foundation

package
v6.0.15 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 12, 2020 License: BSD-3-Clause Imports: 4 Imported by: 1

Documentation

Index

Constants

View Source
const (
	BrainkeyClientPointLen       uint = 65
	BrainkeyClientMpiLen         uint = 32
	BrainkeyClientSeedLen        uint = 32
	BrainkeyClientMaxPasswordLen uint = 128
	BrainkeyClientMaxKeyNameLen  uint = 128
)
View Source
const (
	BrainkeyServerPointLen uint = 65
	BrainkeyServerMpiLen   uint = 32
)
View Source
const (
	/*
	 * The interval before reseed is performed by default.
	 */
	CtrDrbgReseedInterval uint = 10000
	/*
	 * The amount of entropy used per seed by default.
	 */
	CtrDrbgEntropyLen uint = 48
)
View Source
const (
	/*
	 * This error should not be returned if assertions is enabled.
	 */
	FoundationErrorErrorBadArguments int = -1
	/*
	 * Can be used to define that not all context prerequisites are satisfied.
	 * Note, this error should not be returned if assertions is enabled.
	 */
	FoundationErrorErrorUninitialized int = -2
	/*
	 * Define that error code from one of third-party module was not handled.
	 * Note, this error should not be returned if assertions is enabled.
	 */
	FoundationErrorErrorUnhandledThirdpartyError int = -3
	/*
	 * Buffer capacity is not enough to hold result.
	 */
	FoundationErrorErrorSmallBuffer int = -101
	/*
	 * Unsupported algorithm.
	 */
	FoundationErrorErrorUnsupportedAlgorithm int = -200
	/*
	 * Authentication failed during decryption.
	 */
	FoundationErrorErrorAuthFailed int = -201
	/*
	 * Attempt to read data out of buffer bounds.
	 */
	FoundationErrorErrorOutOfData int = -202
	/*
	 * ASN.1 encoded data is corrupted.
	 */
	FoundationErrorErrorBadAsn1 int = -203
	/*
	 * Attempt to read ASN.1 type that is bigger then requested C type.
	 */
	FoundationErrorErrorAsn1LossyTypeNarrowing int = -204
	/*
	 * ASN.1 representation of PKCS#1 public key is corrupted.
	 */
	FoundationErrorErrorBadPkcs1PublicKey int = -205
	/*
	 * ASN.1 representation of PKCS#1 private key is corrupted.
	 */
	FoundationErrorErrorBadPkcs1PrivateKey int = -206
	/*
	 * ASN.1 representation of PKCS#8 public key is corrupted.
	 */
	FoundationErrorErrorBadPkcs8PublicKey int = -207
	/*
	 * ASN.1 representation of PKCS#8 private key is corrupted.
	 */
	FoundationErrorErrorBadPkcs8PrivateKey int = -208
	/*
	 * Encrypted data is corrupted.
	 */
	FoundationErrorErrorBadEncryptedData int = -209
	/*
	 * Underlying random operation returns error.
	 */
	FoundationErrorErrorRandomFailed int = -210
	/*
	 * Generation of the private or secret key failed.
	 */
	FoundationErrorErrorKeyGenerationFailed int = -211
	/*
	 * One of the entropy sources failed.
	 */
	FoundationErrorErrorEntropySourceFailed int = -212
	/*
	 * Requested data to be generated is too big.
	 */
	FoundationErrorErrorRngRequestedDataTooBig int = -213
	/*
	 * Base64 encoded string contains invalid characters.
	 */
	FoundationErrorErrorBadBase64 int = -214
	/*
	 * PEM data is corrupted.
	 */
	FoundationErrorErrorBadPem int = -215
	/*
	 * Exchange key return zero.
	 */
	FoundationErrorErrorSharedKeyExchangeFailed int = -216
	/*
	 * Ed25519 public key is corrupted.
	 */
	FoundationErrorErrorBadEd25519PublicKey int = -217
	/*
	 * Ed25519 private key is corrupted.
	 */
	FoundationErrorErrorBadEd25519PrivateKey int = -218
	/*
	 * CURVE25519 public key is corrupted.
	 */
	FoundationErrorErrorBadCurve25519PublicKey int = -219
	/*
	 * CURVE25519 private key is corrupted.
	 */
	FoundationErrorErrorBadCurve25519PrivateKey int = -220
	/*
	 * Elliptic curve public key format is corrupted see RFC 5480.
	 */
	FoundationErrorErrorBadSec1PublicKey int = -221
	/*
	 * Elliptic curve public key format is corrupted see RFC 5915.
	 */
	FoundationErrorErrorBadSec1PrivateKey int = -222
	/*
	 * ASN.1 representation of a public key is corrupted.
	 */
	FoundationErrorErrorBadDerPublicKey int = -223
	/*
	 * ASN.1 representation of a private key is corrupted.
	 */
	FoundationErrorErrorBadDerPrivateKey int = -224
	/*
	 * Key algorithm does not accept given type of public key.
	 */
	FoundationErrorErrorMismatchPublicKeyAndAlgorithm int = -225
	/*
	 * Key algorithm does not accept given type of private key.
	 */
	FoundationErrorErrorMismatchPrivateKeyAndAlgorithm int = -226
	/*
	 * Post-quantum Falcon-Sign public key is corrupted.
	 */
	FoundationErrorErrorBadFalconPublicKey int = -227
	/*
	 * Post-quantum Falcon-Sign private key is corrupted.
	 */
	FoundationErrorErrorBadFalconPrivateKey int = -228
	/*
	 * Generic Round5 library error.
	 */
	FoundationErrorErrorRound5 int = -229
	/*
	 * Post-quantum NIST Round5 public key is corrupted.
	 */
	FoundationErrorErrorBadRound5PublicKey int = -230
	/*
	 * Post-quantum NIST Round5 private key is corrupted.
	 */
	FoundationErrorErrorBadRound5PrivateKey int = -231
	/*
	 * Compound public key is corrupted.
	 */
	FoundationErrorErrorBadCompoundPublicKey int = -232
	/*
	 * Compound private key is corrupted.
	 */
	FoundationErrorErrorBadCompoundPrivateKey int = -233
	/*
	 * Compound public hybrid key is corrupted.
	 */
	FoundationErrorErrorBadHybridPublicKey int = -234
	/*
	 * Compound private hybrid key is corrupted.
	 */
	FoundationErrorErrorBadHybridPrivateKey int = -235
	/*
	 * ASN.1 AlgorithmIdentifer is corrupted.
	 */
	FoundationErrorErrorBadAsn1Algorithm int = -236
	/*
	 * ASN.1 AlgorithmIdentifer with ECParameters is corrupted.
	 */
	FoundationErrorErrorBadAsn1AlgorithmEcc int = -237
	/*
	 * ASN.1 AlgorithmIdentifer with CompoundKeyParams is corrupted.
	 */
	FoundationErrorErrorBadAsn1AlgorithmCompoundKey int = -238
	/*
	 * ASN.1 AlgorithmIdentifer with HybridKeyParams is corrupted.
	 */
	FoundationErrorErrorBadAsn1AlgorithmHybridKey int = -239
	/*
	 * Decryption failed, because message info was not given explicitly,
	 * and was not part of an encrypted message.
	 */
	FoundationErrorErrorNoMessageInfo int = -301
	/*
	 * Message Info is corrupted.
	 */
	FoundationErrorErrorBadMessageInfo int = -302
	/*
	 * Recipient defined with id is not found within message info
	 * during data decryption.
	 */
	FoundationErrorErrorKeyRecipientIsNotFound int = -303
	/*
	 * Content encryption key can not be decrypted with a given private key.
	 */
	FoundationErrorErrorKeyRecipientPrivateKeyIsWrong int = -304
	/*
	 * Content encryption key can not be decrypted with a given password.
	 */
	FoundationErrorErrorPasswordRecipientPasswordIsWrong int = -305
	/*
	 * Custom parameter with a given key is not found within message info.
	 */
	FoundationErrorErrorMessageInfoCustomParamNotFound int = -306
	/*
	 * A custom parameter with a given key is found, but the requested value
	 * type does not correspond to the actual type.
	 */
	FoundationErrorErrorMessageInfoCustomParamTypeMismatch int = -307
	/*
	 * Signature format is corrupted.
	 */
	FoundationErrorErrorBadSignature int = -308
	/*
	 * Message Info footer is corrupted.
	 */
	FoundationErrorErrorBadMessageInfoFooter int = -309
	/*
	 * Brainkey password length is out of range.
	 */
	FoundationErrorErrorInvalidBrainkeyPasswordLen int = -401
	/*
	 * Brainkey number length should be 32 byte.
	 */
	FoundationErrorErrorInvalidBrainkeyFactorLen int = -402
	/*
	 * Brainkey point length should be 65 bytes.
	 */
	FoundationErrorErrorInvalidBrainkeyPointLen int = -403
	/*
	 * Brainkey name is out of range.
	 */
	FoundationErrorErrorInvalidBrainkeyKeyNameLen int = -404
	/*
	 * Brainkey internal error.
	 */
	FoundationErrorErrorBrainkeyInternal int = -405
	/*
	 * Brainkey point is invalid.
	 */
	FoundationErrorErrorBrainkeyInvalidPoint int = -406
	/*
	 * Brainkey number buffer length capacity should be >= 32 byte.
	 */
	FoundationErrorErrorInvalidBrainkeyFactorBufferLen int = -407
	/*
	 * Brainkey point buffer length capacity should be >= 32 byte.
	 */
	FoundationErrorErrorInvalidBrainkeyPointBufferLen int = -408
	/*
	 * Brainkey seed buffer length capacity should be >= 32 byte.
	 */
	FoundationErrorErrorInvalidBrainkeySeedBufferLen int = -409
	/*
	 * Brainkey identity secret is invalid.
	 */
	FoundationErrorErrorInvalidIdentitySecret int = -410
	/*
	 * KEM encapsulated key is invalid or does not correspond to the private key.
	 */
	FoundationErrorErrorInvalidKemEncapsulatedKey int = -411
	/*
	 * Invalid padding.
	 */
	FoundationErrorErrorInvalidPadding int = -501
	/*
	 * Protobuf error.
	 */
	FoundationErrorErrorProtobuf int = -601
	/*
	 * Session id doesnt match.
	 */
	FoundationErrorErrorSessionIdDoesntMatch int = -701
	/*
	 * Epoch not found.
	 */
	FoundationErrorErrorEpochNotFound int = -702
	/*
	 * Wrong key type.
	 */
	FoundationErrorErrorWrongKeyType int = -703
	/*
	 * Invalid signature.
	 */
	FoundationErrorErrorInvalidSignature int = -704
	/*
	 * Ed25519 error.
	 */
	FoundationErrorErrorEd25519 int = -705
	/*
	 * Duplicate epoch.
	 */
	FoundationErrorErrorDuplicateEpoch int = -706
	/*
	 * Plain text too long.
	 */
	FoundationErrorErrorPlainTextTooLong int = -707
)
View Source
const (
	/*
	 * Sender id len
	 */
	GroupSessionSenderIdLen uint = 32
	/*
	 * Max plain text len
	 */
	GroupSessionMaxPlainTextLen uint = 30000
	/*
	 * Max epochs count
	 */
	GroupSessionMaxEpochsCount uint = 50
	/*
	 * Salt size
	 */
	GroupSessionSaltSize uint = 32
)
View Source
const (
	/*
	 * Max message len
	 */
	GroupSessionMessageMaxMessageLen uint = 30188
	/*
	 * Message version
	 */
	GroupSessionMessageMessageVersion uint = 1
)
View Source
const (
	/*
	 * Minimum length in bytes for the key material.
	 */
	KeyMaterialRngKeyMaterialLenMin uint = 32
	/*
	 * Maximum length in bytes for the key material.
	 */
	KeyMaterialRngKeyMaterialLenMax uint = 512
)
View Source
const (
	PaddingParamsDefaultFrameMin uint = 32
	PaddingParamsDefaultFrame    uint = 160
	PaddingParamsDefaultFrameMax uint = 256
)
View Source
const (
	EntropyAccumulatorSourcesMax uint = 15
)

Variables

This section is empty.

Functions

func Base64Decode

func Base64Decode(str []byte) ([]byte, error)

* Decode given data from the base64 format.

func Base64DecodedLen

func Base64DecodedLen(strLen uint) uint

* Calculate length in bytes required to hold a decoded base64 string.

func Base64Encode

func Base64Encode(data []byte) []byte

* Encode given data to the base64 format. * Note, written buffer is NOT null-terminated.

func Base64EncodedLen

func Base64EncodedLen(dataLen uint) uint

* Calculate length in bytes required to hold an encoded base64 string.

func FoundationErrorHandleStatus

func FoundationErrorHandleStatus(status C.vscf_status_t) error

Check given C status, and if it's not "success" then raise correspond error.

func OidEqual

func OidEqual(lhs []byte, rhs []byte) bool

* Return true if given OIDs are equal.

func OidFromAlgId

func OidFromAlgId(algId AlgId) []byte

* Return OID for given algorithm identifier.

func OidFromId

func OidFromId(oidId OidId) []byte

* Return OID for a given identifier.

func PemTitle

func PemTitle(pem []byte) []byte

* Returns PEM title if PEM data is valid, otherwise - empty data.

func PemUnwrap

func PemUnwrap(pem []byte) ([]byte, error)

* Takes PEM data and extract binary data from it.

func PemUnwrappedLen

func PemUnwrappedLen(pemLen uint) uint

* Return length in bytes required to hold unwrapped binary.

func PemWrap

func PemWrap(title string, data []byte) []byte

* Takes binary data and wraps it to the simple PEM format - no * additional information just header-base64-footer. * Note, written buffer is NOT null-terminated.

func PemWrappedLen

func PemWrappedLen(title string, dataLen uint) uint

* Return length in bytes required to hold wrapped PEM format.

Types

type Aes256Cbc

type Aes256Cbc struct {
	// contains filtered or unexported fields
}

* Implementation of the symmetric cipher AES-256 bit in a CBC mode. * Note, this implementation contains dynamic memory allocations, * this should be improved in the future releases.

func NewAes256Cbc

func NewAes256Cbc() *Aes256Cbc

func (*Aes256Cbc) AlgId

func (obj *Aes256Cbc) AlgId() AlgId

* Provide algorithm identificator.

func (*Aes256Cbc) Ctx

func (obj *Aes256Cbc) Ctx() uintptr

Handle underlying C context.

func (*Aes256Cbc) Decrypt

func (obj *Aes256Cbc) Decrypt(data []byte) ([]byte, error)

* Decrypt given data.

func (*Aes256Cbc) DecryptedLen

func (obj *Aes256Cbc) DecryptedLen(dataLen uint) uint

* Calculate required buffer length to hold the decrypted data.

func (*Aes256Cbc) DecryptedOutLen

func (obj *Aes256Cbc) DecryptedOutLen(dataLen uint) uint

* Return buffer length required to hold an output of the methods * "update" or "finish" in an decryption mode. * Pass zero length to define buffer length of the method "finish".

func (*Aes256Cbc) Delete

func (obj *Aes256Cbc) Delete()

* Release underlying C context.

func (*Aes256Cbc) Encrypt

func (obj *Aes256Cbc) Encrypt(data []byte) ([]byte, error)

* Encrypt given data.

func (*Aes256Cbc) EncryptedLen

func (obj *Aes256Cbc) EncryptedLen(dataLen uint) uint

* Calculate required buffer length to hold the encrypted data.

func (*Aes256Cbc) EncryptedOutLen

func (obj *Aes256Cbc) EncryptedOutLen(dataLen uint) uint

* Return buffer length required to hold an output of the methods * "update" or "finish" in an encryption mode. * Pass zero length to define buffer length of the method "finish".

func (*Aes256Cbc) Finish

func (obj *Aes256Cbc) Finish() ([]byte, error)

* Accomplish encryption or decryption process.

func (*Aes256Cbc) GetBlockLen

func (obj *Aes256Cbc) GetBlockLen() uint

* Cipher block length in bytes.

func (*Aes256Cbc) GetKeyBitlen

func (obj *Aes256Cbc) GetKeyBitlen() uint

* Cipher key length in bits.

func (*Aes256Cbc) GetKeyLen

func (obj *Aes256Cbc) GetKeyLen() uint

* Cipher key length in bytes.

func (*Aes256Cbc) GetNonceLen

func (obj *Aes256Cbc) GetNonceLen() uint

* Cipher nfonce length or IV length in bytes, or 0 if nonce is not required.

func (*Aes256Cbc) OutLen

func (obj *Aes256Cbc) OutLen(dataLen uint) uint

* Return buffer length required to hold an output of the methods * "update" or "finish" in an current mode. * Pass zero length to define buffer length of the method "finish".

func (*Aes256Cbc) PreciseEncryptedLen

func (obj *Aes256Cbc) PreciseEncryptedLen(dataLen uint) uint

* Precise length calculation of encrypted data.

func (*Aes256Cbc) ProduceAlgInfo

func (obj *Aes256Cbc) ProduceAlgInfo() (AlgInfo, error)

* Produce object with algorithm information and configuration parameters.

func (*Aes256Cbc) RestoreAlgInfo

func (obj *Aes256Cbc) RestoreAlgInfo(algInfo AlgInfo) error

* Restore algorithm configuration from the given object.

func (*Aes256Cbc) SetKey

func (obj *Aes256Cbc) SetKey(key []byte)

* Set cipher encryption / decryption key.

func (*Aes256Cbc) SetNonce

func (obj *Aes256Cbc) SetNonce(nonce []byte)

* Setup IV or nonce.

func (*Aes256Cbc) StartDecryption

func (obj *Aes256Cbc) StartDecryption()

* Start sequential decryption.

func (*Aes256Cbc) StartEncryption

func (obj *Aes256Cbc) StartEncryption()

* Start sequential encryption.

func (*Aes256Cbc) Update

func (obj *Aes256Cbc) Update(data []byte) []byte

* Process encryption or decryption of the given data chunk.

type Aes256Gcm

type Aes256Gcm struct {
	// contains filtered or unexported fields
}

* Implementation of the symmetric cipher AES-256 bit in a GCM mode. * Note, this implementation contains dynamic memory allocations, * this should be improved in the future releases.

func NewAes256Gcm

func NewAes256Gcm() *Aes256Gcm

func (*Aes256Gcm) AlgId

func (obj *Aes256Gcm) AlgId() AlgId

* Provide algorithm identificator.

func (*Aes256Gcm) AuthDecrypt

func (obj *Aes256Gcm) AuthDecrypt(data []byte, authData []byte, tag []byte) ([]byte, error)

* Decrypt given data. * If 'tag' is not given, then it will be taken from the 'enc'.

func (*Aes256Gcm) AuthDecryptedLen

func (obj *Aes256Gcm) AuthDecryptedLen(dataLen uint) uint

* Calculate required buffer length to hold the authenticated decrypted data.

func (*Aes256Gcm) AuthEncrypt

func (obj *Aes256Gcm) AuthEncrypt(data []byte, authData []byte) ([]byte, []byte, error)

* Encrypt given data. * If 'tag' is not given, then it will written to the 'enc'.

func (*Aes256Gcm) AuthEncryptedLen

func (obj *Aes256Gcm) AuthEncryptedLen(dataLen uint) uint

* Calculate required buffer length to hold the authenticated encrypted data.

func (*Aes256Gcm) Ctx

func (obj *Aes256Gcm) Ctx() uintptr

Handle underlying C context.

func (*Aes256Gcm) Decrypt

func (obj *Aes256Gcm) Decrypt(data []byte) ([]byte, error)

* Decrypt given data.

func (*Aes256Gcm) DecryptedLen

func (obj *Aes256Gcm) DecryptedLen(dataLen uint) uint

* Calculate required buffer length to hold the decrypted data.

func (*Aes256Gcm) DecryptedOutLen

func (obj *Aes256Gcm) DecryptedOutLen(dataLen uint) uint

* Return buffer length required to hold an output of the methods * "update" or "finish" in an decryption mode. * Pass zero length to define buffer length of the method "finish".

func (*Aes256Gcm) Delete

func (obj *Aes256Gcm) Delete()

* Release underlying C context.

func (*Aes256Gcm) Encrypt

func (obj *Aes256Gcm) Encrypt(data []byte) ([]byte, error)

* Encrypt given data.

func (*Aes256Gcm) EncryptedLen

func (obj *Aes256Gcm) EncryptedLen(dataLen uint) uint

* Calculate required buffer length to hold the encrypted data.

func (*Aes256Gcm) EncryptedOutLen

func (obj *Aes256Gcm) EncryptedOutLen(dataLen uint) uint

* Return buffer length required to hold an output of the methods * "update" or "finish" in an encryption mode. * Pass zero length to define buffer length of the method "finish".

func (*Aes256Gcm) Finish

func (obj *Aes256Gcm) Finish() ([]byte, error)

* Accomplish encryption or decryption process.

func (*Aes256Gcm) FinishAuthDecryption

func (obj *Aes256Gcm) FinishAuthDecryption(tag []byte) ([]byte, error)

* Accomplish an authenticated decryption with explicitly given tag. * * Note, if authentication tag is a part of an encrypted data then, * method "finish" can be used for simplicity.

func (*Aes256Gcm) FinishAuthEncryption

func (obj *Aes256Gcm) FinishAuthEncryption() ([]byte, []byte, error)

* Accomplish an authenticated encryption and place tag separately. * * Note, if authentication tag should be added to an encrypted data, * method "finish" can be used.

func (*Aes256Gcm) GetAuthTagLen

func (obj *Aes256Gcm) GetAuthTagLen() uint

* Defines authentication tag length in bytes.

func (*Aes256Gcm) GetBlockLen

func (obj *Aes256Gcm) GetBlockLen() uint

* Cipher block length in bytes.

func (*Aes256Gcm) GetKeyBitlen

func (obj *Aes256Gcm) GetKeyBitlen() uint

* Cipher key length in bits.

func (*Aes256Gcm) GetKeyLen

func (obj *Aes256Gcm) GetKeyLen() uint

* Cipher key length in bytes.

func (*Aes256Gcm) GetNonceLen

func (obj *Aes256Gcm) GetNonceLen() uint

* Cipher nfonce length or IV length in bytes, or 0 if nonce is not required.

func (*Aes256Gcm) OutLen

func (obj *Aes256Gcm) OutLen(dataLen uint) uint

* Return buffer length required to hold an output of the methods * "update" or "finish" in an current mode. * Pass zero length to define buffer length of the method "finish".

func (*Aes256Gcm) PreciseEncryptedLen

func (obj *Aes256Gcm) PreciseEncryptedLen(dataLen uint) uint

* Precise length calculation of encrypted data.

func (*Aes256Gcm) ProduceAlgInfo

func (obj *Aes256Gcm) ProduceAlgInfo() (AlgInfo, error)

* Produce object with algorithm information and configuration parameters.

func (*Aes256Gcm) RestoreAlgInfo

func (obj *Aes256Gcm) RestoreAlgInfo(algInfo AlgInfo) error

* Restore algorithm configuration from the given object.

func (*Aes256Gcm) SetAuthData

func (obj *Aes256Gcm) SetAuthData(authData []byte)

* Set additional data for for AEAD ciphers.

func (*Aes256Gcm) SetKey

func (obj *Aes256Gcm) SetKey(key []byte)

* Set cipher encryption / decryption key.

func (*Aes256Gcm) SetNonce

func (obj *Aes256Gcm) SetNonce(nonce []byte)

* Setup IV or nonce.

func (*Aes256Gcm) StartDecryption

func (obj *Aes256Gcm) StartDecryption()

* Start sequential decryption.

func (*Aes256Gcm) StartEncryption

func (obj *Aes256Gcm) StartEncryption()

* Start sequential encryption.

func (*Aes256Gcm) Update

func (obj *Aes256Gcm) Update(data []byte) []byte

* Process encryption or decryption of the given data chunk.

type Alg

type Alg interface {

	/*
	 * Provide algorithm identificator.
	 */
	AlgId() AlgId

	/*
	 * Produce object with algorithm information and configuration parameters.
	 */
	ProduceAlgInfo() (AlgInfo, error)

	/*
	 * Restore algorithm configuration from the given object.
	 */
	RestoreAlgInfo(algInfo AlgInfo) error

	/*
	 * Release underlying C context.
	 */
	Delete()
	// contains filtered or unexported methods
}

* Provide interface to persist algorithm information and it parameters * and then restore the algorithm from it.

func FoundationImplementationWrapAlg

func FoundationImplementationWrapAlg(ctx *C.vscf_impl_t) (Alg, error)

Wrap C implementation object to the Go object that implements interface Alg.

func FoundationImplementationWrapAlgCopy added in v6.0.12

func FoundationImplementationWrapAlgCopy(ctx *C.vscf_impl_t) (Alg, error)

Wrap C implementation object to the Go object that implements interface Alg.

type AlgFactory

type AlgFactory struct {
}

* Create algorithms based on the given information.

type AlgId

type AlgId int

* Define implemented algorithm identificator.

const (
	AlgIdNone           AlgId = 0
	AlgIdSha224         AlgId = 1
	AlgIdSha256         AlgId = 2
	AlgIdSha384         AlgId = 3
	AlgIdSha512         AlgId = 4
	AlgIdKdf1           AlgId = 5
	AlgIdKdf2           AlgId = 6
	AlgIdRsa            AlgId = 7
	AlgIdEd25519        AlgId = 8
	AlgIdCurve25519     AlgId = 9
	AlgIdSecp256r1      AlgId = 10
	AlgIdAes256Gcm      AlgId = 11
	AlgIdAes256Cbc      AlgId = 12
	AlgIdHmac           AlgId = 13
	AlgIdHkdf           AlgId = 14
	AlgIdPkcs5Pbkdf2    AlgId = 15
	AlgIdPkcs5Pbes2     AlgId = 16
	AlgIdCompoundKey    AlgId = 17
	AlgIdHybridKey      AlgId = 18
	AlgIdFalcon         AlgId = 19
	AlgIdRound5Nd1cca5d AlgId = 20
	AlgIdRandomPadding  AlgId = 21
)

func OidIdToAlgId

func OidIdToAlgId(oidId OidId) AlgId

* Map oid identifier to the algorithm identifier.

func OidToAlgId

func OidToAlgId(oid []byte) AlgId

* Return algorithm identifier for given OID.

type AlgInfo

type AlgInfo interface {

	/*
	 * Provide algorithm identificator.
	 */
	AlgId() AlgId

	/*
	 * Release underlying C context.
	 */
	Delete()
	// contains filtered or unexported methods
}

* Provide details about implemented algorithms.

func FoundationImplementationWrapAlgInfo

func FoundationImplementationWrapAlgInfo(ctx *C.vscf_impl_t) (AlgInfo, error)

Wrap C implementation object to the Go object that implements interface AlgInfo.

func FoundationImplementationWrapAlgInfoCopy added in v6.0.12

func FoundationImplementationWrapAlgInfoCopy(ctx *C.vscf_impl_t) (AlgInfo, error)

Wrap C implementation object to the Go object that implements interface AlgInfo.

type AlgInfoDerDeserializer

type AlgInfoDerDeserializer struct {
	// contains filtered or unexported fields
}

* Provide DER deserializer of algorithm information.

func NewAlgInfoDerDeserializer

func NewAlgInfoDerDeserializer() *AlgInfoDerDeserializer

func (*AlgInfoDerDeserializer) Ctx

func (obj *AlgInfoDerDeserializer) Ctx() uintptr

Handle underlying C context.

func (*AlgInfoDerDeserializer) Delete

func (obj *AlgInfoDerDeserializer) Delete()

* Release underlying C context.

func (*AlgInfoDerDeserializer) Deserialize

func (obj *AlgInfoDerDeserializer) Deserialize(data []byte) (AlgInfo, error)

* Deserialize algorithm from the data.

func (*AlgInfoDerDeserializer) DeserializeInplace

func (obj *AlgInfoDerDeserializer) DeserializeInplace() (AlgInfo, error)

* Deserialize by using internal ASN.1 reader. * Note, that caller code is responsible to reset ASN.1 reader with * an input buffer.

func (*AlgInfoDerDeserializer) SetAsn1Reader

func (obj *AlgInfoDerDeserializer) SetAsn1Reader(asn1Reader Asn1Reader)

func (*AlgInfoDerDeserializer) SetupDefaults

func (obj *AlgInfoDerDeserializer) SetupDefaults()

* Setup predefined values to the uninitialized class dependencies.

type AlgInfoDerSerializer

type AlgInfoDerSerializer struct {
	// contains filtered or unexported fields
}

* Provide DER serializer of algorithm information.

func NewAlgInfoDerSerializer

func NewAlgInfoDerSerializer() *AlgInfoDerSerializer

func (*AlgInfoDerSerializer) Ctx

func (obj *AlgInfoDerSerializer) Ctx() uintptr

Handle underlying C context.

func (*AlgInfoDerSerializer) Delete

func (obj *AlgInfoDerSerializer) Delete()

* Release underlying C context.

func (*AlgInfoDerSerializer) Serialize

func (obj *AlgInfoDerSerializer) Serialize(algInfo AlgInfo) []byte

* Serialize algorithm info to buffer class.

func (*AlgInfoDerSerializer) SerializeInplace

func (obj *AlgInfoDerSerializer) SerializeInplace(algInfo AlgInfo) uint

* Serialize by using internal ASN.1 writer. * Note, that caller code is responsible to reset ASN.1 writer with * an output buffer.

func (*AlgInfoDerSerializer) SerializedLen

func (obj *AlgInfoDerSerializer) SerializedLen(algInfo AlgInfo) uint

* Return buffer size enough to hold serialized algorithm.

func (*AlgInfoDerSerializer) SetAsn1Writer

func (obj *AlgInfoDerSerializer) SetAsn1Writer(asn1Writer Asn1Writer)

func (*AlgInfoDerSerializer) SetupDefaults

func (obj *AlgInfoDerSerializer) SetupDefaults()

* Setup predefined values to the uninitialized class dependencies.

type AlgInfoDeserializer

type AlgInfoDeserializer interface {

	/*
	 * Deserialize algorithm from the data.
	 */
	Deserialize(data []byte) (AlgInfo, error)

	/*
	 * Release underlying C context.
	 */
	Delete()
	// contains filtered or unexported methods
}

* Provide algorithm deserialization.

func FoundationImplementationWrapAlgInfoDeserializer

func FoundationImplementationWrapAlgInfoDeserializer(ctx *C.vscf_impl_t) (AlgInfoDeserializer, error)

Wrap C implementation object to the Go object that implements interface AlgInfoDeserializer.

func FoundationImplementationWrapAlgInfoDeserializerCopy added in v6.0.12

func FoundationImplementationWrapAlgInfoDeserializerCopy(ctx *C.vscf_impl_t) (AlgInfoDeserializer, error)

Wrap C implementation object to the Go object that implements interface AlgInfoDeserializer.

type AlgInfoSerializer

type AlgInfoSerializer interface {

	/*
	 * Return buffer size enough to hold serialized algorithm.
	 */
	SerializedLen(algInfo AlgInfo) uint

	/*
	 * Serialize algorithm info to buffer class.
	 */
	Serialize(algInfo AlgInfo) []byte

	/*
	 * Release underlying C context.
	 */
	Delete()
	// contains filtered or unexported methods
}

* Provide serialization of algorithm

func FoundationImplementationWrapAlgInfoSerializer

func FoundationImplementationWrapAlgInfoSerializer(ctx *C.vscf_impl_t) (AlgInfoSerializer, error)

Wrap C implementation object to the Go object that implements interface AlgInfoSerializer.

func FoundationImplementationWrapAlgInfoSerializerCopy added in v6.0.12

func FoundationImplementationWrapAlgInfoSerializerCopy(ctx *C.vscf_impl_t) (AlgInfoSerializer, error)

Wrap C implementation object to the Go object that implements interface AlgInfoSerializer.

type Asn1Reader

type Asn1Reader interface {

	/*
	 * Reset all internal states and prepare to new ASN.1 reading operations.
	 */
	Reset(data []byte)

	/*
	 * Return length in bytes how many bytes are left for reading.
	 */
	LeftLen() uint

	/*
	 * Return true if status is not "success".
	 */
	HasError() bool

	/*
	 * Return error code.
	 */
	Status() error

	/*
	 * Get tag of the current ASN.1 element.
	 */
	GetTag() int32

	/*
	 * Get length of the current ASN.1 element.
	 */
	GetLen() uint

	/*
	 * Get length of the current ASN.1 element with tag and length itself.
	 */
	GetDataLen() uint

	/*
	 * Read ASN.1 type: TAG.
	 * Return element length.
	 */
	ReadTag(tag int32) uint

	/*
	 * Read ASN.1 type: context-specific TAG.
	 * Return element length.
	 * Return 0 if current position do not points to the requested tag.
	 */
	ReadContextTag(tag int32) uint

	/*
	 * Read ASN.1 type: INTEGER.
	 */
	ReadInt() int32

	/*
	 * Read ASN.1 type: INTEGER.
	 */
	ReadInt8() int8

	/*
	 * Read ASN.1 type: INTEGER.
	 */
	ReadInt16() int16

	/*
	 * Read ASN.1 type: INTEGER.
	 */
	ReadInt32() int32

	/*
	 * Read ASN.1 type: INTEGER.
	 */
	ReadInt64() int64

	/*
	 * Read ASN.1 type: INTEGER.
	 */
	ReadUint() uint32

	/*
	 * Read ASN.1 type: INTEGER.
	 */
	ReadUint8() uint8

	/*
	 * Read ASN.1 type: INTEGER.
	 */
	ReadUint16() uint16

	/*
	 * Read ASN.1 type: INTEGER.
	 */
	ReadUint32() uint32

	/*
	 * Read ASN.1 type: INTEGER.
	 */
	ReadUint64() uint64

	/*
	 * Read ASN.1 type: BOOLEAN.
	 */
	ReadBool() bool

	/*
	 * Read ASN.1 type: NULL.
	 */
	ReadNull()

	/*
	 * Read ASN.1 type: NULL, only if it exists.
	 * Note, this method is safe to call even no more data is left for reading.
	 */
	ReadNullOptional()

	/*
	 * Read ASN.1 type: OCTET STRING.
	 */
	ReadOctetStr() []byte

	/*
	 * Read ASN.1 type: BIT STRING.
	 */
	ReadBitstringAsOctetStr() []byte

	/*
	 * Read ASN.1 type: UTF8String.
	 */
	ReadUtf8Str() []byte

	/*
	 * Read ASN.1 type: OID.
	 */
	ReadOid() []byte

	/*
	 * Read raw data of given length.
	 */
	ReadData(len uint) []byte

	/*
	 * Read ASN.1 type: SEQUENCE.
	 * Return element length.
	 */
	ReadSequence() uint

	/*
	 * Read ASN.1 type: SET.
	 * Return element length.
	 */
	ReadSet() uint

	/*
	 * Release underlying C context.
	 */
	Delete()
	// contains filtered or unexported methods
}

* Provides interface to the ASN.1 reader. * Note, that all "read" methods move reading position forward. * Note, that all "get" do not change reading position.

func FoundationImplementationWrapAsn1Reader

func FoundationImplementationWrapAsn1Reader(ctx *C.vscf_impl_t) (Asn1Reader, error)

Wrap C implementation object to the Go object that implements interface Asn1Reader.

func FoundationImplementationWrapAsn1ReaderCopy added in v6.0.12

func FoundationImplementationWrapAsn1ReaderCopy(ctx *C.vscf_impl_t) (Asn1Reader, error)

Wrap C implementation object to the Go object that implements interface Asn1Reader.

type Asn1Tag

type Asn1Tag int

* ASN.1 constants.

const (
	Asn1TagBoolean         Asn1Tag = 0x01
	Asn1TagInteger         Asn1Tag = 0x02
	Asn1TagBitString       Asn1Tag = 0x03
	Asn1TagOctetString     Asn1Tag = 0x04
	Asn1TagNull            Asn1Tag = 0x05
	Asn1TagOid             Asn1Tag = 0x06
	Asn1TagUtf8String      Asn1Tag = 0x0C
	Asn1TagSequence        Asn1Tag = 0x10
	Asn1TagSet             Asn1Tag = 0x11
	Asn1TagPrintableString Asn1Tag = 0x13
	Asn1TagT61String       Asn1Tag = 0x14
	Asn1TagIa5String       Asn1Tag = 0x16
	Asn1TagUtcTime         Asn1Tag = 0x17
	Asn1TagGeneralizedTime Asn1Tag = 0x18
	Asn1TagUniversalString Asn1Tag = 0x1C
	Asn1TagBmpString       Asn1Tag = 0x1E
	Asn1TagPrimitive       Asn1Tag = 0x00
	Asn1TagConstructed     Asn1Tag = 0x20
	Asn1TagContextSpecific Asn1Tag = 0x80
)

type Asn1Writer

type Asn1Writer interface {

	/*
	 * Reset all internal states and prepare to new ASN.1 writing operations.
	 */
	Reset(out []byte, outLen uint)

	/*
	 * Finalize writing and forbid further operations.
	 *
	 * Note, that ASN.1 structure is always written to the buffer end, and
	 * if argument "do not adjust" is false, then data is moved to the
	 * beginning, otherwise - data is left at the buffer end.
	 *
	 * Returns length of the written bytes.
	 */
	Finish(doNotAdjust bool) uint

	/*
	 * Returns pointer to the inner buffer.
	 */
	Bytes() unsafe.Pointer

	/*
	 * Returns total inner buffer length.
	 */
	Len() uint

	/*
	 * Returns how many bytes were already written to the ASN.1 structure.
	 */
	WrittenLen() uint

	/*
	 * Returns how many bytes are available for writing.
	 */
	UnwrittenLen() uint

	/*
	 * Return true if status is not "success".
	 */
	HasError() bool

	/*
	 * Return error code.
	 */
	Status() error

	/*
	 * Move writing position backward for the given length.
	 * Return current writing position.
	 */
	Reserve(len uint) unsafe.Pointer

	/*
	 * Write ASN.1 tag.
	 * Return count of written bytes.
	 */
	WriteTag(tag int32) uint

	/*
	 * Write context-specific ASN.1 tag.
	 * Return count of written bytes.
	 */
	WriteContextTag(tag int32, len uint) uint

	/*
	 * Write length of the following data.
	 * Return count of written bytes.
	 */
	WriteLen(len uint) uint

	/*
	 * Write ASN.1 type: INTEGER.
	 * Return count of written bytes.
	 */
	WriteInt(value int32) uint

	/*
	 * Write ASN.1 type: INTEGER.
	 * Return count of written bytes.
	 */
	WriteInt8(value int8) uint

	/*
	 * Write ASN.1 type: INTEGER.
	 * Return count of written bytes.
	 */
	WriteInt16(value int16) uint

	/*
	 * Write ASN.1 type: INTEGER.
	 * Return count of written bytes.
	 */
	WriteInt32(value int32) uint

	/*
	 * Write ASN.1 type: INTEGER.
	 * Return count of written bytes.
	 */
	WriteInt64(value int64) uint

	/*
	 * Write ASN.1 type: INTEGER.
	 * Return count of written bytes.
	 */
	WriteUint(value uint32) uint

	/*
	 * Write ASN.1 type: INTEGER.
	 * Return count of written bytes.
	 */
	WriteUint8(value uint8) uint

	/*
	 * Write ASN.1 type: INTEGER.
	 * Return count of written bytes.
	 */
	WriteUint16(value uint16) uint

	/*
	 * Write ASN.1 type: INTEGER.
	 * Return count of written bytes.
	 */
	WriteUint32(value uint32) uint

	/*
	 * Write ASN.1 type: INTEGER.
	 * Return count of written bytes.
	 */
	WriteUint64(value uint64) uint

	/*
	 * Write ASN.1 type: BOOLEAN.
	 * Return count of written bytes.
	 */
	WriteBool(value bool) uint

	/*
	 * Write ASN.1 type: NULL.
	 */
	WriteNull() uint

	/*
	 * Write ASN.1 type: OCTET STRING.
	 * Return count of written bytes.
	 */
	WriteOctetStr(value []byte) uint

	/*
	 * Write ASN.1 type: BIT STRING with all zero unused bits.
	 *
	 * Return count of written bytes.
	 */
	WriteOctetStrAsBitstring(value []byte) uint

	/*
	 * Write raw data directly to the ASN.1 structure.
	 * Return count of written bytes.
	 * Note, use this method carefully.
	 */
	WriteData(data []byte) uint

	/*
	 * Write ASN.1 type: UTF8String.
	 * Return count of written bytes.
	 */
	WriteUtf8Str(value []byte) uint

	/*
	 * Write ASN.1 type: OID.
	 * Return count of written bytes.
	 */
	WriteOid(value []byte) uint

	/*
	 * Mark previously written data of given length as ASN.1 type: SEQUENCE.
	 * Return count of written bytes.
	 */
	WriteSequence(len uint) uint

	/*
	 * Mark previously written data of given length as ASN.1 type: SET.
	 * Return count of written bytes.
	 */
	WriteSet(len uint) uint

	/*
	 * Release underlying C context.
	 */
	Delete()
	// contains filtered or unexported methods
}

* Provides interface to the ASN.1 writer. * Note, elements are written starting from the buffer ending. * Note, that all "write" methods move writing position backward.

func FoundationImplementationWrapAsn1Writer

func FoundationImplementationWrapAsn1Writer(ctx *C.vscf_impl_t) (Asn1Writer, error)

Wrap C implementation object to the Go object that implements interface Asn1Writer.

func FoundationImplementationWrapAsn1WriterCopy added in v6.0.12

func FoundationImplementationWrapAsn1WriterCopy(ctx *C.vscf_impl_t) (Asn1Writer, error)

Wrap C implementation object to the Go object that implements interface Asn1Writer.

type Asn1rd

type Asn1rd struct {
	// contains filtered or unexported fields
}

* This is MbedTLS implementation of ASN.1 reader.

func NewAsn1rd

func NewAsn1rd() *Asn1rd

func (*Asn1rd) Ctx

func (obj *Asn1rd) Ctx() uintptr

Handle underlying C context.

func (*Asn1rd) Delete

func (obj *Asn1rd) Delete()

* Release underlying C context.

func (*Asn1rd) GetDataLen

func (obj *Asn1rd) GetDataLen() uint

* Get length of the current ASN.1 element with tag and length itself.

func (*Asn1rd) GetLen

func (obj *Asn1rd) GetLen() uint

* Get length of the current ASN.1 element.

func (*Asn1rd) GetTag

func (obj *Asn1rd) GetTag() int32

* Get tag of the current ASN.1 element.

func (*Asn1rd) HasError

func (obj *Asn1rd) HasError() bool

* Return true if status is not "success".

func (*Asn1rd) LeftLen

func (obj *Asn1rd) LeftLen() uint

* Return length in bytes how many bytes are left for reading.

func (*Asn1rd) ReadBitstringAsOctetStr

func (obj *Asn1rd) ReadBitstringAsOctetStr() []byte

* Read ASN.1 type: BIT STRING.

func (*Asn1rd) ReadBool

func (obj *Asn1rd) ReadBool() bool

* Read ASN.1 type: BOOLEAN.

func (*Asn1rd) ReadContextTag

func (obj *Asn1rd) ReadContextTag(tag int32) uint

* Read ASN.1 type: context-specific TAG. * Return element length. * Return 0 if current position do not points to the requested tag.

func (*Asn1rd) ReadData

func (obj *Asn1rd) ReadData(len uint) []byte

* Read raw data of given length.

func (*Asn1rd) ReadInt

func (obj *Asn1rd) ReadInt() int32

* Read ASN.1 type: INTEGER.

func (*Asn1rd) ReadInt16

func (obj *Asn1rd) ReadInt16() int16

* Read ASN.1 type: INTEGER.

func (*Asn1rd) ReadInt32

func (obj *Asn1rd) ReadInt32() int32

* Read ASN.1 type: INTEGER.

func (*Asn1rd) ReadInt64

func (obj *Asn1rd) ReadInt64() int64

* Read ASN.1 type: INTEGER.

func (*Asn1rd) ReadInt8

func (obj *Asn1rd) ReadInt8() int8

* Read ASN.1 type: INTEGER.

func (*Asn1rd) ReadNull

func (obj *Asn1rd) ReadNull()

* Read ASN.1 type: NULL.

func (*Asn1rd) ReadNullOptional

func (obj *Asn1rd) ReadNullOptional()

* Read ASN.1 type: NULL, only if it exists. * Note, this method is safe to call even no more data is left for reading.

func (*Asn1rd) ReadOctetStr

func (obj *Asn1rd) ReadOctetStr() []byte

* Read ASN.1 type: OCTET STRING.

func (*Asn1rd) ReadOid

func (obj *Asn1rd) ReadOid() []byte

* Read ASN.1 type: OID.

func (*Asn1rd) ReadSequence

func (obj *Asn1rd) ReadSequence() uint

* Read ASN.1 type: SEQUENCE. * Return element length.

func (*Asn1rd) ReadSet

func (obj *Asn1rd) ReadSet() uint

* Read ASN.1 type: SET. * Return element length.

func (*Asn1rd) ReadTag

func (obj *Asn1rd) ReadTag(tag int32) uint

* Read ASN.1 type: TAG. * Return element length.

func (*Asn1rd) ReadUint

func (obj *Asn1rd) ReadUint() uint32

* Read ASN.1 type: INTEGER.

func (*Asn1rd) ReadUint16

func (obj *Asn1rd) ReadUint16() uint16

* Read ASN.1 type: INTEGER.

func (*Asn1rd) ReadUint32

func (obj *Asn1rd) ReadUint32() uint32

* Read ASN.1 type: INTEGER.

func (*Asn1rd) ReadUint64

func (obj *Asn1rd) ReadUint64() uint64

* Read ASN.1 type: INTEGER.

func (*Asn1rd) ReadUint8

func (obj *Asn1rd) ReadUint8() uint8

* Read ASN.1 type: INTEGER.

func (*Asn1rd) ReadUtf8Str

func (obj *Asn1rd) ReadUtf8Str() []byte

* Read ASN.1 type: UTF8String.

func (*Asn1rd) Reset

func (obj *Asn1rd) Reset(data []byte)

* Reset all internal states and prepare to new ASN.1 reading operations.

func (*Asn1rd) Status

func (obj *Asn1rd) Status() error

* Return error code.

type Asn1wr

type Asn1wr struct {
	// contains filtered or unexported fields
}

* This is MbedTLS implementation of ASN.1 writer.

func NewAsn1wr

func NewAsn1wr() *Asn1wr

func (*Asn1wr) Bytes

func (obj *Asn1wr) Bytes() unsafe.Pointer

* Returns pointer to the inner buffer.

func (*Asn1wr) Ctx

func (obj *Asn1wr) Ctx() uintptr

Handle underlying C context.

func (*Asn1wr) Delete

func (obj *Asn1wr) Delete()

* Release underlying C context.

func (*Asn1wr) Finish

func (obj *Asn1wr) Finish(doNotAdjust bool) uint

* Finalize writing and forbid further operations. * * Note, that ASN.1 structure is always written to the buffer end, and * if argument "do not adjust" is false, then data is moved to the * beginning, otherwise - data is left at the buffer end. * * Returns length of the written bytes.

func (*Asn1wr) HasError

func (obj *Asn1wr) HasError() bool

* Return true if status is not "success".

func (*Asn1wr) Len

func (obj *Asn1wr) Len() uint

* Returns total inner buffer length.

func (*Asn1wr) Reserve

func (obj *Asn1wr) Reserve(len uint) unsafe.Pointer

* Move writing position backward for the given length. * Return current writing position.

func (*Asn1wr) Reset

func (obj *Asn1wr) Reset(out []byte, outLen uint)

* Reset all internal states and prepare to new ASN.1 writing operations.

func (*Asn1wr) Status

func (obj *Asn1wr) Status() error

* Return error code.

func (*Asn1wr) UnwrittenLen

func (obj *Asn1wr) UnwrittenLen() uint

* Returns how many bytes are available for writing.

func (*Asn1wr) WriteBool

func (obj *Asn1wr) WriteBool(value bool) uint

* Write ASN.1 type: BOOLEAN. * Return count of written bytes.

func (*Asn1wr) WriteContextTag

func (obj *Asn1wr) WriteContextTag(tag int32, len uint) uint

* Write context-specific ASN.1 tag. * Return count of written bytes.

func (*Asn1wr) WriteData

func (obj *Asn1wr) WriteData(data []byte) uint

* Write raw data directly to the ASN.1 structure. * Return count of written bytes. * Note, use this method carefully.

func (*Asn1wr) WriteInt

func (obj *Asn1wr) WriteInt(value int32) uint

* Write ASN.1 type: INTEGER. * Return count of written bytes.

func (*Asn1wr) WriteInt16

func (obj *Asn1wr) WriteInt16(value int16) uint

* Write ASN.1 type: INTEGER. * Return count of written bytes.

func (*Asn1wr) WriteInt32

func (obj *Asn1wr) WriteInt32(value int32) uint

* Write ASN.1 type: INTEGER. * Return count of written bytes.

func (*Asn1wr) WriteInt64

func (obj *Asn1wr) WriteInt64(value int64) uint

* Write ASN.1 type: INTEGER. * Return count of written bytes.

func (*Asn1wr) WriteInt8

func (obj *Asn1wr) WriteInt8(value int8) uint

* Write ASN.1 type: INTEGER. * Return count of written bytes.

func (*Asn1wr) WriteLen

func (obj *Asn1wr) WriteLen(len uint) uint

* Write length of the following data. * Return count of written bytes.

func (*Asn1wr) WriteNull

func (obj *Asn1wr) WriteNull() uint

* Write ASN.1 type: NULL.

func (*Asn1wr) WriteOctetStr

func (obj *Asn1wr) WriteOctetStr(value []byte) uint

* Write ASN.1 type: OCTET STRING. * Return count of written bytes.

func (*Asn1wr) WriteOctetStrAsBitstring

func (obj *Asn1wr) WriteOctetStrAsBitstring(value []byte) uint

* Write ASN.1 type: BIT STRING with all zero unused bits. * * Return count of written bytes.

func (*Asn1wr) WriteOid

func (obj *Asn1wr) WriteOid(value []byte) uint

* Write ASN.1 type: OID. * Return count of written bytes.

func (*Asn1wr) WriteSequence

func (obj *Asn1wr) WriteSequence(len uint) uint

* Mark previously written data of given length as ASN.1 type: SEQUENCE. * Return count of written bytes.

func (*Asn1wr) WriteSet

func (obj *Asn1wr) WriteSet(len uint) uint

* Mark previously written data of given length as ASN.1 type: SET. * Return count of written bytes.

func (*Asn1wr) WriteTag

func (obj *Asn1wr) WriteTag(tag int32) uint

* Write ASN.1 tag. * Return count of written bytes.

func (*Asn1wr) WriteUint

func (obj *Asn1wr) WriteUint(value uint32) uint

* Write ASN.1 type: INTEGER. * Return count of written bytes.

func (*Asn1wr) WriteUint16

func (obj *Asn1wr) WriteUint16(value uint16) uint

* Write ASN.1 type: INTEGER. * Return count of written bytes.

func (*Asn1wr) WriteUint32

func (obj *Asn1wr) WriteUint32(value uint32) uint

* Write ASN.1 type: INTEGER. * Return count of written bytes.

func (*Asn1wr) WriteUint64

func (obj *Asn1wr) WriteUint64(value uint64) uint

* Write ASN.1 type: INTEGER. * Return count of written bytes.

func (*Asn1wr) WriteUint8

func (obj *Asn1wr) WriteUint8(value uint8) uint

* Write ASN.1 type: INTEGER. * Return count of written bytes.

func (*Asn1wr) WriteUtf8Str

func (obj *Asn1wr) WriteUtf8Str(value []byte) uint

* Write ASN.1 type: UTF8String. * Return count of written bytes.

func (*Asn1wr) WrittenLen

func (obj *Asn1wr) WrittenLen() uint

* Returns how many bytes were already written to the ASN.1 structure.

type AuthDecrypt

type AuthDecrypt interface {

	/*
	 * Decrypt given data.
	 * If 'tag' is not given, then it will be taken from the 'enc'.
	 */
	AuthDecrypt(data []byte, authData []byte, tag []byte) ([]byte, error)

	/*
	 * Calculate required buffer length to hold the authenticated decrypted data.
	 */
	AuthDecryptedLen(dataLen uint) uint

	/*
	 * Release underlying C context.
	 */
	Delete()
	// contains filtered or unexported methods
}

* Provide interface for data encryption.

func FoundationImplementationWrapAuthDecrypt

func FoundationImplementationWrapAuthDecrypt(ctx *C.vscf_impl_t) (AuthDecrypt, error)

Wrap C implementation object to the Go object that implements interface AuthDecrypt.

func FoundationImplementationWrapAuthDecryptCopy added in v6.0.12

func FoundationImplementationWrapAuthDecryptCopy(ctx *C.vscf_impl_t) (AuthDecrypt, error)

Wrap C implementation object to the Go object that implements interface AuthDecrypt.

type AuthEncrypt

type AuthEncrypt interface {

	/*
	 * Encrypt given data.
	 * If 'tag' is not given, then it will written to the 'enc'.
	 */
	AuthEncrypt(data []byte, authData []byte) ([]byte, []byte, error)

	/*
	 * Calculate required buffer length to hold the authenticated encrypted data.
	 */
	AuthEncryptedLen(dataLen uint) uint

	/*
	 * Release underlying C context.
	 */
	Delete()
	// contains filtered or unexported methods
}

* Provide interface for authenticated data encryption.

func FoundationImplementationWrapAuthEncrypt

func FoundationImplementationWrapAuthEncrypt(ctx *C.vscf_impl_t) (AuthEncrypt, error)

Wrap C implementation object to the Go object that implements interface AuthEncrypt.

func FoundationImplementationWrapAuthEncryptCopy added in v6.0.12

func FoundationImplementationWrapAuthEncryptCopy(ctx *C.vscf_impl_t) (AuthEncrypt, error)

Wrap C implementation object to the Go object that implements interface AuthEncrypt.

type Base64

type Base64 struct {
}

* Implementation of the Base64 algorithm RFC 1421 and RFC 2045.

type BrainkeyClient

type BrainkeyClient struct {
	// contains filtered or unexported fields
}

func NewBrainkeyClient

func NewBrainkeyClient() *BrainkeyClient

func (*BrainkeyClient) Blind

func (obj *BrainkeyClient) Blind(password []byte) ([]byte, []byte, error)

func (*BrainkeyClient) Ctx

func (obj *BrainkeyClient) Ctx() uintptr

Handle underlying C context.

func (*BrainkeyClient) Deblind

func (obj *BrainkeyClient) Deblind(password []byte, hardenedPoint []byte, deblindFactor []byte, keyName []byte) ([]byte, error)

func (*BrainkeyClient) Delete

func (obj *BrainkeyClient) Delete()

* Release underlying C context.

func (*BrainkeyClient) SetOperationRandom

func (obj *BrainkeyClient) SetOperationRandom(operationRandom Random)

* Random used for crypto operations to make them const-time

func (*BrainkeyClient) SetRandom

func (obj *BrainkeyClient) SetRandom(random Random)

* Random used for key generation, proofs, etc.

func (*BrainkeyClient) SetupDefaults

func (obj *BrainkeyClient) SetupDefaults() error

type BrainkeyServer

type BrainkeyServer struct {
	// contains filtered or unexported fields
}

func NewBrainkeyServer

func NewBrainkeyServer() *BrainkeyServer

func (*BrainkeyServer) Ctx

func (obj *BrainkeyServer) Ctx() uintptr

Handle underlying C context.

func (*BrainkeyServer) Delete

func (obj *BrainkeyServer) Delete()

* Release underlying C context.

func (*BrainkeyServer) GenerateIdentitySecret

func (obj *BrainkeyServer) GenerateIdentitySecret() ([]byte, error)

func (*BrainkeyServer) Harden

func (obj *BrainkeyServer) Harden(identitySecret []byte, blindedPoint []byte) ([]byte, error)

func (*BrainkeyServer) SetOperationRandom

func (obj *BrainkeyServer) SetOperationRandom(operationRandom Random)

* Random used for crypto operations to make them const-time

func (*BrainkeyServer) SetRandom

func (obj *BrainkeyServer) SetRandom(random Random)

* Random used for key generation, proofs, etc.

func (*BrainkeyServer) SetupDefaults

func (obj *BrainkeyServer) SetupDefaults() error

type Cipher

type Cipher interface {

	/*
	 * Setup IV or nonce.
	 */
	SetNonce(nonce []byte)

	/*
	 * Set cipher encryption / decryption key.
	 */
	SetKey(key []byte)

	/*
	 * Start sequential encryption.
	 */
	StartEncryption()

	/*
	 * Start sequential decryption.
	 */
	StartDecryption()

	/*
	 * Process encryption or decryption of the given data chunk.
	 */
	Update(data []byte) []byte

	/*
	 * Return buffer length required to hold an output of the methods
	 * "update" or "finish" in an current mode.
	 * Pass zero length to define buffer length of the method "finish".
	 */
	OutLen(dataLen uint) uint

	/*
	 * Return buffer length required to hold an output of the methods
	 * "update" or "finish" in an encryption mode.
	 * Pass zero length to define buffer length of the method "finish".
	 */
	EncryptedOutLen(dataLen uint) uint

	/*
	 * Return buffer length required to hold an output of the methods
	 * "update" or "finish" in an decryption mode.
	 * Pass zero length to define buffer length of the method "finish".
	 */
	DecryptedOutLen(dataLen uint) uint

	/*
	 * Accomplish encryption or decryption process.
	 */
	Finish() ([]byte, error)

	/*
	 * Release underlying C context.
	 */
	Delete()
	// contains filtered or unexported methods
}

* Provide interface for symmetric ciphers.

func AlgFactoryCreateCipherFromInfo

func AlgFactoryCreateCipherFromInfo(algInfo AlgInfo) (Cipher, error)

* Create algorithm that implements "cipher" interface.

func FoundationImplementationWrapCipher

func FoundationImplementationWrapCipher(ctx *C.vscf_impl_t) (Cipher, error)

Wrap C implementation object to the Go object that implements interface Cipher.

func FoundationImplementationWrapCipherCopy added in v6.0.12

func FoundationImplementationWrapCipherCopy(ctx *C.vscf_impl_t) (Cipher, error)

Wrap C implementation object to the Go object that implements interface Cipher.

type CipherAlgInfo

type CipherAlgInfo struct {
	// contains filtered or unexported fields
}

* Handle symmetric cipher algorithm information.

func NewCipherAlgInfo

func NewCipherAlgInfo() *CipherAlgInfo

func NewCipherAlgInfoWithMembers

func NewCipherAlgInfoWithMembers(algId AlgId, nonce []byte) *CipherAlgInfo

* Create symmetric cipher algorithm info with identificator and input vector.

func (*CipherAlgInfo) AlgId

func (obj *CipherAlgInfo) AlgId() AlgId

* Provide algorithm identificator.

func (*CipherAlgInfo) Ctx

func (obj *CipherAlgInfo) Ctx() uintptr

Handle underlying C context.

func (*CipherAlgInfo) Delete

func (obj *CipherAlgInfo) Delete()

* Release underlying C context.

func (*CipherAlgInfo) Nonce

func (obj *CipherAlgInfo) Nonce() []byte

* Return IV.

type CipherAuth

type CipherAuth interface {

	/*
	 * Set additional data for for AEAD ciphers.
	 */
	SetAuthData(authData []byte)

	/*
	 * Accomplish an authenticated encryption and place tag separately.
	 *
	 * Note, if authentication tag should be added to an encrypted data,
	 * method "finish" can be used.
	 */
	FinishAuthEncryption() ([]byte, []byte, error)

	/*
	 * Accomplish an authenticated decryption with explicitly given tag.
	 *
	 * Note, if authentication tag is a part of an encrypted data then,
	 * method "finish" can be used for simplicity.
	 */
	FinishAuthDecryption(tag []byte) ([]byte, error)

	/*
	 * Release underlying C context.
	 */
	Delete()
	// contains filtered or unexported methods
}

* Mix-in interface that provides specific functionality to authenticated * encryption and decryption (AEAD ciphers).

func FoundationImplementationWrapCipherAuth

func FoundationImplementationWrapCipherAuth(ctx *C.vscf_impl_t) (CipherAuth, error)

Wrap C implementation object to the Go object that implements interface CipherAuth.

func FoundationImplementationWrapCipherAuthCopy added in v6.0.12

func FoundationImplementationWrapCipherAuthCopy(ctx *C.vscf_impl_t) (CipherAuth, error)

Wrap C implementation object to the Go object that implements interface CipherAuth.

type CipherAuthInfo

type CipherAuthInfo interface {

	/*
	 * Defines authentication tag length in bytes.
	 */
	GetAuthTagLen() uint

	/*
	 * Release underlying C context.
	 */
	Delete()
	// contains filtered or unexported methods
}

func FoundationImplementationWrapCipherAuthInfo

func FoundationImplementationWrapCipherAuthInfo(ctx *C.vscf_impl_t) (CipherAuthInfo, error)

Wrap C implementation object to the Go object that implements interface CipherAuthInfo.

func FoundationImplementationWrapCipherAuthInfoCopy added in v6.0.12

func FoundationImplementationWrapCipherAuthInfoCopy(ctx *C.vscf_impl_t) (CipherAuthInfo, error)

Wrap C implementation object to the Go object that implements interface CipherAuthInfo.

type CipherInfo

type CipherInfo interface {

	/*
	 * Cipher nfonce length or IV length in bytes, or 0 if nonce is not required.
	 */
	GetNonceLen() uint

