrivateKey 

func (self *RsaObj) GetPrivateKey() (interface{}, string)

func (*RsaObj) GetPublicKey 

func (self *RsaObj) GetPublicKey() (interface{}, string)

func (*RsaObj) LoadRsaFile 

func (self *RsaObj) LoadRsaFile(filePath string) error

func (*RsaObj) LoadRsaKeyFileBase64 

func (self *RsaObj) LoadRsaKeyFileBase64(fileBase64 string) error

func (*RsaObj) LoadRsaPemFile 

func (self *RsaObj) LoadRsaPemFile(filePath string) error

func (*RsaObj) LoadRsaPemFileBase64 

func (self *RsaObj) LoadRsaPemFileBase64(fileBase64 string) error

func (*RsaObj) Sign 

func (self *RsaObj) Sign(msg []byte) ([]byte, error)

func (*RsaObj) Verify 

func (self *RsaObj) Verify(msg, sign []byte) error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.