tinkcrypto

package

v0.1.5 Latest Latest Go to latest Published: Dec 8, 2020 License: Apache-2.0 Imports: 27 Imported by: 24

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/hyperledger/aries-framework-go

Links

Open Source Insights

Documentation ¶

Overview ¶

Package tinkcrypto provides the default implementation of the common pkg/common/api/crypto.Crypto interface and the SPI pkg/framework/aries.crypto interface

It uses github.com/tink/go crypto primitives

Constants ¶

View Source

const (
	// ECDHESA256KWAlg is the ECDH-ES with AES-GCM 256 key wrapping algorithm.
	ECDHESA256KWAlg = "ECDH-ES+A256KW"
	// ECDH1PUA256KWAlg is the ECDH-1PU with AES-GCM 256 key wrapping algorithm.
	ECDH1PUA256KWAlg = "ECDH-1PU+A256KW"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Crypto ¶

type Crypto struct {
	// contains filtered or unexported fields
}

Crypto is the default Crypto SPI implementation using Tink.

func New ¶

func New() (*Crypto, error)

New creates a new Crypto instance.

func (*Crypto) ComputeMAC ¶ added in v0.1.3

func (t *Crypto) ComputeMAC(data []byte, kh interface{}) ([]byte, error)

ComputeMAC computes message authentication code (MAC) for code data using a matching MAC primitive in kh key handle.

func (*Crypto) Decrypt ¶

func (t *Crypto) Decrypt(cipher, aad, nonce []byte, kh interface{}) ([]byte, error)

Decrypt will decrypt cipher using the implementation's corresponding encryption key referenced by kh of a private key.

func (*Crypto) Encrypt ¶

func (t *Crypto) Encrypt(msg, aad []byte, kh interface{}) ([]byte, []byte, error)

Encrypt will encrypt msg using the implementation's corresponding encryption key and primitive in kh of a public key.

func (*Crypto) Sign ¶

func (t *Crypto) Sign(msg []byte, kh interface{}) ([]byte, error)

Sign will sign msg using the implementation's corresponding signing key referenced by kh of a private key.

func (*Crypto) UnwrapKey ¶ added in v0.1.5

func (t *Crypto) UnwrapKey(recWK *cryptoapi.RecipientWrappedKey, kh interface{},
	wrapKeyOpts ...cryptoapi.WrapKeyOpts) ([]byte, error)

UnwrapKey unwraps a key in recWK using ECDH (ES or 1PU) with recipient private key kh. The optional 'wrapKeyOpts' specifies the sender kh for 1PU key unwrapping. Note, if the option was used in WrapKey(), then it must be set here as well for a successful unwrapping. This function is used with the following parameters:

Key Unwrapping: ECDH-ES (no options)/ECDH-1PU (using crypto.WithSender() option) over A256KW as per https://tools.ietf.org/html/rfc7518#appendix-A.2
KDF: Concat KDF as per https://tools.ietf.org/html/rfc7518#section-4.6

returns the resulting unwrapping key or error in case of unwrapping failure.

func (*Crypto) Verify ¶

func (t *Crypto) Verify(sig, msg []byte, kh interface{}) error

Verify will verify sig signature of msg using the implementation's corresponding signing key referenced by kh of a public key.

func (*Crypto) VerifyMAC ¶ added in v0.1.3

func (t *Crypto) VerifyMAC(macBytes, data []byte, kh interface{}) error

VerifyMAC determines if mac is a correct authentication code (MAC) for data using a matching MAC primitive in kh key handle and returns nil if so, otherwise it returns an error.

func (*Crypto) WrapKey ¶ added in v0.1.5

func (t *Crypto) WrapKey(cek, apu, apv []byte, recPubKey *cryptoapi.PublicKey,
	wrapKeyOpts ...cryptoapi.WrapKeyOpts) (*cryptoapi.RecipientWrappedKey, error)

WrapKey will do ECDH (ES or 1PU) key wrapping of cek using apu, apv and recipient public key 'recPubKey'. The optional 'wrapKeyOpts' specifies the sender kh for 1PU key wrapping. This function is used with the following parameters:

Key Wrapping: ECDH-ES (no options)/ECDH-1PU (using crypto.WithSender() option) over A256KW as per https://tools.ietf.org/html/rfc7518#appendix-A.2
KDF: Concat KDF as per https://tools.ietf.org/html/rfc7518#section-4.6

returns the resulting key wrapping info as *composite.RecipientWrappedKey or error in case of wrapping failure.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
primitive
composite
composite/api
composite/ecdh Package ecdh provides implementations of payload encryption using ECDH-ES/1PU KW key wrapping with AEAD primitives.	Package ecdh provides implementations of payload encryption using ECDH-ES/1PU KW key wrapping with AEAD primitives.
composite/ecdh/subtle
composite/keyio
proto/ecdh_aead_go_proto

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL