README
¶
Crypto
Crypto Service Provider interface in go.
Table of Contents
Mockgen
Install mockgen : go get github.com/golang/mock/mockgen
How to use?
- source: 指定接口文件
- destination: 生成的文件名
- package:生成文件的包名
- imports: 依赖的需要import的包
- aux_files:接口文件不止一个文件时附加文件
- build_flags: 传递给build工具的参数
Eg.mockgen -destination mock/mock_crypto.go -package crypto -source crypto.go
Eg.mockgen -destination mock/mock_engine.go -package crypto -source engine.go
GitCZ
Note: Please use command npm install if you are the first time to use git cz in this repo.
Contribute
PRs are welcome!
Small note: If editing the Readme, please conform to the standard-readme specification.
License
This project is currently under Apache 2.0 license. See the LICENSE file for details
Documentation
¶
Index ¶
- Constants
- Variables
- func ErrDevice(msg string) error
- func ErrIndexMissing(index []byte) error
- type Cryptor
- type DecKey
- type Decryptor
- type EncKey
- type Encryptor
- type Engine
- type FlagReader
- type Hasher
- type Key
- type Level
- type PluginCreateDecKeyFunc
- type PluginCreateSignFunc
- type PluginCryptFunc
- type PluginDecKeyFunc
- type PluginEncKeyFunc
- type PluginHashFunc
- type PluginRandomFunc
- type PluginSignFunc
- type PluginVerifyFunc
- type PrivateKey
- type PublicKey
- type SecretKey
- type SignKey
- type Signer
- type Verifier
- type VerifyKey
Constants ¶
View Source
const ( //Hash message digest algorithm Hash = 0 //Asymmetric asymmetric encryption algorithm Asymmetric = 8 //Symmetrical symmetric encryption algorithm Symmetrical = 16 )
View Source
const ( //None unknown algorithm type, type information is hidden in the content, for example PKCS8 None = 0x0 //Hash FakeHash = 0x00 << Hash SHA1 = 0x10 << Hash SHA2 = 0x20 << Hash SHA3 = 0x30 << Hash KECCAK = 0x40 << Hash SM3 = 0x50 << Hash Sm3WithPublicKey = 0x60 << Hash //with default SM2 userID: 1234567812345678 Size224 = 0x01 << Hash Size256 = 0x00 << Hash Size384 = 0x02 << Hash Size512 = 0x03 << Hash SHA2_224 = SHA2 | Size224 SHA2_256 = SHA2 | Size256 SHA2_384 = SHA2 | Size384 SHA2_512 = SHA2 | Size512 SHA3_224 = SHA3 | Size224 SHA3_256 = SHA3 | Size256 SHA3_384 = SHA3 | Size384 SHA3_512 = SHA3 | Size512 KECCAK_224 = KECCAK | Size224 KECCAK_256 = KECCAK | Size256 KECCAK_384 = KECCAK | Size384 KECCAK_512 = KECCAK | Size512 //Asymmetric Algo Sm2p256v1 = 0x01 << Asymmetric Secp256k1 = 0x02 << Asymmetric Secp256r1 = 0x03 << Asymmetric Secp384r1 = 0x04 << Asymmetric Secp521r1 = 0x05 << Asymmetric Secp256k1Recover = 0x06 << Asymmetric Rsa2048 = 0x10 << Asymmetric Rsa3072 = 0x11 << Asymmetric Rsa4096 = 0x12 << Asymmetric Ed25519 = 0x20 << Asymmetric //Symmetrical Algo for Encrypt and Decrypt Sm4 = 0x01 << Symmetrical Aes = 0x02 << Symmetrical Des3 = 0x03 << Symmetrical TEE = 0x04 << Symmetrical CBC = 0x10 << Symmetrical ECB = 0x20 << Symmetrical GCM = 0x30 << Symmetrical )
algorithm identifier const value table
Variables ¶
View Source
var ErrNotSupport = fmt.Errorf("engine: this algo is not support")
ErrNotSupport this algo is not support
Functions ¶
Types ¶
type Decryptor ¶
type Decryptor interface {
// Decrypt decrypts ciphertext using key k.
Decrypt(k, cipherText []byte) (plaintext []byte, err error)
}
Decryptor is a interface that provides decryption algorithms
type EncKey ¶
type EncKey interface {
GetKeyInfo() int
Encrypt(msg []byte, reader io.Reader) ([]byte, error)
//for more information, see comment of VerifyKey.Bytes
Bytes() []byte
}
EncKey public key which can encrypt
type Encryptor ¶
type Encryptor interface {
// Encrypt encrypts plaintext using key k.
Encrypt(k, plaintext []byte, reader io.Reader) (cipherText []byte, err error)
}
Encryptor is a interface that provides encryption algorithms
type Engine ¶
type Engine interface {
PluginRandomFunc
PluginHashFunc
PluginCryptFunc
PluginVerifyFunc
PluginSignFunc
PluginCreateSignFunc
PluginEncKeyFunc
PluginDecKeyFunc
PluginCreateDecKeyFunc
SetAlgo([]byte) error
GetDefaultAlgo() (int, int)
}
Engine crypto engine
type FlagReader ¶
FlagReader reader use as flag
type Hasher ¶
type Hasher interface {
hash.Hash
// Hash hashes messages msg.
Hash(msg []byte) (hash []byte, err error)
// BachHash If you need to hash a series of bytes slices, calling BachHash can reduce one copy. BenchHash implies a loop.
// example: a,b,c,d are four big byte slice
// BenchHash([][]bytes{a,b,c,d}) faster than Hash(bytes.Join([][]bytes{a,b,c,d},nil))
// It reduce one join(...). Join implies one copy.
BatchHash(msg [][]byte) (hash []byte, err error)
}
Hasher is a interface that provides hash algorithms
type Key ¶
type Key interface {
// Bytes converts this key to its byte representation,
// if this operation is allowed.
Bytes() ([]byte, error)
//FromBytes It's revert method to Bytes()
//K is a byte that needs to be parsed, and the meaning of opt depend on Keys, for example, it's maybe an algorithm type. If the parsing fails, return empty Key or nil.
FromBytes(k []byte, opt int) error
}
Key represents a cryptographic key
type PluginCreateDecKeyFunc ¶
type PluginCreateDecKeyFunc interface {
Level
//generate a DecKey, and return index or key in raw form
//if persistent is true, key should be persistent and return index
// or persistent is false, key should be persistent and output should in raw form
CreateDecKey(persistent bool, mode int) (index []byte, k DecKey, err error)
}
PluginCreateDecKeyFunc create decryption function
type PluginCreateSignFunc ¶
type PluginCreateSignFunc interface {
Level
//generate a SignKey, and return index or key in raw form
//if persistent is true, key should be persistent and return index
// or persistent is false, key should be persistent and output should in raw form
CreateSignKey(persistent bool, mode int) (index []byte, k SignKey, err error)
}
PluginCreateSignFunc create SignKey
type PluginCryptFunc ¶
PluginCryptFunc symmetric encryption and decryption function
type PluginDecKeyFunc ¶
type PluginDecKeyFunc interface {
Level
//enter index or raw privat key to generate a DecKey, key will not be persistent
// a raw private key is a big integer
GetDecKey(key []byte, mode int) (DecKey, error)
//enter raw private key, return index, key should be persistent
ImportDecKey(key []byte, mode int) (index []byte, err error)
}
PluginDecKeyFunc asymmetric decryption function
type PluginEncKeyFunc ¶
type PluginEncKeyFunc interface {
Level
//enter a raw publicKey and mod, return a VerifyKey
//see GetVerifyKey's comment for the meaning of a raw publicKey
GetEncKey(key []byte, mode int) (EncKey, error)
}
PluginEncKeyFunc asymmetric encryption function
type PluginHashFunc ¶
PluginHashFunc hash function
type PluginRandomFunc ¶
PluginRandomFunc random function
type PluginSignFunc ¶
type PluginSignFunc interface {
Level
//enter index or raw privat key to generate a SignKey, key will not be persistent
// a raw private key is a big integer
GetSignKey(key []byte, mode int) (SignKey, error)
//enter raw private key, return index, key should be persistent
ImportSignKey(key []byte, mode int) (index []byte, err error)
}
PluginSignFunc sign function
type PluginVerifyFunc ¶
type PluginVerifyFunc interface {
Level
//enter a raw publicKey and mod, return a VerifyKey
//a raw publicKey means:
// 1) for sm2, key is 65bytes and in 0x04||X||Y form, see GMT0009-2012 7.1
// http://www.gmbz.org.cn/main/viewfile/2018011001400692565.html may help
// 2) for ecdsa, key is in 0x04||X||Y. The length depends on the curve, for example,
// 65 bytes for secp256k1 and 133 for secp521r1, see 2.3.3 in [SEC1] uncompressed form.
// https://www.rfc-editor.org/rfc/rfc5480.txt may help
// 3) for rsa, key is in PKCS#1 form, see RFC2313 RSAPublicKey
// RSAPublicKey ::= SEQUENCE {
// modulus INTEGER, -- n
// publicExponent INTEGER -- e }
// https://www.rfc-editor.org/rfc/rfc2313.txt may help
GetVerifyKey(key []byte, mode int) (VerifyKey, error)
}
PluginVerifyFunc verify function
type PrivateKey ¶
PrivateKey represents the private key, able to sign and decrypt
type SecretKey ¶
type SecretKey interface {
Encrypt(src []byte, reader io.Reader) []byte
Decrypt(src []byte) []byte
Destroy()
}
SecretKey sym
type SignKey ¶
type SignKey interface {
VerifyKey
Sign(msg []byte, hasher hash.Hash, rand io.Reader) ([]byte, error)
Destroy()
}
SignKey private key which can sign
type Verifier ¶
type Verifier interface {
Key
// Verify verifies signature against key k and digest
Verify(k, signature, digest []byte) (valid bool, err error)
}
Verifier is a interface that provides verifying algorithms
type VerifyKey ¶
type VerifyKey interface {
GetKeyInfo() int
Verify(msg []byte, hasher hash.Hash, sig []byte) bool
//return a raw
//sm2: SM2PublicKey::=BIT STRING, 04||X||Y, 65 Bytes, GMT0009-2012 7.1
//ecdsa: PublicKeyBytes in PKIX publicKey
//rsa: asn1{N, e}
//for more information, see GetVerifyKey's comment
Bytes() []byte
}
VerifyKey public key which can verify
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.