Documentation
¶
Index ¶
- type BCCSPEncrypterEntity
- type BCCSPEncrypterSignerEntity
- type BCCSPEntity
- type BCCSPSignerEntity
- func NewECDSASignerEntity(ID string, b bccsp.BCCSP, signKeyBytes []byte) (*BCCSPSignerEntity, error)
- func NewECDSAVerifierEntity(ID string, b bccsp.BCCSP, signKeyBytes []byte) (*BCCSPSignerEntity, error)
- func NewSignerEntity(ID string, bccsp bccsp.BCCSP, sKey bccsp.Key, sOpts bccsp.SignerOpts, ...) (*BCCSPSignerEntity, error)
- type Encrypter
- type EncrypterEntity
- type EncrypterSignerEntity
- type Entity
- type SignedMessage
- type Signer
- type SignerEntity
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type BCCSPEncrypterEntity ¶ added in v1.2.0
type BCCSPEncrypterEntity struct {
BCCSPEntity
EKey bccsp.Key
EOpts bccsp.EncrypterOpts
DOpts bccsp.DecrypterOpts
}
BCCSPEncrypterEntity is an implementation of the EncrypterEntity interface
func NewAES256EncrypterEntity ¶
func NewAES256EncrypterEntity(ID string, b bccsp.BCCSP, key, IV []byte) (*BCCSPEncrypterEntity, error)
NewAES256EncrypterEntity returns an encrypter entity that is capable of performing AES 256 bit encryption using PKCS#7 padding. Optionally, the IV can be provided in which case it is used during the encryption; othjerwise, a random one is generated.
func NewEncrypterEntity ¶
func NewEncrypterEntity(ID string, bccsp bccsp.BCCSP, eKey bccsp.Key, eOpts bccsp.EncrypterOpts, dOpts bccsp.DecrypterOpts) (*BCCSPEncrypterEntity, error)
NewEncrypterEntity returns an EncrypterEntity that is capable of performing encryption using i) the supplied BCCSP instance; ii) the supplied encryption key and iii) the supplied encryption and decryption options. The identifier of the entity is supplied as an argument as well - it's the caller's responsibility to choose it in a way that it is meaningful
func (*BCCSPEncrypterEntity) Decrypt ¶ added in v1.2.0
func (e *BCCSPEncrypterEntity) Decrypt(ciphertext []byte) ([]byte, error)
func (*BCCSPEncrypterEntity) Encrypt ¶ added in v1.2.0
func (e *BCCSPEncrypterEntity) Encrypt(plaintext []byte) ([]byte, error)
func (*BCCSPEncrypterEntity) Equals ¶ added in v1.2.0
func (this *BCCSPEncrypterEntity) Equals(e Entity) bool
func (*BCCSPEncrypterEntity) Public ¶ added in v1.2.0
func (pe *BCCSPEncrypterEntity) Public() (Entity, error)
type BCCSPEncrypterSignerEntity ¶ added in v1.2.0
type BCCSPEncrypterSignerEntity struct {
BCCSPEncrypterEntity
BCCSPSignerEntity
}
BCCSPEncrypterSignerEntity is an implementation of the EncrypterSignerEntity interface
func NewAES256EncrypterECDSASignerEntity ¶
func NewAES256EncrypterECDSASignerEntity(ID string, b bccsp.BCCSP, encKeyBytes, signKeyBytes []byte) (*BCCSPEncrypterSignerEntity, error)
NewAES256EncrypterECDSASignerEntity returns an encrypter entity that is capable of performing AES 256 bit encryption using PKCS#7 padding and signing using ECDSA
func NewEncrypterSignerEntity ¶
func NewEncrypterSignerEntity(ID string, bccsp bccsp.BCCSP, eKey, sKey bccsp.Key, eOpts bccsp.EncrypterOpts, dOpts bccsp.DecrypterOpts, sOpts bccsp.SignerOpts, hOpts bccsp.HashOpts) (*BCCSPEncrypterSignerEntity, error)
NewEncrypterSignerEntity returns an EncrypterSignerEntity (which is also an EncrypterEntity) that is capable of performing encryption AND of generating signatures using i) the supplied BCCSP instance; ii) the supplied encryption and signing keys and iii) the supplied encryption, decryption, signing and hashing options. The identifier of the entity is supplied as an argument as well - it's the caller's responsibility to choose it in a way that it is meaningful
func (*BCCSPEncrypterSignerEntity) Equals ¶ added in v1.2.0
func (this *BCCSPEncrypterSignerEntity) Equals(e Entity) bool
func (*BCCSPEncrypterSignerEntity) ID ¶ added in v1.2.0
func (e *BCCSPEncrypterSignerEntity) ID() string
func (*BCCSPEncrypterSignerEntity) Public ¶ added in v1.2.0
func (pe *BCCSPEncrypterSignerEntity) Public() (Entity, error)
type BCCSPEntity ¶ added in v1.2.0
BCCSPEntity is an implementation of the Entity interface holding a BCCSP instance
func (*BCCSPEntity) ID ¶ added in v1.2.0
func (e *BCCSPEntity) ID() string
type BCCSPSignerEntity ¶ added in v1.2.0
type BCCSPSignerEntity struct {
BCCSPEntity
SKey bccsp.Key
SOpts bccsp.SignerOpts