	/*
	 * Cipher key length in bytes.
	 */
	GetKeyLen() uint

	/*
	 * Cipher key length in bits.
	 */
	GetKeyBitlen() uint

	/*
	 * Cipher block length in bytes.
	 */
	GetBlockLen() uint

	/*
	 * Release underlying C context.
	 */
	Delete()
	// contains filtered or unexported methods
}

* Provides compile time knownledge about algorithm.

func FoundationImplementationWrapCipherInfo

func FoundationImplementationWrapCipherInfo(ctx *C.vscf_impl_t) (CipherInfo, error)

Wrap C implementation object to the Go object that implements interface CipherInfo.

func FoundationImplementationWrapCipherInfoCopy added in v6.0.12

func FoundationImplementationWrapCipherInfoCopy(ctx *C.vscf_impl_t) (CipherInfo, error)

Wrap C implementation object to the Go object that implements interface CipherInfo.

type CipherState

type CipherState int

* Enumerates possible sequentail cipher's states.

const (
	/*
	 * Cipher is ready for new encryption / decryption operation.
	 */
	CipherStateInitial CipherState = 0
	/*
	 * Cipher is configured for encryption.
	 */
	CipherStateEncryption CipherState = 1
	/*
	 * Cipher is configured for decryption.
	 */
	CipherStateDecryption CipherState = 2
)

type CompoundKeyAlg

type CompoundKeyAlg struct {
	// contains filtered or unexported fields
}

* Implements public key cryptography over compound keys. * * Compound key contains 2 keys - one for encryption/decryption and * one for signing/verifying.

func NewCompoundKeyAlg

func NewCompoundKeyAlg() *CompoundKeyAlg

func (*CompoundKeyAlg) AlgId

func (obj *CompoundKeyAlg) AlgId() AlgId

* Provide algorithm identificator.

func (*CompoundKeyAlg) CanDecrypt

func (obj *CompoundKeyAlg) CanDecrypt(privateKey PrivateKey, dataLen uint) bool

* Check if algorithm can decrypt data with a given key. * However, success result of decryption is not guaranteed.

func (*CompoundKeyAlg) CanEncrypt

func (obj *CompoundKeyAlg) CanEncrypt(publicKey PublicKey, dataLen uint) bool

* Check if algorithm can encrypt data with a given key.

func (*CompoundKeyAlg) CanSign

func (obj *CompoundKeyAlg) CanSign(privateKey PrivateKey) bool

* Check if algorithm can sign data digest with a given key.

func (*CompoundKeyAlg) CanVerify

func (obj *CompoundKeyAlg) CanVerify(publicKey PublicKey) bool

* Check if algorithm can verify data digest with a given key.

func (*CompoundKeyAlg) Ctx

func (obj *CompoundKeyAlg) Ctx() uintptr

Handle underlying C context.

func (*CompoundKeyAlg) Decrypt

func (obj *CompoundKeyAlg) Decrypt(privateKey PrivateKey, data []byte) ([]byte, error)

* Decrypt given data.

func (*CompoundKeyAlg) DecryptedLen

func (obj *CompoundKeyAlg) DecryptedLen(privateKey PrivateKey, dataLen uint) uint

* Calculate required buffer length to hold the decrypted data.

func (*CompoundKeyAlg) Delete

func (obj *CompoundKeyAlg) Delete()

* Release underlying C context.

func (*CompoundKeyAlg) Encrypt

func (obj *CompoundKeyAlg) Encrypt(publicKey PublicKey, data []byte) ([]byte, error)

* Encrypt data with a given public key.

func (*CompoundKeyAlg) EncryptedLen

func (obj *CompoundKeyAlg) EncryptedLen(publicKey PublicKey, dataLen uint) uint

* Calculate required buffer length to hold the encrypted data.

func (*CompoundKeyAlg) ExportPrivateKey

func (obj *CompoundKeyAlg) ExportPrivateKey(privateKey PrivateKey) (*RawPrivateKey, error)

* Export private key in the raw binary format. * * Binary format must be defined in the key specification. * For instance, RSA private key must be exported in format defined in * RFC 3447 Appendix A.1.2.

func (*CompoundKeyAlg) ExportPublicKey

func (obj *CompoundKeyAlg) ExportPublicKey(publicKey PublicKey) (*RawPublicKey, error)

* Export public key to the raw binary format. * * Binary format must be defined in the key specification. * For instance, RSA public key must be exported in format defined in * RFC 3447 Appendix A.1.1.

func (*CompoundKeyAlg) GenerateEphemeralKey

func (obj *CompoundKeyAlg) GenerateEphemeralKey(key Key) (PrivateKey, error)

* Generate ephemeral private key of the same type. * Note, this operation might be slow.

func (*CompoundKeyAlg) GetCanExportPrivateKey

func (obj *CompoundKeyAlg) GetCanExportPrivateKey() bool

* Define whether a private key can be exported or not.

func (*CompoundKeyAlg) GetCanExportPublicKey

func (obj *CompoundKeyAlg) GetCanExportPublicKey() bool

* Define whether a public key can be exported or not.

func (*CompoundKeyAlg) GetCanImportPrivateKey

func (obj *CompoundKeyAlg) GetCanImportPrivateKey() bool

* Define whether a private key can be imported or not.

func (*CompoundKeyAlg) GetCanImportPublicKey

func (obj *CompoundKeyAlg) GetCanImportPublicKey() bool

* Defines whether a public key can be imported or not.

func (*CompoundKeyAlg) ImportPrivateKey

func (obj *CompoundKeyAlg) ImportPrivateKey(rawKey *RawPrivateKey) (PrivateKey, error)

* Import private key from the raw binary format. * * Return private key that is adopted and optimized to be used * with this particular algorithm. * * Binary format must be defined in the key specification. * For instance, RSA private key must be imported from the format defined in * RFC 3447 Appendix A.1.2.

func (*CompoundKeyAlg) ImportPublicKey

func (obj *CompoundKeyAlg) ImportPublicKey(rawKey *RawPublicKey) (PublicKey, error)

* Import public key from the raw binary format. * * Return public key that is adopted and optimized to be used * with this particular algorithm. * * Binary format must be defined in the key specification. * For instance, RSA public key must be imported from the format defined in * RFC 3447 Appendix A.1.1.

func (*CompoundKeyAlg) MakeKey

func (obj *CompoundKeyAlg) MakeKey(cipherKey PrivateKey, signerKey PrivateKey) (PrivateKey, error)

* Make compound private key from given. * * Note, this operation might be slow.

func (*CompoundKeyAlg) ProduceAlgInfo

func (obj *CompoundKeyAlg) ProduceAlgInfo() (AlgInfo, error)

* Produce object with algorithm information and configuration parameters.

func (*CompoundKeyAlg) RestoreAlgInfo

func (obj *CompoundKeyAlg) RestoreAlgInfo(algInfo AlgInfo) error

* Restore algorithm configuration from the given object.

func (*CompoundKeyAlg) SetRandom

func (obj *CompoundKeyAlg) SetRandom(random Random)

func (*CompoundKeyAlg) SetupDefaults

func (obj *CompoundKeyAlg) SetupDefaults() error

* Setup predefined values to the uninitialized class dependencies.

func (*CompoundKeyAlg) SignHash

func (obj *CompoundKeyAlg) SignHash(privateKey PrivateKey, hashId AlgId, digest []byte) ([]byte, error)

* Sign data digest with a given private key.

func (*CompoundKeyAlg) SignatureLen

func (obj *CompoundKeyAlg) SignatureLen(privateKey PrivateKey) uint

* Return length in bytes required to hold signature. * Return zero if a given private key can not produce signatures.

func (*CompoundKeyAlg) VerifyHash

func (obj *CompoundKeyAlg) VerifyHash(publicKey PublicKey, hashId AlgId, digest []byte, signature []byte) bool

* Verify data digest with a given public key and signature.

type CompoundKeyAlgInfo

type CompoundKeyAlgInfo struct {
	// contains filtered or unexported fields
}

* Handle information about compound key algorithm.

func NewCompoundKeyAlgInfo

func NewCompoundKeyAlgInfo() *CompoundKeyAlgInfo

func (*CompoundKeyAlgInfo) AlgId

func (obj *CompoundKeyAlgInfo) AlgId() AlgId

* Provide algorithm identificator.

func (*CompoundKeyAlgInfo) CipherAlgInfo

func (obj *CompoundKeyAlgInfo) CipherAlgInfo() (AlgInfo, error)

* Return information about encrypt/decrypt algorithm.

func (*CompoundKeyAlgInfo) Ctx

func (obj *CompoundKeyAlgInfo) Ctx() uintptr

Handle underlying C context.

func (*CompoundKeyAlgInfo) Delete

func (obj *CompoundKeyAlgInfo) Delete()

* Release underlying C context.

func (*CompoundKeyAlgInfo) SignerAlgInfo

func (obj *CompoundKeyAlgInfo) SignerAlgInfo() (AlgInfo, error)

* Return information about sign/verify algorithm.

type CompoundPrivateKey

type CompoundPrivateKey struct {
	// contains filtered or unexported fields
}

* Handles compound private key. * * Compound private key contains 2 private keys and signature: * - cipher key - is used for decryption; * - signer key - is used for signing.

func NewCompoundPrivateKey

func NewCompoundPrivateKey() *CompoundPrivateKey

func (*CompoundPrivateKey) AlgId

func (obj *CompoundPrivateKey) AlgId() AlgId

* Algorithm identifier the key belongs to.

func (*CompoundPrivateKey) AlgInfo

func (obj *CompoundPrivateKey) AlgInfo() (AlgInfo, error)

* Return algorithm information that can be used for serialization.

func (*CompoundPrivateKey) Bitlen

func (obj *CompoundPrivateKey) Bitlen() uint

* Length of the key in bits.

func (*CompoundPrivateKey) CipherKey

func (obj *CompoundPrivateKey) CipherKey() (PrivateKey, error)

* Return primary private key suitable for a final decryption.

func (*CompoundPrivateKey) Ctx

func (obj *CompoundPrivateKey) Ctx() uintptr

Handle underlying C context.

func (*CompoundPrivateKey) Delete

func (obj *CompoundPrivateKey) Delete()

* Release underlying C context.

func (*CompoundPrivateKey) ExtractPublicKey

func (obj *CompoundPrivateKey) ExtractPublicKey() (PublicKey, error)

* Extract public key from the private key.

func (*CompoundPrivateKey) IsValid

func (obj *CompoundPrivateKey) IsValid() bool

* Check that key is valid. * Note, this operation can be slow.

func (*CompoundPrivateKey) Len

func (obj *CompoundPrivateKey) Len() uint

* Length of the key in bytes.

func (*CompoundPrivateKey) SignerKey

func (obj *CompoundPrivateKey) SignerKey() (PrivateKey, error)

* Return private key suitable for signing.

type CompoundPublicKey

type CompoundPublicKey struct {
	// contains filtered or unexported fields
}

* Handles compound public key. * * Compound public key contains 2 public keys and signature: * - cipher key - is used for encryption; * - signer key - is used for verifying.

func NewCompoundPublicKey

func NewCompoundPublicKey() *CompoundPublicKey

func (*CompoundPublicKey) AlgId

func (obj *CompoundPublicKey) AlgId() AlgId

* Algorithm identifier the key belongs to.

func (*CompoundPublicKey) AlgInfo

func (obj *CompoundPublicKey) AlgInfo() (AlgInfo, error)

* Return algorithm information that can be used for serialization.

func (*CompoundPublicKey) Bitlen

func (obj *CompoundPublicKey) Bitlen() uint

* Length of the key in bits.

func (*CompoundPublicKey) CipherKey

func (obj *CompoundPublicKey) CipherKey() (PublicKey, error)

* Return a cipher public key suitable for initial encryption.

func (*CompoundPublicKey) Ctx

func (obj *CompoundPublicKey) Ctx() uintptr

Handle underlying C context.

func (*CompoundPublicKey) Delete

func (obj *CompoundPublicKey) Delete()

* Release underlying C context.

func (*CompoundPublicKey) IsValid

func (obj *CompoundPublicKey) IsValid() bool

* Check that key is valid. * Note, this operation can be slow.

func (*CompoundPublicKey) Len

func (obj *CompoundPublicKey) Len() uint

* Length of the key in bytes.

func (*CompoundPublicKey) SignerKey

func (obj *CompoundPublicKey) SignerKey() (PublicKey, error)

* Return public key suitable for verifying.

type ComputeSharedKey

type ComputeSharedKey interface {

	/*
	 * Compute shared key for 2 asymmetric keys.
	 * Note, computed shared key can be used only within symmetric cryptography.
	 */
	ComputeSharedKey(publicKey PublicKey, privateKey PrivateKey) ([]byte, error)

	/*
	 * Return number of bytes required to hold shared key.
	 * Expect Public Key or Private Key.
	 */
	SharedKeyLen(key Key) uint

	/*
	 * Release underlying C context.
	 */
	Delete()
	// contains filtered or unexported methods
}

* Provide interface to compute shared key for 2 asymmetric keys.

func FoundationImplementationWrapComputeSharedKey

func FoundationImplementationWrapComputeSharedKey(ctx *C.vscf_impl_t) (ComputeSharedKey, error)

Wrap C implementation object to the Go object that implements interface ComputeSharedKey.

func FoundationImplementationWrapComputeSharedKeyCopy added in v6.0.12

func FoundationImplementationWrapComputeSharedKeyCopy(ctx *C.vscf_impl_t) (ComputeSharedKey, error)

Wrap C implementation object to the Go object that implements interface ComputeSharedKey.

type CtrDrbg

type CtrDrbg struct {
	// contains filtered or unexported fields
}

* Implementation of the RNG using deterministic random bit generators * based on block ciphers in counter mode (CTR_DRBG from NIST SP800-90A). * This class is thread-safe if the build option VSCF_MULTI_THREADING was enabled.

func NewCtrDrbg

func NewCtrDrbg() *CtrDrbg

func (*CtrDrbg) Ctx

func (obj *CtrDrbg) Ctx() uintptr

Handle underlying C context.

func (*CtrDrbg) Delete

func (obj *CtrDrbg) Delete()

* Release underlying C context.

func (*CtrDrbg) EnablePredictionResistance

func (obj *CtrDrbg) EnablePredictionResistance()

* Force entropy to be gathered at the beginning of every call to * the random() method. * Note, use this if your entropy source has sufficient throughput.

func (*CtrDrbg) Random

func (obj *CtrDrbg) Random(dataLen uint) ([]byte, error)

* Generate random bytes. * All RNG implementations must be thread-safe.

func (*CtrDrbg) Reseed

func (obj *CtrDrbg) Reseed() error

* Retrieve new seed data from the entropy sources.

func (*CtrDrbg) SetEntropyLen

func (obj *CtrDrbg) SetEntropyLen(len uint)

* Sets the amount of entropy grabbed on each seed or reseed. * The default value is entropy len.

func (*CtrDrbg) SetEntropySource

func (obj *CtrDrbg) SetEntropySource(entropySource EntropySource) error

func (*CtrDrbg) SetReseedInterval

func (obj *CtrDrbg) SetReseedInterval(interval uint)

* Sets the reseed interval. * Default value is reseed interval.

func (*CtrDrbg) SetupDefaults

func (obj *CtrDrbg) SetupDefaults() error

* Setup predefined values to the uninitialized class dependencies.

type Curve25519

type Curve25519 struct {
	// contains filtered or unexported fields
}

* This is implementation of Curve25519 elliptic curve algorithms.

func NewCurve25519

func NewCurve25519() *Curve25519

func (*Curve25519) CanDecrypt

func (obj *Curve25519) CanDecrypt(privateKey PrivateKey, dataLen uint) bool

* Check if algorithm can decrypt data with a given key. * However, success result of decryption is not guaranteed.

func (*Curve25519) CanEncrypt

func (obj *Curve25519) CanEncrypt(publicKey PublicKey, dataLen uint) bool

* Check if algorithm can encrypt data with a given key.

func (*Curve25519) ComputeSharedKey

func (obj *Curve25519) ComputeSharedKey(publicKey PublicKey, privateKey PrivateKey) ([]byte, error)

* Compute shared key for 2 asymmetric keys. * Note, computed shared key can be used only within symmetric cryptography.

func (*Curve25519) Ctx

func (obj *Curve25519) Ctx() uintptr

Handle underlying C context.

func (*Curve25519) Decrypt

func (obj *Curve25519) Decrypt(privateKey PrivateKey, data []byte) ([]byte, error)

* Decrypt given data.

func (*Curve25519) DecryptedLen

func (obj *Curve25519) DecryptedLen(privateKey PrivateKey, dataLen uint) uint

* Calculate required buffer length to hold the decrypted data.

func (*Curve25519) Delete

func (obj *Curve25519) Delete()

* Release underlying C context.

func (*Curve25519) Encrypt

func (obj *Curve25519) Encrypt(publicKey PublicKey, data []byte) ([]byte, error)

* Encrypt data with a given public key.

func (*Curve25519) EncryptedLen

func (obj *Curve25519) EncryptedLen(publicKey PublicKey, dataLen uint) uint

* Calculate required buffer length to hold the encrypted data.

func (*Curve25519) ExportPrivateKey

func (obj *Curve25519) ExportPrivateKey(privateKey PrivateKey) (*RawPrivateKey, error)

* Export private key in the raw binary format. * * Binary format must be defined in the key specification. * For instance, RSA private key must be exported in format defined in * RFC 3447 Appendix A.1.2.

func (*Curve25519) ExportPublicKey

func (obj *Curve25519) ExportPublicKey(publicKey PublicKey) (*RawPublicKey, error)

* Export public key to the raw binary format. * * Binary format must be defined in the key specification. * For instance, RSA public key must be exported in format defined in * RFC 3447 Appendix A.1.1.

func (*Curve25519) GenerateEphemeralKey

func (obj *Curve25519) GenerateEphemeralKey(key Key) (PrivateKey, error)

* Generate ephemeral private key of the same type. * Note, this operation might be slow.

func (*Curve25519) GenerateKey

func (obj *Curve25519) GenerateKey() (PrivateKey, error)

* Generate new private key. * Note, this operation might be slow.

func (*Curve25519) GetCanExportPrivateKey

func (obj *Curve25519) GetCanExportPrivateKey() bool

* Define whether a private key can be exported or not.

func (*Curve25519) GetCanExportPublicKey

func (obj *Curve25519) GetCanExportPublicKey() bool

* Define whether a public key can be exported or not.

func (*Curve25519) GetCanImportPrivateKey

func (obj *Curve25519) GetCanImportPrivateKey() bool

* Define whether a private key can be imported or not.

func (*Curve25519) GetCanImportPublicKey

func (obj *Curve25519) GetCanImportPublicKey() bool

* Defines whether a public key can be imported or not.

func (*Curve25519) ImportPrivateKey

func (obj *Curve25519) ImportPrivateKey(rawKey *RawPrivateKey) (PrivateKey, error)

* Import private key from the raw binary format. * * Return private key that is adopted and optimized to be used * with this particular algorithm. * * Binary format must be defined in the key specification. * For instance, RSA private key must be imported from the format defined in * RFC 3447 Appendix A.1.2.

func (*Curve25519) ImportPublicKey

func (obj *Curve25519) ImportPublicKey(rawKey *RawPublicKey) (PublicKey, error)

* Import public key from the raw binary format. * * Return public key that is adopted and optimized to be used * with this particular algorithm. * * Binary format must be defined in the key specification. * For instance, RSA public key must be imported from the format defined in * RFC 3447 Appendix A.1.1.

func (*Curve25519) KemDecapsulate

func (obj *Curve25519) KemDecapsulate(encapsulatedKey []byte, privateKey PrivateKey) ([]byte, error)

* Decapsulate the shared key.

func (*Curve25519) KemEncapsulate

func (obj *Curve25519) KemEncapsulate(publicKey PublicKey) ([]byte, []byte, error)

* Generate a shared key and a key encapsulated message.

func (*Curve25519) KemEncapsulatedKeyLen

func (obj *Curve25519) KemEncapsulatedKeyLen(publicKey PublicKey) uint

* Return length in bytes required to hold encapsulated key.

func (*Curve25519) KemSharedKeyLen

func (obj *Curve25519) KemSharedKeyLen(key Key) uint

* Return length in bytes required to hold encapsulated shared key.

func (*Curve25519) SetEcies

func (obj *Curve25519) SetEcies(ecies *Ecies)

func (*Curve25519) SetRandom

func (obj *Curve25519) SetRandom(random Random)

func (*Curve25519) SetupDefaults

func (obj *Curve25519) SetupDefaults() error

* Setup predefined values to the uninitialized class dependencies.

func (*Curve25519) SharedKeyLen

func (obj *Curve25519) SharedKeyLen(key Key) uint

* Return number of bytes required to hold shared key. * Expect Public Key or Private Key.

type Decrypt

type Decrypt interface {

	/*
	 * Decrypt given data.
	 */
	Decrypt(data []byte) ([]byte, error)

	/*
	 * Calculate required buffer length to hold the decrypted data.
	 */
	DecryptedLen(dataLen uint) uint

	/*
	 * Release underlying C context.
	 */
	Delete()
	// contains filtered or unexported methods
}

* Provide interface for data encryption.

func FoundationImplementationWrapDecrypt

func FoundationImplementationWrapDecrypt(ctx *C.vscf_impl_t) (Decrypt, error)

Wrap C implementation object to the Go object that implements interface Decrypt.

func FoundationImplementationWrapDecryptCopy added in v6.0.12

func FoundationImplementationWrapDecryptCopy(ctx *C.vscf_impl_t) (Decrypt, error)

Wrap C implementation object to the Go object that implements interface Decrypt.

type Ecc

type Ecc struct {
	// contains filtered or unexported fields
}

* Elliptic curve cryptography implementation. * Supported curves: * - secp256r1.

func NewEcc

func NewEcc() *Ecc

func (*Ecc) CanDecrypt

func (obj *Ecc) CanDecrypt(privateKey PrivateKey, dataLen uint) bool

* Check if algorithm can decrypt data with a given key. * However, success result of decryption is not guaranteed.

func (*Ecc) CanEncrypt

func (obj *Ecc) CanEncrypt(publicKey PublicKey, dataLen uint) bool

* Check if algorithm can encrypt data with a given key.

func (*Ecc) CanSign

func (obj *Ecc) CanSign(privateKey PrivateKey) bool

* Check if algorithm can sign data digest with a given key.

func (*Ecc) CanVerify

func (obj *Ecc) CanVerify(publicKey PublicKey) bool

* Check if algorithm can verify data digest with a given key.

func (*Ecc) ComputeSharedKey

func (obj *Ecc) ComputeSharedKey(publicKey PublicKey, privateKey PrivateKey) ([]byte, error)

* Compute shared key for 2 asymmetric keys. * Note, computed shared key can be used only within symmetric cryptography.

func (*Ecc) Ctx

func (obj *Ecc) Ctx() uintptr

Handle underlying C context.

func (*Ecc) Decrypt

func (obj *Ecc) Decrypt(privateKey PrivateKey, data []byte) ([]byte, error)

* Decrypt given data.

func (*Ecc) DecryptedLen

func (obj *Ecc) DecryptedLen(privateKey PrivateKey, dataLen uint) uint

* Calculate required buffer length to hold the decrypted data.

func (*Ecc) Delete

func (obj *Ecc) Delete()

* Release underlying C context.

func (*Ecc) Encrypt

func (obj *Ecc) Encrypt(publicKey PublicKey, data []byte) ([]byte, error)

* Encrypt data with a given public key.

func (*Ecc) EncryptedLen

func (obj *Ecc) EncryptedLen(publicKey PublicKey, dataLen uint) uint

* Calculate required buffer length to hold the encrypted data.

func (*Ecc) ExportPrivateKey

func (obj *Ecc) ExportPrivateKey(privateKey PrivateKey) (*RawPrivateKey, error)

* Export private key in the raw binary format. * * Binary format must be defined in the key specification. * For instance, RSA private key must be exported in format defined in * RFC 3447 Appendix A.1.2.

func (*Ecc) ExportPublicKey

func (obj *Ecc) ExportPublicKey(publicKey PublicKey) (*RawPublicKey, error)

* Export public key to the raw binary format. * * Binary format must be defined in the key specification. * For instance, RSA public key must be exported in format defined in * RFC 3447 Appendix A.1.1.

func (*Ecc) GenerateEphemeralKey

func (obj *Ecc) GenerateEphemeralKey(key Key) (PrivateKey, error)

* Generate ephemeral private key of the same type. * Note, this operation might be slow.

func (*Ecc) GenerateKey

func (obj *Ecc) GenerateKey(algId AlgId) (PrivateKey, error)

* Generate new private key. * Supported algorithm ids: * - secp256r1. * * Note, this operation might be slow.

func (*Ecc) GetCanExportPrivateKey

func (obj *Ecc) GetCanExportPrivateKey() bool

* Define whether a private key can be exported or not.

func (*Ecc) GetCanExportPublicKey

func (obj *Ecc) GetCanExportPublicKey() bool

* Define whether a public key can be exported or not.

func (*Ecc) GetCanImportPrivateKey

func (obj *Ecc) GetCanImportPrivateKey() bool

* Define whether a private key can be imported or not.

func (*Ecc) GetCanImportPublicKey

func (obj *Ecc) GetCanImportPublicKey() bool

* Defines whether a public key can be imported or not.

func (*Ecc) ImportPrivateKey

func (obj *Ecc) ImportPrivateKey(rawKey *RawPrivateKey) (PrivateKey, error)

* Import private key from the raw binary format. * * Return private key that is adopted and optimized to be used * with this particular algorithm. * * Binary format must be defined in the key specification. * For instance, RSA private key must be imported from the format defined in * RFC 3447 Appendix A.1.2.

func (*Ecc) ImportPublicKey

func (obj *Ecc) ImportPublicKey(rawKey *RawPublicKey) (PublicKey, error)

* Import public key from the raw binary format. * * Return public key that is adopted and optimized to be used * with this particular algorithm. * * Binary format must be defined in the key specification. * For instance, RSA public key must be imported from the format defined in * RFC 3447 Appendix A.1.1.

func (*Ecc) KemDecapsulate

func (obj *Ecc) KemDecapsulate(encapsulatedKey []byte, privateKey PrivateKey) ([]byte, error)

* Decapsulate the shared key.

func (*Ecc) KemEncapsulate

func (obj *Ecc) KemEncapsulate(publicKey PublicKey) ([]byte, []byte, error)

* Generate a shared key and a key encapsulated message.

func (*Ecc) KemEncapsulatedKeyLen

func (obj *Ecc) KemEncapsulatedKeyLen(publicKey PublicKey) uint

* Return length in bytes required to hold encapsulated key.

func (*Ecc) KemSharedKeyLen

func (obj *Ecc) KemSharedKeyLen(key Key) uint

* Return length in bytes required to hold encapsulated shared key.

func (*Ecc) SetEcies

func (obj *Ecc) SetEcies(ecies *Ecies)

func (*Ecc) SetRandom

func (obj *Ecc) SetRandom(random Random)

func (*Ecc) SetupDefaults

func (obj *Ecc) SetupDefaults() error

* Setup predefined values to the uninitialized class dependencies.

func (*Ecc) SharedKeyLen

func (obj *Ecc) SharedKeyLen(key Key) uint

* Return number of bytes required to hold shared key. * Expect Public Key or Private Key.

func (*Ecc) SignHash

func (obj *Ecc) SignHash(privateKey PrivateKey, hashId AlgId, digest []byte) ([]byte, error)

* Sign data digest with a given private key.

func (*Ecc) SignatureLen

func (obj *Ecc) SignatureLen(privateKey PrivateKey) uint

* Return length in bytes required to hold signature. * Return zero if a given private key can not produce signatures.

func (*Ecc) VerifyHash

func (obj *Ecc) VerifyHash(publicKey PublicKey, hashId AlgId, digest []byte, signature []byte) bool

* Verify data digest with a given public key and signature.

type EccAlgInfo

type EccAlgInfo struct {
	// contains filtered or unexported fields
}

* Handle algorithm information about ECP.

func NewEccAlgInfo

func NewEccAlgInfo() *EccAlgInfo

func NewEccAlgInfoWithMembers

func NewEccAlgInfoWithMembers(algId AlgId, keyId OidId, domainId OidId) *EccAlgInfo

* Create algorithm info with EC generic key identificator, EC domain group identificator.

func (*EccAlgInfo) AlgId

func (obj *EccAlgInfo) AlgId() AlgId

* Provide algorithm identificator.

func (*EccAlgInfo) Ctx

func (obj *EccAlgInfo) Ctx() uintptr

Handle underlying C context.

func (*EccAlgInfo) Delete

func (obj *EccAlgInfo) Delete()

* Release underlying C context.

func (*EccAlgInfo) DomainId

func (obj *EccAlgInfo) DomainId() OidId

* Return EC domain group identificator.

func (*EccAlgInfo) KeyId

func (obj *EccAlgInfo) KeyId() OidId

* Return EC specific algorithm identificator {unrestricted, ecDH, ecMQV}.

type EccPrivateKey

type EccPrivateKey struct {
	// contains filtered or unexported fields
}

* Handles ECC private key.

func NewEccPrivateKey

func NewEccPrivateKey() *EccPrivateKey

func (*EccPrivateKey) AlgId

func (obj *EccPrivateKey) AlgId() AlgId

* Algorithm identifier the key belongs to.

func (*EccPrivateKey) AlgInfo

func (obj *EccPrivateKey) AlgInfo() (AlgInfo, error)

* Return algorithm information that can be used for serialization.

func (*EccPrivateKey) Bitlen

func (obj *EccPrivateKey) Bitlen() uint

* Length of the key in bits.

func (*EccPrivateKey) Ctx

func (obj *EccPrivateKey) Ctx() uintptr

Handle underlying C context.

func (*EccPrivateKey) Delete

func (obj *EccPrivateKey) Delete()

* Release underlying C context.

func (*EccPrivateKey) ExtractPublicKey

func (obj *EccPrivateKey) ExtractPublicKey() (PublicKey, error)

* Extract public key from the private key.

func (*EccPrivateKey) IsValid

func (obj *EccPrivateKey) IsValid() bool

* Check that key is valid. * Note, this operation can be slow.

func (*EccPrivateKey) Len

func (obj *EccPrivateKey) Len() uint

* Length of the key in bytes.

type EccPublicKey

type EccPublicKey struct {
	// contains filtered or unexported fields
}

* Handles ECC public key.

func NewEccPublicKey

func NewEccPublicKey() *EccPublicKey

func (*EccPublicKey) AlgId

func (obj *EccPublicKey) AlgId() AlgId

* Algorithm identifier the key belongs to.

func (*EccPublicKey) AlgInfo

func (obj *EccPublicKey) AlgInfo() (AlgInfo, error)

* Return algorithm information that can be used for serialization.

func (*EccPublicKey) Bitlen

func (obj *EccPublicKey) Bitlen() uint

* Length of the key in bits.

func (*EccPublicKey) Ctx

func (obj *EccPublicKey) Ctx() uintptr

Handle underlying C context.

func (*EccPublicKey) Delete

func (obj *EccPublicKey) Delete()

* Release underlying C context.

func (*EccPublicKey) IsValid

func (obj *EccPublicKey) IsValid() bool

* Check that key is valid. * Note, this operation can be slow.

func (*EccPublicKey) Len

func (obj *EccPublicKey) Len() uint

* Length of the key in bytes.

type Ecies

type Ecies struct {
	// contains filtered or unexported fields
}

* Virgil implementation of the ECIES algorithm.

func NewEcies

func NewEcies() *Ecies

func (*Ecies) Ctx

func (obj *Ecies) Ctx() uintptr

Handle underlying C context.

func (*Ecies) Decrypt

func (obj *Ecies) Decrypt(privateKey PrivateKey, data []byte) ([]byte, error)

* Decrypt given data.

func (*Ecies) DecryptedLen

func (obj *Ecies) DecryptedLen(privateKey PrivateKey, dataLen uint) uint

* Calculate required buffer length to hold the decrypted data.

func (*Ecies) Delete

func (obj *Ecies) Delete()

* Release underlying C context.

func (*Ecies) Encrypt

func (obj *Ecies) Encrypt(publicKey PublicKey, data []byte) ([]byte, error)

* Encrypt data with a given public key.

func (*Ecies) EncryptedLen

func (obj *Ecies) EncryptedLen(publicKey PublicKey, dataLen uint) uint

* Calculate required buffer length to hold the encrypted data.

func (*Ecies) ReleaseKeyAlg

func (obj *Ecies) ReleaseKeyAlg()

* Release weak reference to the key algorithm.

func (*Ecies) SetCipher

func (obj *Ecies) SetCipher(cipher Cipher)

func (*Ecies) SetEphemeralKey

func (obj *Ecies) SetEphemeralKey(ephemeralKey PrivateKey)

* Set ephemeral key that used for data encryption. * Public and ephemeral keys should belong to the same curve. * This dependency is optional.

func (*Ecies) SetKdf

func (obj *Ecies) SetKdf(kdf Kdf)

func (*Ecies) SetKeyAlg

func (obj *Ecies) SetKeyAlg(keyAlg KeyAlg)

* Set weak reference to the key algorithm. * Key algorithm MUST support shared key computation as well.

func (*Ecies) SetMac

func (obj *Ecies) SetMac(mac Mac)

func (*Ecies) SetRandom

func (obj *Ecies) SetRandom(random Random)

func (*Ecies) SetupDefaults

func (obj *Ecies) SetupDefaults() error

* Setup predefined values to the uninitialized class dependencies.

func (*Ecies) SetupDefaultsNoRandom

func (obj *Ecies) SetupDefaultsNoRandom()

* Setup predefined values to the uninitialized class dependencies * except random.

type Ed25519

type Ed25519 struct {
	// contains filtered or unexported fields
}

* This is implementation of Ed25519 elliptic curve algorithms.

func NewEd25519

func NewEd25519() *Ed25519

func (*Ed25519) CanDecrypt

func (obj *Ed25519) CanDecrypt(privateKey PrivateKey, dataLen uint) bool

* Check if algorithm can decrypt data with a given key. * However, success result of decryption is not guaranteed.

func (*Ed25519) CanEncrypt

func (obj *Ed25519) CanEncrypt(publicKey PublicKey, dataLen uint) bool

* Check if algorithm can encrypt data with a given key.

func (*Ed25519) CanSign

func (obj *Ed25519) CanSign(privateKey PrivateKey) bool

* Check if algorithm can sign data digest with a given key.

func (*Ed25519) CanVerify

func (obj *Ed25519) CanVerify(publicKey PublicKey) bool

* Check if algorithm can verify data digest with a given key.

func (*Ed25519) ComputeSharedKey

func (obj *Ed25519) ComputeSharedKey(publicKey PublicKey, privateKey PrivateKey) ([]byte, error)

* Compute shared key for 2 asymmetric keys. * Note, computed shared key can be used only within symmetric cryptography.

func (*Ed25519) Ctx

func (obj *Ed25519) Ctx() uintptr

Handle underlying C context.

func (*Ed25519) Decrypt

func (obj *Ed25519) Decrypt(privateKey PrivateKey, data []byte) ([]byte, error)

* Decrypt given data.

func (*Ed25519) DecryptedLen

func (obj *Ed25519) DecryptedLen(privateKey PrivateKey, dataLen uint) uint

* Calculate required buffer length to hold the decrypted data.

func (*Ed25519) Delete

func (obj *Ed25519) Delete()

* Release underlying C context.

func (*Ed25519) Encrypt

func (obj *Ed25519) Encrypt(publicKey PublicKey, data []byte) ([]byte, error)

* Encrypt data with a given public key.

func (*Ed25519) EncryptedLen

func (obj *Ed25519) EncryptedLen(publicKey PublicKey, dataLen uint) uint

* Calculate required buffer length to hold the encrypted data.

func (*Ed25519) ExportPrivateKey

func (obj *Ed25519) ExportPrivateKey(privateKey PrivateKey) (*RawPrivateKey, error)

* Export private key in the raw binary format. * * Binary format must be defined in the key specification. * For instance, RSA private key must be exported in format defined in * RFC 3447 Appendix A.1.2.

func (*Ed25519) ExportPublicKey

func (obj *Ed25519) ExportPublicKey(publicKey PublicKey) (*RawPublicKey, error)

* Export public key to the raw binary format. * * Binary format must be defined in the key specification. * For instance, RSA public key must be exported in format defined in * RFC 3447 Appendix A.1.1.

func (*Ed25519) GenerateEphemeralKey

func (obj *Ed25519) GenerateEphemeralKey(key Key) (PrivateKey, error)

* Generate ephemeral private key of the same type. * Note, this operation might be slow.

func (*Ed25519) GenerateKey

func (obj *Ed25519) GenerateKey() (PrivateKey, error)

* Generate new private key. * Note, this operation might be slow.

func (*Ed25519) GetCanExportPrivateKey

func (obj *Ed25519) GetCanExportPrivateKey() bool

* Define whether a private key can be exported or not.

func (*Ed25519) GetCanExportPublicKey

func (obj *Ed25519) GetCanExportPublicKey() bool

* Define whether a public key can be exported or not.

func (*Ed25519) GetCanImportPrivateKey

func (obj *Ed25519) GetCanImportPrivateKey() bool

* Define whether a private key can be imported or not.

func (*Ed25519) GetCanImportPublicKey

func (obj *Ed25519) GetCanImportPublicKey() bool

* Defines whether a public key can be imported or not.

func (*Ed25519) ImportPrivateKey

func (obj *Ed25519) ImportPrivateKey(rawKey *RawPrivateKey) (PrivateKey, error)

* Import private key from the raw binary format. * * Return private key that is adopted and optimized to be used * with this particular algorithm. * * Binary format must be defined in the key specification. * For instance, RSA private key must be imported from the format defined in * RFC 3447 Appendix A.1.2.

func (*Ed25519) ImportPublicKey

func (obj *Ed25519) ImportPublicKey(rawKey *RawPublicKey) (PublicKey, error)

* Import public key from the raw binary format. * * Return public key that is adopted and optimized to be used * with this particular algorithm. * * Binary format must be defined in the key specification. * For instance, RSA public key must be imported from the format defined in * RFC 3447 Appendix A.1.1.

func (*Ed25519) KemDecapsulate

func (obj *Ed25519) KemDecapsulate(encapsulatedKey []byte, privateKey PrivateKey) ([]byte, error)

* Decapsulate the shared key.

func (*Ed25519) KemEncapsulate

func (obj *Ed25519) KemEncapsulate(publicKey PublicKey) ([]byte, []byte, error)

* Generate a shared key and a key encapsulated message.

func (*Ed25519) KemEncapsulatedKeyLen

func (obj *Ed25519) KemEncapsulatedKeyLen(publicKey PublicKey) uint

* Return length in bytes required to hold encapsulated key.

func (*Ed25519) KemSharedKeyLen

func (obj *Ed25519) KemSharedKeyLen(key Key) uint

* Return length in bytes required to hold encapsulated shared key.

func (*Ed25519) SetEcies

func (obj *Ed25519) SetEcies(ecies *Ecies)

func (*Ed25519) SetRandom

func (obj *Ed25519) SetRandom(random Random)

func (*Ed25519) SetupDefaults

func (obj *Ed25519) SetupDefaults() error

* Setup predefined values to the uninitialized class dependencies.

func (*Ed25519) SharedKeyLen

func (obj *Ed25519) SharedKeyLen(key Key) uint

* Return number of bytes required to hold shared key. * Expect Public Key or Private Key.

func (*Ed25519) SignHash

func (obj *Ed25519) SignHash(privateKey PrivateKey, hashId AlgId, digest []byte) ([]byte, error)

* Sign data digest with a given private key.

func (*Ed25519) SignatureLen

func (obj *Ed25519) SignatureLen(privateKey PrivateKey) uint

* Return length in bytes required to hold signature. * Return zero if a given private key can not produce signatures.

func (*Ed25519) VerifyHash

func (obj *Ed25519) VerifyHash(publicKey PublicKey, hashId AlgId, digest []byte, signature []byte) bool

* Verify data digest with a given public key and signature.

type Encrypt

type Encrypt interface {

	/*
	 * Encrypt given data.
	 */
	Encrypt(data []byte) ([]byte, error)

	/*
	 * Calculate required buffer length to hold the encrypted data.
	 */
	EncryptedLen(dataLen uint) uint

	/*
	 * Precise length calculation of encrypted data.
	 */
	PreciseEncryptedLen(dataLen uint) uint

	/*
	 * Release underlying C context.
	 */
	Delete()
	// contains filtered or unexported methods
}

* Provide interface for data encryption.

func FoundationImplementationWrapEncrypt

func FoundationImplementationWrapEncrypt(ctx *C.vscf_impl_t) (Encrypt, error)

Wrap C implementation object to the Go object that implements interface Encrypt.

func FoundationImplementationWrapEncryptCopy added in v6.0.12

func FoundationImplementationWrapEncryptCopy(ctx *C.vscf_impl_t) (Encrypt, error)

Wrap C implementation object to the Go object that implements interface Encrypt.

type EntropyAccumulator

type EntropyAccumulator struct {
	// contains filtered or unexported fields
}

* Implementation based on a simple entropy accumulator.

func NewEntropyAccumulator

func NewEntropyAccumulator() *EntropyAccumulator

func (*EntropyAccumulator) AddSource

func (obj *EntropyAccumulator) AddSource(source EntropySource, threshold uint)

* Add given entropy source to the accumulator. * Threshold defines minimum number of bytes that must be gathered * from the source during accumulation.

func (*EntropyAccumulator) Ctx

func (obj *EntropyAccumulator) Ctx() uintptr

Handle underlying C context.

func (*EntropyAccumulator) Delete

func (obj *EntropyAccumulator) Delete()

* Release underlying C context.

func (*EntropyAccumulator) Gather

func (obj *EntropyAccumulator) Gather(len uint) ([]byte, error)

* Gather entropy of the requested length.

func (*EntropyAccumulator) IsStrong

func (obj *EntropyAccumulator) IsStrong() bool

* Defines that implemented source is strong.

func (*EntropyAccumulator) SetupDefaults

func (obj *EntropyAccumulator) SetupDefaults()

* Setup predefined values to the uninitialized class dependencies.

type EntropySource

type EntropySource interface {

	/*
	 * Defines that implemented source is strong.
	 */
	IsStrong() bool

	/*
	 * Gather entropy of the requested length.
	 */
	Gather(len uint) ([]byte, error)

	/*
	 * Release underlying C context.
	 */
	Delete()
	// contains filtered or unexported methods
}

* Defines generic interface for the entropy source.

func FoundationImplementationWrapEntropySource

func FoundationImplementationWrapEntropySource(ctx *C.vscf_impl_t) (EntropySource, error)

Wrap C implementation object to the Go object that implements interface EntropySource.

func FoundationImplementationWrapEntropySourceCopy added in v6.0.12

func FoundationImplementationWrapEntropySourceCopy(ctx *C.vscf_impl_t) (EntropySource, error)

Wrap C implementation object to the Go object that implements interface EntropySource.

type FakeRandom

type FakeRandom struct {
	// contains filtered or unexported fields
}

* Random number generator that is used for test purposes only.

func NewFakeRandom

func NewFakeRandom() *FakeRandom

func (*FakeRandom) Ctx

func (obj *FakeRandom) Ctx() uintptr

Handle underlying C context.

func (*FakeRandom) Delete

func (obj *FakeRandom) Delete()

* Release underlying C context.

func (*FakeRandom) Gather

func (obj *FakeRandom) Gather(len uint) ([]byte, error)

* Gather entropy of the requested length.

func (*FakeRandom) IsStrong

func (obj *FakeRandom) IsStrong() bool

* Defines that implemented source is strong.

func (*FakeRandom) Random

func (obj *FakeRandom) Random(dataLen uint) ([]byte, error)

* Generate random bytes. * All RNG implementations must be thread-safe.

func (*FakeRandom) Reseed

func (obj *FakeRandom) Reseed() error

* Retrieve new seed data from the entropy sources.

func (*FakeRandom) SetupSourceByte

func (obj *FakeRandom) SetupSourceByte(byteSource byte)

* Configure random number generator to generate sequence filled with given byte.

func (*FakeRandom) SetupSourceData

func (obj *FakeRandom) SetupSourceData(dataSource []byte)

* Configure random number generator to generate random sequence from given data. * Note, that given data is used as circular source.

type Falcon

type Falcon struct {
	// contains filtered or unexported fields
}

* Provide post-quantum signature based on the falcon implementation. * For algorithm details check https://falcon-sign.info.

func NewFalcon

func NewFalcon() *Falcon

func (*Falcon) AlgId

func (obj *Falcon) AlgId() AlgId

* Provide algorithm identificator.

func (*Falcon) CanSign

func (obj *Falcon) CanSign(privateKey PrivateKey) bool

* Check if algorithm can sign data digest with a given key.

func (*Falcon) CanVerify

func (obj *Falcon) CanVerify(publicKey PublicKey) bool

* Check if algorithm can verify data digest with a given key.

func (*Falcon) Ctx

func (obj *Falcon) Ctx() uintptr

Handle underlying C context.

func (*Falcon) Delete

func (obj *Falcon) Delete()

* Release underlying C context.

func (*Falcon) ExportPrivateKey

func (obj *Falcon) ExportPrivateKey(privateKey PrivateKey) (*RawPrivateKey, error)

* Export private key in the raw binary format. * * Binary format must be defined in the key specification. * For instance, RSA private key must be exported in format defined in * RFC 3447 Appendix A.1.2.

func (*Falcon) ExportPublicKey

func (obj *Falcon) ExportPublicKey(publicKey PublicKey) (*RawPublicKey, error)

* Export public key to the raw binary format. * * Binary format must be defined in the key specification. * For instance, RSA public key must be exported in format defined in * RFC 3447 Appendix A.1.1.

func (*Falcon) GenerateEphemeralKey

func (obj *Falcon) GenerateEphemeralKey(key Key) (PrivateKey, error)

* Generate ephemeral private key of the same type. * Note, this operation might be slow.

func (*Falcon) GenerateKey

func (obj *Falcon) GenerateKey() (PrivateKey, error)

* Generate new private key. * Note, this operation might be slow.

func (*Falcon) GetCanExportPrivateKey

func (obj *Falcon) GetCanExportPrivateKey() bool

* Define whether a private key can be exported or not.

func (*Falcon) GetCanExportPublicKey

func (obj *Falcon) GetCanExportPublicKey() bool

* Define whether a public key can be exported or not.

func (*Falcon) GetCanImportPrivateKey

func (obj *Falcon) GetCanImportPrivateKey() bool

* Define whether a private key can be imported or not.

func (*Falcon) GetCanImportPublicKey

func (obj *Falcon) GetCanImportPublicKey() bool

* Defines whether a public key can be imported or not.

func (*Falcon) ImportPrivateKey

func (obj *Falcon) ImportPrivateKey(rawKey *RawPrivateKey) (PrivateKey, error)

* Import private key from the raw binary format. * * Return private key that is adopted and optimized to be used * with this particular algorithm. * * Binary format must be defined in the key specification. * For instance, RSA private key must be imported from the format defined in * RFC 3447 Appendix A.1.2.

func (*Falcon) ImportPublicKey

func (obj *Falcon) ImportPublicKey(rawKey *RawPublicKey) (PublicKey, error)

* Import public key from the raw binary format. * * Return public key that is adopted and optimized to be used * with this particular algorithm. * * Binary format must be defined in the key specification. * For instance, RSA public key must be imported from the format defined in * RFC 3447 Appendix A.1.1.

func (*Falcon) ProduceAlgInfo

func (obj *Falcon) ProduceAlgInfo() (AlgInfo, error)

* Produce object with algorithm information and configuration parameters.

func (*Falcon) RestoreAlgInfo

func (obj *Falcon) RestoreAlgInfo(algInfo AlgInfo) error

* Restore algorithm configuration from the given object.

func (*Falcon) SetRandom

func (obj *Falcon) SetRandom(random Random)

func (*Falcon) SetupDefaults

func (obj *Falcon) SetupDefaults() error

* Setup predefined values to the uninitialized class dependencies.

func (*Falcon) SignHash

func (obj *Falcon) SignHash(privateKey PrivateKey, hashId AlgId, digest []byte) ([]byte, error)

* Sign data digest with a given private key.

func (*Falcon) SignatureLen

func (obj *Falcon) SignatureLen(privateKey PrivateKey) uint

* Return length in bytes required to hold signature. * Return zero if a given private key can not produce signatures.

func (*Falcon) VerifyHash

func (obj *Falcon) VerifyHash(publicKey PublicKey, hashId AlgId, digest []byte, signature []byte) bool

* Verify data digest with a given public key and signature.

type FooterInfo

type FooterInfo struct {
	// contains filtered or unexported fields
}

* Handle meta information about footer.

func NewFooterInfo

func NewFooterInfo() *FooterInfo

func (*FooterInfo) Ctx

func (obj *FooterInfo) Ctx() uintptr

Handle underlying C context.

func (*FooterInfo) DataSize

func (obj *FooterInfo) DataSize() uint

* Return data size.

func (*FooterInfo) Delete

func (obj *FooterInfo) Delete()

* Release underlying C context.

func (*FooterInfo) HasSignedDataInfo

func (obj *FooterInfo) HasSignedDataInfo() bool

* Retrun true if signed data info present.

func (*FooterInfo) SetDataSize

func (obj *FooterInfo) SetDataSize(dataSize uint)

* Set data size.

func (*FooterInfo) SignedDataInfo

func (obj *FooterInfo) SignedDataInfo() *SignedDataInfo

* Return signed data info.

type FoundationError

type FoundationError struct {
	Code    int
	Message string
}

* Defines the library status codes.

func (*FoundationError) Error

func (obj *FoundationError) Error() string

type FoundationImplementation

type FoundationImplementation struct {
}

type GroupMsgType

type GroupMsgType int

* Represents group message type

const (
	/*
	 * Group info type with encryption key.
	 * This type of message should be encrypted before transferring.
	 */
	GroupMsgTypeGroupInfo GroupMsgType = 1
	/*
	 * Regular group message with encrypted text.
	 */
	GroupMsgTypeRegular GroupMsgType = 2
)

type GroupSession

type GroupSession struct {
	// contains filtered or unexported fields
}

* Group chat encryption session.

func NewGroupSession

func NewGroupSession() *GroupSession

func (*GroupSession) AddEpoch

func (obj *GroupSession) AddEpoch(message *GroupSessionMessage) error

* Adds epoch. New epoch should be generated for member removal or proactive to rotate encryption key. * Epoch message should be encrypted and signed by trusted group chat member (admin).

func (*GroupSession) CreateGroupTicket

func (obj *GroupSession) CreateGroupTicket() (*GroupSessionTicket, error)

* Creates ticket with new key for removing participants or proactive to rotate encryption key.

func (*GroupSession) Ctx

func (obj *GroupSession) Ctx() uintptr

Handle underlying C context.

func (*GroupSession) Decrypt

func (obj *GroupSession) Decrypt(message *GroupSessionMessage, publicKey PublicKey) ([]byte, error)

* Decrypts message

func (*GroupSession) DecryptLen

func (obj *GroupSession) DecryptLen(message *GroupSessionMessage) uint

* Calculates size of buffer sufficient to store decrypted message

func (*GroupSession) Delete

func (obj *GroupSession) Delete()

* Release underlying C context.

func (*GroupSession) Encrypt

func (obj *GroupSession) Encrypt(plainText []byte, privateKey PrivateKey) (*GroupSessionMessage, error)

* Encrypts data

func (*GroupSession) GetCurrentEpoch

func (obj *GroupSession) GetCurrentEpoch() uint32

* Returns current epoch.

func (*GroupSession) GetSessionId

func (obj *GroupSession) GetSessionId() []byte

* Returns session id.

func (*GroupSession) SetRng

func (obj *GroupSession) SetRng(rng Random)

* Random

func (*GroupSession) SetupDefaults

func (obj *GroupSession) SetupDefaults() error

* Setups default dependencies: * - RNG: CTR DRBG

type GroupSessionMessage

type GroupSessionMessage struct {
	// contains filtered or unexported fields
}

* Class represents group session message

func GroupSessionMessageDeserialize

func GroupSessionMessageDeserialize(input []byte) (*GroupSessionMessage, error)

* Deserializes instance.

func NewGroupSessionMessage

func NewGroupSessionMessage() *GroupSessionMessage

func (*GroupSessionMessage) Ctx

func (obj *GroupSessionMessage) Ctx() uintptr

Handle underlying C context.

func (*GroupSessionMessage) Delete

func (obj *GroupSessionMessage) Delete()

* Release underlying C context.

func (*GroupSessionMessage) GetEpoch

func (obj *GroupSessionMessage) GetEpoch() uint32

* Returns message epoch.

func (*GroupSessionMessage) GetSessionId

func (obj *GroupSessionMessage) GetSessionId() []byte

* Returns session id. * This method should be called only for group info type.

func (*GroupSessionMessage) GetType

func (obj *GroupSessionMessage) GetType() GroupMsgType

* Returns message type.

func (*GroupSessionMessage) Serialize

func (obj *GroupSessionMessage) Serialize() []byte

* Serializes instance.

func (*GroupSessionMessage) SerializeLen

func (obj *GroupSessionMessage) SerializeLen() uint

* Buffer len to serialize this class.

type GroupSessionTicket

type GroupSessionTicket struct {
	// contains filtered or unexported fields
}

* Group ticket used to start group session, remove participants or proactive to rotate encryption key.

func NewGroupSessionTicket

func NewGroupSessionTicket() *GroupSessionTicket

func (*GroupSessionTicket) Ctx

func (obj *GroupSessionTicket) Ctx() uintptr

Handle underlying C context.

func (*GroupSessionTicket) Delete

func (obj *GroupSessionTicket) Delete()

* Release underlying C context.

func (*GroupSessionTicket) GetTicketMessage

func (obj *GroupSessionTicket) GetTicketMessage() *GroupSessionMessage

* Returns message that should be sent to all participants using secure channel.

func (*GroupSessionTicket) SetRng

func (obj *GroupSessionTicket) SetRng(rng Random)

* Random used to generate keys

func (*GroupSessionTicket) SetupDefaults

func (obj *GroupSessionTicket) SetupDefaults() error

* Setups default dependencies: * - RNG: CTR DRBG

func (*GroupSessionTicket) SetupTicketAsNew

func (obj *GroupSessionTicket) SetupTicketAsNew(sessionId []byte) error

* Set this ticket to start new group session.

type Hash

type Hash interface {

	/*
	 * Length of the digest (hashing output) in bytes.
	 */
	GetDigestLen() uint

	/*
	 * Block length of the digest function in bytes.
	 */
	GetBlockLen() uint

	/*
	 * Calculate hash over given data.
	 */
	Hash(data []byte) []byte

	/*
	 * Start a new hashing.
	 */
	Start()

	/*
	 * Add given data to the hash.
	 */
	Update(data []byte)

	/*
	 * Accompilsh hashing and return it's result (a message digest).
	 */
	Finish() []byte

	/*
	 * Release underlying C context.
	 */
	Delete()
	// contains filtered or unexported methods
}

* Provides interface to the hashing (messege digest) algorithms.

func AlgFactoryCreateHashFromInfo

func AlgFactoryCreateHashFromInfo(algInfo AlgInfo) (Hash, error)

* Create algorithm that implements "hash stream" interface.

func FoundationImplementationWrapHash

func FoundationImplementationWrapHash(ctx *C.vscf_impl_t) (Hash, error)

Wrap C implementation object to the Go object that implements interface Hash.

func FoundationImplementationWrapHashCopy added in v6.0.12

func FoundationImplementationWrapHashCopy(ctx *C.vscf_impl_t) (Hash, error)

Wrap C implementation object to the Go object that implements interface Hash.

type HashBasedAlgInfo

type HashBasedAlgInfo struct {
	// contains filtered or unexported fields
}

* Handle hashed based algorithm information, i.e. HKDF, HMAC, etc.

func NewHashBasedAlgInfo

func NewHashBasedAlgInfo() *HashBasedAlgInfo

func (*HashBasedAlgInfo) AlgId

func (obj *HashBasedAlgInfo) AlgId() AlgId

* Provide algorithm identificator.

func (*HashBasedAlgInfo) Ctx

func (obj *HashBasedAlgInfo) Ctx() uintptr

Handle underlying C context.

func (*HashBasedAlgInfo) Delete

func (obj *HashBasedAlgInfo) Delete()

* Release underlying C context.

func (*HashBasedAlgInfo) HashAlgInfo

func (obj *HashBasedAlgInfo) HashAlgInfo() (AlgInfo, error)

* Return hash algorithm information.

type Hkdf

type Hkdf struct {
	// contains filtered or unexported fields
}

* Virgil Security implementation of the HKDF (RFC 6234) algorithm.

func NewHkdf

func NewHkdf() *Hkdf

func (*Hkdf) AlgId

func (obj *Hkdf) AlgId() AlgId

* Provide algorithm identificator.

func (*Hkdf) Ctx

func (obj *Hkdf) Ctx() uintptr

Handle underlying C context.

func (*Hkdf) Delete

func (obj *Hkdf) Delete()

* Release underlying C context.

func (*Hkdf) Derive

func (obj *Hkdf) Derive(data []byte, keyLen uint) []byte

* Derive key of the requested length from the given data.

func (*Hkdf) ProduceAlgInfo

func (obj *Hkdf) ProduceAlgInfo() (AlgInfo, error)

* Produce object with algorithm information and configuration parameters.

func (*Hkdf) Reset

func (obj *Hkdf) Reset(salt []byte, iterationCount uint)

* Prepare algorithm to derive new key.

func (*Hkdf) RestoreAlgInfo

func (obj *Hkdf) RestoreAlgInfo(algInfo AlgInfo) error

* Restore algorithm configuration from the given object.

func (*Hkdf) SetHash

func (obj *Hkdf) SetHash(hash Hash)

func (*Hkdf) SetInfo

func (obj *Hkdf) SetInfo(info []byte)

* Setup application specific information (optional). * Can be empty.

type Hmac

type Hmac struct {
	// contains filtered or unexported fields
}

* Virgil Security implementation of HMAC algorithm (RFC 2104) (FIPS PUB 198-1).

func NewHmac

func NewHmac() *Hmac

func (*Hmac) AlgId

func (obj *Hmac) AlgId() AlgId

* Provide algorithm identificator.

func (*Hmac) Ctx

func (obj *Hmac) Ctx() uintptr

Handle underlying C context.

func (*Hmac) Delete

func (obj *Hmac) Delete()

* Release underlying C context.

func (*Hmac) DigestLen

func (obj *Hmac) DigestLen() uint

* Size of the digest (mac output) in bytes.

func (*Hmac) Finish

func (obj *Hmac) Finish() []byte

* Accomplish MAC and return it's result (a message digest).

func (*Hmac) Mac

func (obj *Hmac) Mac(key []byte, data []byte) []byte

* Calculate MAC over given data.

func (*Hmac) ProduceAlgInfo

func (obj *Hmac) ProduceAlgInfo() (AlgInfo, error)

* Produce object with algorithm information and configuration parameters.

func (*Hmac) Reset

func (obj *Hmac) Reset()

* Prepare to authenticate a new message with the same key * as the previous MAC operation.

func (*Hmac) RestoreAlgInfo

func (obj *Hmac) RestoreAlgInfo(algInfo AlgInfo) error

* Restore algorithm configuration from the given object.

func (*Hmac) SetHash

func (obj *Hmac) SetHash(hash Hash)

func (*Hmac) Start

func (obj *Hmac) Start(key []byte)

* Start a new MAC.

func (*Hmac) Update

func (obj *Hmac) Update(data []byte)

* Add given data to the MAC.

type HybridKeyAlg

type HybridKeyAlg struct {
	// contains filtered or unexported fields
}

* Implements public key cryptography over hybrid keys. * Hybrid encryption - TODO * Hybrid signatures - TODO

func NewHybridKeyAlg

func NewHybridKeyAlg() *HybridKeyAlg

func (*HybridKeyAlg) CanDecrypt

func (obj *HybridKeyAlg) CanDecrypt(privateKey PrivateKey, dataLen uint) bool

* Check if algorithm can decrypt data with a given key. * However, success result of decryption is not guaranteed.

func (*HybridKeyAlg) CanEncrypt

func (obj *HybridKeyAlg) CanEncrypt(publicKey PublicKey, dataLen uint) bool

* Check if algorithm can encrypt data with a given key.

func (*HybridKeyAlg) CanSign

func (obj *HybridKeyAlg) CanSign(privateKey PrivateKey) bool

* Check if algorithm can sign data digest with a given key.

func (*HybridKeyAlg) CanVerify

func (obj *HybridKeyAlg) CanVerify(publicKey PublicKey) bool

* Check if algorithm can verify data digest with a given key.

func (*HybridKeyAlg) Ctx

func (obj *HybridKeyAlg) Ctx() uintptr

Handle underlying C context.

func (*HybridKeyAlg) Decrypt

func (obj *HybridKeyAlg) Decrypt(privateKey PrivateKey, data []byte) ([]byte, error)

* Decrypt given data.

func (*HybridKeyAlg) DecryptedLen

func (obj *HybridKeyAlg) DecryptedLen(privateKey PrivateKey, dataLen uint) uint

* Calculate required buffer length to hold the decrypted data.

func (*HybridKeyAlg) Delete

func (obj *HybridKeyAlg) Delete()

* Release underlying C context.

func (*HybridKeyAlg) Encrypt

func (obj *HybridKeyAlg) Encrypt(publicKey PublicKey, data []byte) ([]byte, error)

* Encrypt data with a given public key.

func (*HybridKeyAlg) EncryptedLen