crypto

package

v0.2.1 Latest Latest Go to latest Published: Dec 19, 2023 License: BSD-3-Clause Imports: 20 Imported by: 1

Documentation ¶

Overview ¶

This package contains the implementation of all cryptographic utilities used by this client library.

Index ¶

Variables
func ConvertPublicKey(publicKey crypto.PublicKey) ([]byte, error)
func CreatePublicKeyHash(publicKey crypto.PublicKey) (string, error)
func CreatePublicKeyHashBin(publicKey []byte) (string, error)
func CreateReaderId(data []byte) (string, error)
func DecipherAESCBC(key, iv, encrypted []byte) ([]byte, int, error)
func DecipherJSON(key, iv, encrypted []byte) (string, error)
func DecryptRSAWithPrivate(privateKey *rsa.PrivateKey, encrypted []byte) ([]byte, error)
func DecryptWithPrivate(privateKey crypto.PrivateKey, encrypted []byte) ([]byte, error)
func LoadCertificate(certificateFile string) ([]*x509.Certificate, error)
func LoadCertificateWithKey(certificateFile string, keyFile string) (tls.Certificate, error)
func LoadCertificateWithKeyFromPKCS12(file string, password string) (tls.Certificate, error)
func LoadPrivateKey(keyFile string) (crypto.PrivateKey, error)
func ParseCertificate(bytes []byte) ([]*x509.Certificate, error)
func ParseCertificateWithKeyFromPKCS12(bytes []byte, password string) (tls.Certificate, error)
func ParsePrivateKey(bytes []byte) (crypto.PrivateKey, error)
func RemoveISO10126Padding(blockSize int, plain []byte) ([]byte, error)
func RemoveZeroPadding(plain []byte) []byte
type ReaderKey
- func NewReaderKey(publicKey crypto.PublicKey, privateKey crypto.PrivateKey) (ReaderKey, error)
- func NewReaderKeyFromPrivateKey(privateKey crypto.PrivateKey) (ReaderKey, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// The private key is invalid.
	ErrInvalidPrivateKey = fmt.Errorf("invalid private key")
	// The public key is invalid.
	ErrInvalidPublicKey = fmt.Errorf("invalid public key")
	// The size of the IV is invalid.
	ErrInvalidBlockCipherIv = fmt.Errorf("invalid block size IV")
	// The encrypted message is invalid.
	ErrInvalidEncryptedMessage = fmt.Errorf("invalid encrypted message")
	// The message padding is invalid.
	ErrInvalidPadding = fmt.Errorf("invalid message padding")
	// Invalid certificate file.
	ErrInvalidCertificateFile = fmt.Errorf("invalid cetificate file")
)

View Source

var PUBLIC_KEY_HEADER = []byte("PubKey!")

Header of the public key.

Functions ¶

func ConvertPublicKey ¶

func ConvertPublicKey(publicKey crypto.PublicKey) ([]byte, error)

Converts the given public key into a format suitable for use with IL2 API.

func CreatePublicKeyHash ¶

func CreatePublicKeyHash(publicKey crypto.PublicKey) (string, error)

Computes the public key hash according to the IL2 standard.

func CreatePublicKeyHashBin ¶

func CreatePublicKeyHashBin(publicKey []byte) (string, error)

Computes the public key hash according to the IL2 standard.

func CreateReaderId ¶

func CreateReaderId(data []byte) (string, error)

Creates a probably unique ReaderId from a string of bytes. It may be a key, the certificate payload or even a random value.

Example ¶

// Load the certificate with keys
cert, err := LoadCertificateWithKey("certs.pem", "key.pem")
if err != nil {
	os.Exit(0)
}
// Compute the ID from the certificate bytes.
id, err := CreateReaderId(cert.Certificate[0])
if err != nil {
	os.Exit(0)
}
fmt.Println(id)

// Load the certificate
certs, err := LoadCertificate("certs.pem")
if err != nil {
	os.Exit(0)
}
// Compute the ID from the certificate bytes.
id, err = CreateReaderId(certs[0].Raw)
if err != nil {
	os.Exit(0)
}
fmt.Println(id)

func DecipherAESCBC ¶

func DecipherAESCBC(key, iv, encrypted []byte) ([]byte, int, error)

Decipher the specified block using the specified key and IV.

func DecipherJSON ¶

func DecipherJSON(key, iv, encrypted []byte) (string, error)

Decipher the specified block using the specified key and IV.

func DecryptRSAWithPrivate ¶

func DecryptRSAWithPrivate(privateKey *rsa.PrivateKey, encrypted []byte) ([]byte, error)

Deciphers the message using the specified private key.

func DecryptWithPrivate ¶

func DecryptWithPrivate(privateKey crypto.PrivateKey, encrypted []byte) ([]byte, error)

Deciphers the message using the specified private key.

func LoadCertificate ¶

func LoadCertificate(certificateFile string) ([]*x509.Certificate, error)

Loads all certificates inside the specified file and returns them as a list. The certificates must be in PEM format.