HOpts bccsp.HashOpts
}
BCCSPSignerEntity is an implementation of the SignerEntity interface
func NewECDSASignerEntity ¶ added in v1.2.0
func NewECDSASignerEntity(ID string, b bccsp.BCCSP, signKeyBytes []byte) (*BCCSPSignerEntity, error)
NewECDSASignerEntity returns a signer entity that is capable of signing using ECDSA
func NewECDSAVerifierEntity ¶ added in v1.2.0
func NewECDSAVerifierEntity(ID string, b bccsp.BCCSP, signKeyBytes []byte) (*BCCSPSignerEntity, error)
NewECDSAVerifierEntity returns a verifier entity that is capable of verifying using ECDSA
func NewSignerEntity ¶ added in v1.2.0
func NewSignerEntity(ID string, bccsp bccsp.BCCSP, sKey bccsp.Key, sOpts bccsp.SignerOpts, hOpts bccsp.HashOpts) (*BCCSPSignerEntity, error)
NewSignerEntity returns a SignerEntity
func (*BCCSPSignerEntity) Equals ¶ added in v1.2.0
func (this *BCCSPSignerEntity) Equals(e Entity) bool
func (*BCCSPSignerEntity) Public ¶ added in v1.2.0
func (e *BCCSPSignerEntity) Public() (Entity, error)
func (*BCCSPSignerEntity) Sign ¶ added in v1.2.0
func (e *BCCSPSignerEntity) Sign(msg []byte) ([]byte, error)
func (*BCCSPSignerEntity) Verify ¶ added in v1.2.0
func (e *BCCSPSignerEntity) Verify(signature, msg []byte) (bool, error)
type Encrypter ¶
type Encrypter interface {
// Encrypt returns the ciphertext for the supplied plaintext message
Encrypt(plaintext []byte) (ciphertext []byte, err error)
// Decrypt returns the plaintext for the supplied ciphertext message
Decrypt(ciphertext []byte) (plaintext []byte, err error)
}
Encrypter is an interface that provides basic encrypt/decrypt capabilities
type EncrypterEntity ¶
Encrypter entity is an entity which is capable of performing encryption
func GetEncrypterEntityForTest ¶
func GetEncrypterEntityForTest(id string) (EncrypterEntity, error)
type EncrypterSignerEntity ¶
EncrypterSignerEntity is an entity which is capable of performing encryption and of generating signatures
func GetEncrypterSignerEntityForTest ¶
func GetEncrypterSignerEntityForTest(id string) (EncrypterSignerEntity, error)
type Entity ¶
type Entity interface {
// ID returns an identifier for the entity;
// the identifier can be set arbitrarily by
// the entity's constructor in a manner that
// is relevant for its usage at the cc-level
ID() string
// Equals compares this entity with the supplied
// one and returns a boolean that is true if the
// two entities are identical. This includes any
// and all key material that the entity uses
Equals(Entity) bool
// Public returns the public version of this entity
// in case asymmetric cryptography is used. If not,
// Public returns itself
Public() (Entity, error)
}
Entity is the basic interface for all crypto entities that are used by the library to obtain cc-level encryption
type SignedMessage ¶
type SignedMessage struct {
// ID contains a description of the entity signing this message
ID []byte `json:"id"`
// Payload contains the message that is signed
Payload []byte `json:"payload"`
// Sig contains a signature over ID and Payload
Sig []byte `json:"sig"`
}
SignedMessage is a simple struct that contains space for a payload and a signature over it, and convenience functions to sign, verify, marshal and unmarshal
func (*SignedMessage) FromBytes ¶
func (m *SignedMessage) FromBytes(d []byte) error
FromBytes populates the instance from the supplied byte array
func (*SignedMessage) Sign ¶
func (m *SignedMessage) Sign(signer Signer) error
Sign signs the SignedMessage and stores the signature in the Sig field
func (*SignedMessage) ToBytes ¶
func (m *SignedMessage) ToBytes() ([]byte, error)
ToBytes serializes the intance to bytes
func (*SignedMessage) Verify ¶
func (m *SignedMessage) Verify(verifier Signer) (bool, error)
Verify verifies the signature over Payload stored in Sig
type Signer ¶
type Signer interface {
// Sign returns a signature of the supplied message (or an error)
Sign(msg []byte) (signature []byte, err error)
// Verify checks whether the supplied signature
// over the supplied message is valid according to this interface
Verify(signature, msg []byte) (valid bool, err error)
}
Signer is an interface that provides basic sign/verify capabilities
Source Files
¶
- entities.go
- interfaces.go
- message.go
- testutils.go