keystore2

package
v0.0.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 22, 2026 License: CC0-1.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	TransactionIKeystoreOperationUpdateAad = binder.FirstCallTransaction + 0
	TransactionIKeystoreOperationUpdate    = binder.FirstCallTransaction + 1
	TransactionIKeystoreOperationFinish    = binder.FirstCallTransaction + 2
	TransactionIKeystoreOperationAbort     = binder.FirstCallTransaction + 3
)
View Source 
const (
	MethodIKeystoreOperationUpdateAad = "updateAad"
	MethodIKeystoreOperationUpdate    = "update"
	MethodIKeystoreOperationFinish    = "finish"
	MethodIKeystoreOperationAbort     = "abort"
)
View Source 
const (
	TransactionIKeystoreSecurityLevelCreateOperation              = binder.FirstCallTransaction + 0
	TransactionIKeystoreSecurityLevelGenerateKey                  = binder.FirstCallTransaction + 1
	TransactionIKeystoreSecurityLevelImportKey                    = binder.FirstCallTransaction + 2
	TransactionIKeystoreSecurityLevelImportWrappedKey             = binder.FirstCallTransaction + 3
	TransactionIKeystoreSecurityLevelConvertStorageKeyToEphemeral = binder.FirstCallTransaction + 4
	TransactionIKeystoreSecurityLevelDeleteKey                    = binder.FirstCallTransaction + 5
)
View Source 
const (
	MethodIKeystoreSecurityLevelCreateOperation              = "createOperation"
	MethodIKeystoreSecurityLevelGenerateKey                  = "generateKey"
	MethodIKeystoreSecurityLevelImportKey                    = "importKey"
	MethodIKeystoreSecurityLevelImportWrappedKey             = "importWrappedKey"
	MethodIKeystoreSecurityLevelConvertStorageKeyToEphemeral = "convertStorageKeyToEphemeral"
	MethodIKeystoreSecurityLevelDeleteKey                    = "deleteKey"
)
View Source 
const (
	TransactionIKeystoreServiceGetSecurityLevel   = binder.FirstCallTransaction + 0
	TransactionIKeystoreServiceGetKeyEntry        = binder.FirstCallTransaction + 1
	TransactionIKeystoreServiceUpdateSubcomponent = binder.FirstCallTransaction + 2
	TransactionIKeystoreServiceListEntries        = binder.FirstCallTransaction + 3
	TransactionIKeystoreServiceDeleteKey          = binder.FirstCallTransaction + 4
	TransactionIKeystoreServiceGrant              = binder.FirstCallTransaction + 5
	TransactionIKeystoreServiceUngrant            = binder.FirstCallTransaction + 6
	TransactionIKeystoreServiceGetNumberOfEntries = binder.FirstCallTransaction + 7
	TransactionIKeystoreServiceListEntriesBatched = binder.FirstCallTransaction + 8
)
View Source 
const (
	MethodIKeystoreServiceGetSecurityLevel   = "getSecurityLevel"
	MethodIKeystoreServiceGetKeyEntry        = "getKeyEntry"
	MethodIKeystoreServiceUpdateSubcomponent = "updateSubcomponent"
	MethodIKeystoreServiceListEntries        = "listEntries"
	MethodIKeystoreServiceDeleteKey          = "deleteKey"
	MethodIKeystoreServiceGrant              = "grant"
	MethodIKeystoreServiceUngrant            = "ungrant"
	MethodIKeystoreServiceGetNumberOfEntries = "getNumberOfEntries"
	MethodIKeystoreServiceListEntriesBatched = "listEntriesBatched"
)
View Source 
const DescriptorIKeystoreOperation = "android.system.keystore2.IKeystoreOperation"
View Source 
const DescriptorIKeystoreSecurityLevel = "android.system.keystore2.IKeystoreSecurityLevel"
View Source 
const DescriptorIKeystoreService = "android.system.keystore2.IKeystoreService"
View Source 
const (
	IKeystoreSecurityLevelKeyFlagAuthBoundWithoutCryptographicLskfBinding int32 = 1
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AuthenticatorSpec 

type AuthenticatorSpec struct {
	AuthenticatorType keymaster.HardwareAuthenticatorType
	AuthenticatorId   int64
}