It fails if there is no certificates to load or if one of them is invalid.

func LoadCertificateWithKey ¶

func LoadCertificateWithKey(certificateFile string, keyFile string) (tls.Certificate, error)

Loads a certificate with its private key. Both the certificate and the key must be in PEM format.

func LoadCertificateWithKeyFromPKCS12 ¶ added in v0.2.0

func LoadCertificateWithKeyFromPKCS12(file string, password string) (tls.Certificate, error)

Loads a certificate with its private key from a PKCS #12 file.

func LoadPrivateKey ¶

func LoadPrivateKey(keyFile string) (crypto.PrivateKey, error)

Loads the private key from a PEM file. It can load RSA, ECDSA and EdDSA keys.

func ParseCertificate ¶ added in v0.2.0

func ParseCertificate(bytes []byte) ([]*x509.Certificate, error)

Parses all certificates inside the specified file and returns them as a list. The certificates must be in PEM format.

It fails if there is no certificates to load or if one of them is invalid.

func ParseCertificateWithKeyFromPKCS12 ¶ added in v0.2.0

func ParseCertificateWithKeyFromPKCS12(bytes []byte, password string) (tls.Certificate, error)

Parses a certificate with its private key from a PKCS #12 file.

func ParsePrivateKey ¶ added in v0.2.0

func ParsePrivateKey(bytes []byte) (crypto.PrivateKey, error)

Parses the private key from a PEM file. It can load RSA, ECDSA and EdDSA keys.

func RemoveISO10126Padding ¶

func RemoveISO10126Padding(blockSize int, plain []byte) ([]byte, error)

Remove the ISO 10126 padding and return a subslice of plain that contains the actual data. Due to the way this padding works, it can also removes the PKCS#5, PKCS#7 and ANSI X9.23 padding as they are special cases of ISO 10126 padding.

func RemoveZeroPadding ¶

func RemoveZeroPadding(plain []byte) []byte

Remove the padding zero padding and return a subslice of plain that contains the actual data.

Types ¶

type ReaderKey ¶

type ReaderKey interface {
	/*
		Returns the public key hash of this key.
	*/
	PublicKeyHash() string
	/*
		Returns the public key.
	*/
	PublicKey() crypto.PublicKey
	/*
		Returns the encoded public key suitable to be sent to the node.

		It returns the encoded key and a reader key id derived from the public key.
	*/
	EncodedPublicKey() (string, string, error)
	/*
		Unwraps the given wrapped value with the specified private key.
	*/
	Unwrap(enc []byte) ([]byte, error)
	/*
		Returns true if the private key is present.
	*/
	HasPrivateKey() bool
}

This is the interface of all reader key. Reader keys are used to decipher some types of payloads stored inside IL2 blocks.

func NewReaderKey ¶

func NewReaderKey(publicKey crypto.PublicKey, privateKey crypto.PrivateKey) (ReaderKey, error)

Creates a new ReaderKey from a public and private key.

func NewReaderKeyFromPrivateKey ¶

func NewReaderKeyFromPrivateKey(privateKey crypto.PrivateKey) (ReaderKey, error)

Helper function that attempts to create a new ReaderKey from the private key. It will succeed only if the private key format is known to this function.

For now, only RSA keys are supported.

Example ¶

pair, err := LoadCertificateWithKey("cert.pem", "key.pem")
if err != nil {
	fmt.Printf("Unable to load the key pair: %v\n", err.Error())
	os.Exit(1)
}
rk, err := NewReaderKeyFromPrivateKey(pair.PrivateKey)
if err != nil {
	fmt.Printf("Unable create the ReaderKey: %v\n", err.Error())
	os.Exit(1)
}
fmt.Printf("The public key hash is: %s\n", rk.PublicKeyHash())

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL