Documentation
¶
Index ¶
Constants ¶
const A256GCM = "A256GCM"
A256GCM is the default content encryption algorithm value as per the JWA specification: https://tools.ietf.org/html/rfc7518#section-5.1
const A256KWAlg = "ECDH-ES+A256KW"
A256KWAlg is the ECDH-ES key wrapping algorithm
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ECDHESAEADCompositeDecrypt ¶
type ECDHESAEADCompositeDecrypt struct {
// contains filtered or unexported fields
}
ECDHESAEADCompositeDecrypt is an instance of ECDH-ES decryption with Concat KDF and AEAD content decryption
func NewECDHESAEADCompositeDecrypt ¶
func NewECDHESAEADCompositeDecrypt(pvt *hybrid.ECPrivateKey, ptFormat string, encHelper EncrypterHelper) (*ECDHESAEADCompositeDecrypt, error)
NewECDHESAEADCompositeDecrypt returns ECDH-ES composite decryption construct with Concat KDF/ECDH-ES key unwrapping and AEAD payload decryption.
type ECDHESAEADCompositeEncrypt ¶
type ECDHESAEADCompositeEncrypt struct {
// contains filtered or unexported fields
}
ECDHESAEADCompositeEncrypt is an instance of ECDH-ES encryption with Concat KDF and AEAD content encryption
func NewECDHESAEADCompositeEncrypt ¶
func NewECDHESAEADCompositeEncrypt(recipientsKeys []*hybrid.ECPublicKey, ptFormat string, encHelper EncrypterHelper) (*ECDHESAEADCompositeEncrypt, error)
NewECDHESAEADCompositeEncrypt returns ECDH-ES encryption construct with Concat KDF key wrapping and AEAD content encryption
type ECDHESConcatKDFRecipientKW ¶
type ECDHESConcatKDFRecipientKW struct {
// contains filtered or unexported fields
}
ECDHESConcatKDFRecipientKW represents concat KDF based ECDH-ES KW (key wrapping) for ECDH-ES recipient's unwrapping of CEK
type ECDHESConcatKDFSenderKW ¶
type ECDHESConcatKDFSenderKW struct {
// contains filtered or unexported fields
}
ECDHESConcatKDFSenderKW represents concat KDF based ECDH-ES KW (key wrapping) for ECDH-ES sender
type ECPublicKey ¶
type ECPublicKey struct {
X []byte `json:"X,omitempty"`
Y []byte `json:"Y,omitempty"`
Curve string `json:"curve,omitempty"`
}
ECPublicKey mainly to exchange EPK in RecipientWrappedKey
type EncryptedData ¶
type EncryptedData struct {
EncAlg string `json:"EncAlg,omitempty"`
Ciphertext []byte `json:"Ciphertext,omitempty"`
IV []byte `json:"IV,omitempty"`
Tag []byte `json:"Tag,omitempty"`
Recipients []*RecipientWrappedKey `json:"Recipients,omitempty"`
}
EncryptedData represents the Encryption's output data as a result of ECDHESEncrypt.Encrypt(pt, aad) call The user of the primitive must unmarshal the result and build their own ECDH-ES compliant message (ie JWE msg)
type EncrypterHelper ¶
type EncrypterHelper interface {
// GetSymmetricKeySize gives the size of the Encryption key (CEK) in bytes
GetSymmetricKeySize() int
// GetAEAD returns the newly created AEAD primitive used for the content Encryption
GetAEAD(symmetricKeyValue []byte) (tink.AEAD, error)
// GetTagSize provides the aead primitive tag size
GetTagSize() int
// GetIVSize provides the aead primitive nonce size
GetIVSize() int
}
EncrypterHelper is a helper for Content Encryption of composite ECDH-ES key wrapping + AEAD content encryption
type RecipientWrappedKey ¶
type RecipientWrappedKey struct {
EncryptedCEK []byte `json:"EncryptedCEK,omitempty"`
EPK ECPublicKey `json:"EPK,omitempty"`
Alg string `json:"Alg,omitempty"`
}
RecipientWrappedKey contains recipient key material required to unwrap CEK
Source Files