func (*AuthenticatorSpec) MarshalParcel 

func (s *AuthenticatorSpec) MarshalParcel(
	p *parcel.Parcel,
) error

func (*AuthenticatorSpec) UnmarshalParcel 

func (s *AuthenticatorSpec) UnmarshalParcel(
	p *parcel.Parcel,
) error

type Authorization 

type Authorization struct {
	SecurityLevel drm.SecurityLevel
	KeyParameter  keymint.KeyParameter
}

func (*Authorization) MarshalParcel 

func (s *Authorization) MarshalParcel(
	p *parcel.Parcel,
) error

func (*Authorization) UnmarshalParcel 

func (s *Authorization) UnmarshalParcel(
	p *parcel.Parcel,
) error

type CreateOperationResponse 

type CreateOperationResponse struct {
	IOperation         IKeystoreOperation
	OperationChallenge *OperationChallenge
	Parameters         *KeyParameters
	UpgradedBlob       []byte
}

func (*CreateOperationResponse) MarshalParcel 

func (s *CreateOperationResponse) MarshalParcel(
	p *parcel.Parcel,
) error

func (*CreateOperationResponse) UnmarshalParcel 

func (s *CreateOperationResponse) UnmarshalParcel(
	p *parcel.Parcel,
) error

type Domain 

type Domain int32
const (
	DomainAPP     Domain = 0
	DomainGRANT   Domain = 1
	DomainSELINUX Domain = 2
	DomainBLOB    Domain = 3
	DomainKeyId   Domain = 4
)

type EphemeralStorageKeyResponse 

type EphemeralStorageKeyResponse struct {
	EphemeralKey []byte
	UpgradedBlob []byte
}

func (*EphemeralStorageKeyResponse) MarshalParcel 

func (s *EphemeralStorageKeyResponse) MarshalParcel(
	p *parcel.Parcel,
) error

func (*EphemeralStorageKeyResponse) UnmarshalParcel 

func (s *EphemeralStorageKeyResponse) UnmarshalParcel(
	p *parcel.Parcel,
) error

type IKeystoreOperation 

type IKeystoreOperation interface {
	AsBinder() binder.IBinder
	UpdateAad(ctx context.Context, aadInput []byte) error
	Update(ctx context.Context, input []byte) ([]byte, error)
	Finish(ctx context.Context, input []byte, signature []byte) ([]byte, error)
	Abort(ctx context.Context) error
}

func NewKeystoreOperationStub 

func NewKeystoreOperationStub(
	impl IKeystoreOperationServer,
) IKeystoreOperation

NewKeystoreOperationStub creates a server-side IKeystoreOperation wrapping the given server implementation. The returned value satisfies IKeystoreOperation and can be passed to proxy methods; its AsBinder() returns a *binder.StubBinder that is auto-registered with the binder driver on first use.

type IKeystoreOperationServer 

type IKeystoreOperationServer interface {
	UpdateAad(ctx context.Context, aadInput []byte) error
	Update(ctx context.Context, input []byte) ([]byte, error)
	Finish(ctx context.Context, input []byte, signature []byte) ([]byte, error)
	Abort(ctx context.Context) error
}

IKeystoreOperationServer is the server-side interface that user implementations provide to NewKeystoreOperationStub. It contains only the business methods, without AsBinder (which is provided by the stub itself).

type IKeystoreSecurityLevel 

type IKeystoreSecurityLevel interface {
	AsBinder() binder.IBinder
	CreateOperation(ctx context.Context, key KeyDescriptor, operationParameters []keymint.KeyParameter, forced bool) (CreateOperationResponse, error)
	GenerateKey(ctx context.Context, key KeyDescriptor, attestationKey *KeyDescriptor, params []keymint.KeyParameter, flags int32, entropy []byte) (KeyMetadata, error)
	ImportKey(ctx context.Context, key KeyDescriptor, attestationKey *KeyDescriptor, params []keymint.KeyParameter, flags int32, keyData []byte) (KeyMetadata, error)
	ImportWrappedKey(ctx context.Context, key KeyDescriptor, wrappingKey KeyDescriptor, maskingKey []byte, params []keymint.KeyParameter, authenticators []AuthenticatorSpec) (KeyMetadata, error)
	ConvertStorageKeyToEphemeral(ctx context.Context, storageKey KeyDescriptor) (EphemeralStorageKeyResponse, error)
	DeleteKey(ctx context.Context, key KeyDescriptor) error
}

func NewKeystoreSecurityLevelStub 

func NewKeystoreSecurityLevelStub(
	impl IKeystoreSecurityLevelServer,
) IKeystoreSecurityLevel

NewKeystoreSecurityLevelStub creates a server-side IKeystoreSecurityLevel wrapping the given server implementation. The returned value satisfies IKeystoreSecurityLevel and can be passed to proxy methods; its AsBinder() returns a *binder.StubBinder that is auto-registered with the binder driver on first use.

type IKeystoreSecurityLevelServer 

type IKeystoreSecurityLevelServer interface {
	CreateOperation(ctx context.Context, key KeyDescriptor, operationParameters []keymint.KeyParameter, forced bool) (CreateOperationResponse, error)
	GenerateKey(ctx context.Context, key KeyDescriptor, attestationKey *KeyDescriptor, params []keymint.KeyParameter, flags int32, entropy []byte) (KeyMetadata, error)
	ImportKey(ctx context.Context, key KeyDescriptor, attestationKey *KeyDescriptor, params []keymint.KeyParameter, flags int32, keyData []byte) (KeyMetadata, error)
	ImportWrappedKey(ctx context.Context, key KeyDescriptor, wrappingKey KeyDescriptor, maskingKey []byte, params []keymint.KeyParameter, authenticators []AuthenticatorSpec) (KeyMetadata, error)
	ConvertStorageKeyToEphemeral(ctx context.Context, storageKey KeyDescriptor) (EphemeralStorageKeyResponse, error)
	DeleteKey(ctx context.Context, key KeyDescriptor) error
}

IKeystoreSecurityLevelServer is the server-side interface that user implementations provide to NewKeystoreSecurityLevelStub. It contains only the business methods, without AsBinder (which is provided by the stub itself).

type IKeystoreService 

type IKeystoreService interface {
	AsBinder() binder.IBinder
	GetSecurityLevel(ctx context.Context, securityLevel drm.SecurityLevel) (IKeystoreSecurityLevel, error)
	GetKeyEntry(ctx context.Context, key KeyDescriptor) (KeyEntryResponse, error)
	UpdateSubcomponent(ctx context.Context, key KeyDescriptor, publicCert []byte, certificateChain []byte) error
	ListEntries(ctx context.Context, domain Domain, nspace int64) ([]KeyDescriptor, error)
	DeleteKey(ctx context.Context, key KeyDescriptor) error
	Grant(ctx context.Context, key KeyDescriptor, granteeUid int32, accessVector int32) (KeyDescriptor, error)
	Ungrant(ctx context.Context, key KeyDescriptor, granteeUid int32) error
	GetNumberOfEntries(ctx context.Context, domain Domain, nspace int64) (int32, error)
	ListEntriesBatched(ctx context.Context, domain Domain, nspace int64, startingPastAlias string) ([]KeyDescriptor, error)
}

func NewKeystoreServiceStub 

func NewKeystoreServiceStub(
	impl IKeystoreServiceServer,
) IKeystoreService

NewKeystoreServiceStub creates a server-side IKeystoreService wrapping the given server implementation. The returned value satisfies IKeystoreService and can be passed to proxy methods; its AsBinder() returns a *binder.StubBinder that is auto-registered with the binder driver on first use.

type IKeystoreServiceServer 

type IKeystoreServiceServer interface {
	GetSecurityLevel(ctx context.Context, securityLevel drm.SecurityLevel) (IKeystoreSecurityLevel, error)
	GetKeyEntry(ctx context.Context, key KeyDescriptor) (KeyEntryResponse, error)
	UpdateSubcomponent(ctx context.Context, key KeyDescriptor, publicCert []byte, certificateChain []byte) error
	ListEntries(ctx context.Context, domain Domain, nspace int64) ([]KeyDescriptor, error)
	DeleteKey(ctx context.Context, key KeyDescriptor) error
	Grant(ctx context.Context, key KeyDescriptor, granteeUid int32, accessVector int32) (KeyDescriptor, error)
	Ungrant(ctx context.Context, key KeyDescriptor, granteeUid int32) error
	GetNumberOfEntries(ctx context.Context, domain Domain, nspace int64) (int32, error)
	ListEntriesBatched(ctx context.Context, domain Domain, nspace int64, startingPastAlias string) ([]KeyDescriptor, error)
}

IKeystoreServiceServer is the server-side interface that user implementations provide to NewKeystoreServiceStub. It contains only the business methods, without AsBinder (which is provided by the stub itself).

type KeyDescriptor 

type KeyDescriptor struct {
	Domain Domain
	Nspace int64
	Alias  string
	Blob   []byte
}

func (*KeyDescriptor) MarshalParcel 

func (s *KeyDescriptor) MarshalParcel(
	p *parcel.Parcel,
) error

func (*KeyDescriptor) UnmarshalParcel 

func (s *KeyDescriptor) UnmarshalParcel(
	p *parcel.Parcel,
) error

type KeyEntryResponse 

type KeyEntryResponse struct {
	ISecurityLevel IKeystoreSecurityLevel
	Metadata       KeyMetadata
}

func (*KeyEntryResponse) MarshalParcel 

func (s *KeyEntryResponse) MarshalParcel(
	p *parcel.Parcel,
) error

func (*KeyEntryResponse) UnmarshalParcel 

func (s *KeyEntryResponse) UnmarshalParcel(
	p *parcel.Parcel,
) error

type KeyMetadata 

type KeyMetadata struct {
	Key                KeyDescriptor
	KeySecurityLevel   drm.SecurityLevel
	Authorizations     []Authorization
	Certificate        []byte
	CertificateChain   []byte
	ModificationTimeMs int64
}

func (*KeyMetadata) MarshalParcel 

func (s *KeyMetadata) MarshalParcel(
	p *parcel.Parcel,
) error

func (*KeyMetadata) UnmarshalParcel 

func (s *KeyMetadata) UnmarshalParcel(
	p *parcel.Parcel,
) error

type KeyParameters 

type KeyParameters struct {
	KeyParameter []keymint.KeyParameter
}

func (*KeyParameters) MarshalParcel 

func (s *KeyParameters) MarshalParcel(
	p *parcel.Parcel,
) error

func (*KeyParameters) UnmarshalParcel 

func (s *KeyParameters) UnmarshalParcel(
	p *parcel.Parcel,
) error

type KeyPermission 

type KeyPermission int32
const (
	KeyPermissionNONE                         KeyPermission = 0
	KeyPermissionDELETE                       KeyPermission = 1
	KeyPermissionGenUniqueId                  KeyPermission = 2
	KeyPermissionGetInfo                      KeyPermission = 4
	KeyPermissionGRANT                        KeyPermission = 8
	KeyPermissionManageBlob                   KeyPermission = 16
	KeyPermissionREBIND                       KeyPermission = 32
	KeyPermissionReqForcedOp                  KeyPermission = 64
	KeyPermissionUPDATE                       KeyPermission = 128
	KeyPermissionUSE                          KeyPermission = 256
	KeyPermissionUseDevId                     KeyPermission = 512
	KeyPermissionUseNoLskfBinding             KeyPermission = 1024
	KeyPermissionConvertStorageKeyToEphemeral KeyPermission = 2048
)

type KeystoreOperationProxy 

type KeystoreOperationProxy struct {
	Remote binder.IBinder
}

func NewKeystoreOperationProxy 

func NewKeystoreOperationProxy(
	remote binder.IBinder,
) *KeystoreOperationProxy

func (*KeystoreOperationProxy) Abort 

func (p *KeystoreOperationProxy) Abort(
	ctx context.Context,
) error

func (*KeystoreOperationProxy) AsBinder 

func (p *KeystoreOperationProxy) AsBinder() binder.IBinder

func (*KeystoreOperationProxy) Finish 

func (p *KeystoreOperationProxy) Finish(
	ctx context.Context,
	input []byte,
	signature []byte,
) ([]byte, error)

func (*KeystoreOperationProxy) Update 

func (p *KeystoreOperationProxy) Update(
	ctx context.Context,
	input []byte,
) ([]byte, error)

func (*KeystoreOperationProxy) UpdateAad 

func (p *KeystoreOperationProxy) UpdateAad(
	ctx context.Context,
	aadInput []byte,
) error

type KeystoreOperationStub 

type KeystoreOperationStub struct {
	Impl      IKeystoreOperation
	Transport binder.VersionAwareTransport
}

KeystoreOperationStub dispatches incoming binder transactions to a typed IKeystoreOperation implementation.

func (*KeystoreOperationStub) Descriptor 

func (s *KeystoreOperationStub) Descriptor() string

func (*KeystoreOperationStub) OnTransaction 

func (s *KeystoreOperationStub) OnTransaction(
	ctx context.Context,
	code binder.TransactionCode,
	_data *parcel.Parcel,
) (*parcel.Parcel, error)

type KeystoreSecurityLevelProxy 

type KeystoreSecurityLevelProxy struct {
	Remote binder.IBinder
}

func NewKeystoreSecurityLevelProxy 

func NewKeystoreSecurityLevelProxy(
	remote binder.IBinder,
) *KeystoreSecurityLevelProxy

func (*KeystoreSecurityLevelProxy) AsBinder 

func (p *KeystoreSecurityLevelProxy) AsBinder() binder.IBinder

func (*KeystoreSecurityLevelProxy) ConvertStorageKeyToEphemeral 

func (p *KeystoreSecurityLevelProxy) ConvertStorageKeyToEphemeral(
	ctx context.Context,
	storageKey KeyDescriptor,
) (EphemeralStorageKeyResponse, error)

func (*KeystoreSecurityLevelProxy) CreateOperation 

func (p *KeystoreSecurityLevelProxy) CreateOperation(
	ctx context.Context,
	key KeyDescriptor,
	operationParameters []keymint.KeyParameter,
	forced bool,
) (CreateOperationResponse, error)

func (*KeystoreSecurityLevelProxy) DeleteKey 

func (p *KeystoreSecurityLevelProxy) DeleteKey(
	ctx context.Context,
	key KeyDescriptor,
) error

func (*KeystoreSecurityLevelProxy) GenerateKey 

func (p *KeystoreSecurityLevelProxy) GenerateKey(
	ctx context.Context,
	key KeyDescriptor,
	attestationKey *KeyDescriptor,
	params []keymint.KeyParameter,
	flags int32,
	entropy []byte,
) (KeyMetadata, error)

func (*KeystoreSecurityLevelProxy) ImportKey 

func (p *KeystoreSecurityLevelProxy) ImportKey(
	ctx context.Context,
	key KeyDescriptor,
	attestationKey *KeyDescriptor,
	params []keymint.KeyParameter,
	flags int32,
	keyData []byte,
) (KeyMetadata, error)

func (*KeystoreSecurityLevelProxy) ImportWrappedKey 

func (p *KeystoreSecurityLevelProxy) ImportWrappedKey(
	ctx context.Context,
	key KeyDescriptor,
	wrappingKey KeyDescriptor,
	maskingKey []byte,
	params []keymint.KeyParameter,
	authenticators []AuthenticatorSpec,
) (KeyMetadata, error)

type KeystoreSecurityLevelStub 

type KeystoreSecurityLevelStub struct {
	Impl      IKeystoreSecurityLevel
	Transport binder.VersionAwareTransport
}

KeystoreSecurityLevelStub dispatches incoming binder transactions to a typed IKeystoreSecurityLevel implementation.

func (*KeystoreSecurityLevelStub) Descriptor 

func (s *KeystoreSecurityLevelStub) Descriptor() string

func (*KeystoreSecurityLevelStub) OnTransaction 

func (s *KeystoreSecurityLevelStub) OnTransaction(
	ctx context.Context,
	code binder.TransactionCode,
	_data *parcel.Parcel,
) (*parcel.Parcel, error)

type KeystoreServiceProxy 

type KeystoreServiceProxy struct {
	Remote binder.IBinder
}

func NewKeystoreServiceProxy 

func NewKeystoreServiceProxy(
	remote binder.IBinder,
) *KeystoreServiceProxy

func (*KeystoreServiceProxy) AsBinder 

func (p *KeystoreServiceProxy) AsBinder() binder.IBinder

func (*KeystoreServiceProxy) DeleteKey 

func (p *KeystoreServiceProxy) DeleteKey(
	ctx context.Context,
	key KeyDescriptor,
) error

func (*KeystoreServiceProxy) GetKeyEntry 

func (p *KeystoreServiceProxy) GetKeyEntry(
	ctx context.Context,
	key KeyDescriptor,
) (KeyEntryResponse, error)

func (*KeystoreServiceProxy) GetNumberOfEntries 

func (p *KeystoreServiceProxy) GetNumberOfEntries(
	ctx context.Context,
	domain Domain,
	nspace int64,
) (int32, error)

func (*KeystoreServiceProxy) GetSecurityLevel 

func (p *KeystoreServiceProxy) GetSecurityLevel(
	ctx context.Context,
	securityLevel drm.SecurityLevel,
) (IKeystoreSecurityLevel, error)

func (*KeystoreServiceProxy) Grant 

func (p *KeystoreServiceProxy) Grant(
	ctx context.Context,
	key KeyDescriptor,
	granteeUid int32,
	accessVector int32,
) (KeyDescriptor, error)

func (*KeystoreServiceProxy) ListEntries 

func (p *KeystoreServiceProxy) ListEntries(
	ctx context.Context,
	domain Domain,
	nspace int64,
) ([]KeyDescriptor, error)

func (*KeystoreServiceProxy) ListEntriesBatched 

func (p *KeystoreServiceProxy) ListEntriesBatched(
	ctx context.Context,
	domain Domain,
	nspace int64,
	startingPastAlias string,
) ([]KeyDescriptor, error)

func (*KeystoreServiceProxy) Ungrant 

func (p *KeystoreServiceProxy) Ungrant(
	ctx context.Context,
	key KeyDescriptor,
	granteeUid int32,
) error

func (*KeystoreServiceProxy) UpdateSubcomponent 

func (p *KeystoreServiceProxy) UpdateSubcomponent(
	ctx context.Context,
	key KeyDescriptor,
	publicCert []byte,
	certificateChain []byte,
) error

type KeystoreServiceStub 

type KeystoreServiceStub struct {
	Impl      IKeystoreService
	Transport binder.VersionAwareTransport
}

KeystoreServiceStub dispatches incoming binder transactions to a typed IKeystoreService implementation.

func (*KeystoreServiceStub) Descriptor 

func (s *KeystoreServiceStub) Descriptor() string

func (*KeystoreServiceStub) OnTransaction 

func (s *KeystoreServiceStub) OnTransaction(
	ctx context.Context,
	code binder.TransactionCode,
	_data *parcel.Parcel,
) (*parcel.Parcel, error)

type OperationChallenge 

type OperationChallenge struct {
	Challenge int64
}

func (*OperationChallenge) MarshalParcel 

func (s *OperationChallenge) MarshalParcel(
	p *parcel.Parcel,
) error

func (*OperationChallenge) UnmarshalParcel 

func (s *OperationChallenge) UnmarshalParcel(
	p *parcel.Parcel,
) error

type ResponseCode 

type ResponseCode int32
const (
	ResponseCodeLOCKED                               ResponseCode = 2
	ResponseCodeUNINITIALIZED                        ResponseCode = 3
	ResponseCodeSystemError                          ResponseCode = 4
	ResponseCodePermissionDenied                     ResponseCode = 6
	ResponseCodeKeyNotFound                          ResponseCode = 7
	ResponseCodeValueCorrupted                       ResponseCode = 8
	ResponseCodeKeyPermanentlyInvalidated            ResponseCode = 17
	ResponseCodeBackendBusy                          ResponseCode = 18
	ResponseCodeOperationBusy                        ResponseCode = 19
	ResponseCodeInvalidArgument                      ResponseCode = 20
	ResponseCodeTooMuchData                          ResponseCode = 21
	ResponseCodeOutOfKeys                            ResponseCode = 22
	ResponseCodeOutOfKeysRequiresSystemUpgrade       ResponseCode = 23
	ResponseCodeOutOfKeysPendingInternetConnectivity ResponseCode = 24
	ResponseCodeOutOfKeysTransientError              ResponseCode = 25
	ResponseCodeOutOfKeysPermanentError              ResponseCode = 26
	ResponseCodeGetAttestationApplicationIdFailed    ResponseCode = 27
)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.