crypto

package
v2.0.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 12, 2026 License: MIT Imports: 19 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// SecP256R1OID is the OID for secp256r1 (aka prime256v1) curve
	SecP256R1OID = "1.2.840.10045.3.1.7"
	// SecP384R1OID is the OID for secp384r1 curve
	SecP384R1OID    = "1.3.132.0.34"
	DigestSHA256URI = "http://www.w3.org/2001/04/xmlenc#sha256"
	DigestSHA384URI = "http://www.w3.org/2001/04/xmlenc#sha384"
	DigestSHA512URI = "http://www.w3.org/2001/04/xmlenc#sha512"
)

Variables

View Source 
var (
	// P256 is the secp256r1 curve
	P256 = elliptic.P256()
	// P384 is the secp384r1 curve
	P384 = elliptic.P384()
)

Functions

func AddPKCS7Padding 

func AddPKCS7Padding(w io.Writer, dataSize int64, blockSize int) (int, error)

AddPKCS7Padding adds PKCS#7 padding to the output stream PKCS#7 padding fills with bytes equal to the padding length

func AddX923Padding 

func AddX923Padding(w io.Writer, dataSize int64, blockSize int) (int, error)

AddX923Padding adds X.923 padding to the output stream X.923 padding fills with zeros and ends with the padding length

func ConcatKDF 

func ConcatKDF(sharedSecret []byte, algorithmID []byte, partyUInfo []byte, partyVInfo []byte) ([]byte, error)

ConcatKDF performs XMLENC11 ConcatKDF using SHA-384, deriving a 32-byte KEK for AES-KW-256. For digest selection or non-default key lengths, use ConcatKDFWithDigest.

func ConcatKDFWithDigest added in v2.0.1 

func ConcatKDFWithDigest(sharedSecret []byte, algorithmID []byte, partyUInfo []byte, partyVInfo []byte, digestURI string, keyLen int) ([]byte, error)

ConcatKDFWithDigest performs XMLENC11 ConcatKDF with an explicit digest and output length. It derives keying material from: 

Z (ECDH shared secret) and OtherInfo = AlgorithmID || PartyUInfo || PartyVInfo.

Construction (NIST SP 800-56A): 

K = H(1 || Z || OtherInfo) || H(2 || Z || OtherInfo) || ...

Output is truncated to keyLen bytes.

func DecryptAESCBC 

func DecryptAESCBC(ciphertext []byte, key []byte, iv []byte) ([]byte, error)

DecryptAESCBC decrypts data using AES-128-CBC and removes padding

func DecryptAESGCM 

func DecryptAESGCM(ciphertext []byte, key []byte, iv []byte) ([]byte, error)

DecryptAESGCM decrypts data using AES-256-GCM

func DecryptChaCha20Poly1305 

func DecryptChaCha20Poly1305(ciphertext, key, nonce, aad []byte) ([]byte, error)

DecryptChaCha20Poly1305 decrypts ciphertext using ChaCha20-Poly1305 key must be 32 bytes nonce must be 12 bytes aad is additional authenticated data (must match encryption, can be nil) ciphertext includes the 16-byte authentication tag at the end Returns plaintext if authentication succeeds

func DecryptRSA 

func DecryptRSA(encrypted []byte, privKey *rsa.PrivateKey) ([]byte, error)

DecryptRSA decrypts data using RSA PKCS#1 v1.5 decryption

func ECDHKeyAgreement 

func ECDHKeyAgreement(privKey *ecdsa.PrivateKey, pubKey *ecdsa.PublicKey) ([]byte, error)

ECDHKeyAgreement performs ECDH key agreement and returns the shared secret

func ECNamedCurveOIDAndDigestURI added in v2.0.2 

func ECNamedCurveOIDAndDigestURI(curve elliptic.Curve) (namedCurveOID string, digestURI string, err error)

ECNamedCurveOIDAndDigestURI returns the XMLENC11 NamedCurve OID and ConcatKDF digest URI for the given curve.

func EncryptAESCBC 

func EncryptAESCBC(plaintext []byte, key []byte, iv []byte) ([]byte, error)

EncryptAESCBC encrypts data using AES-128-CBC with X.923 + PKCS#7 padding

func EncryptAESGCM 

func EncryptAESGCM(plaintext []byte, key []byte, iv []byte) ([]byte, error)

EncryptAESGCM encrypts data using AES-256-GCM

func EncryptAESGCMStream 

func EncryptAESGCMStream(dst io.Writer, src io.Reader, key []byte, iv []byte) error

EncryptAESGCMStream encrypts data stream using AES-256-GCM

func EncryptChaCha20Poly1305 

func EncryptChaCha20Poly1305(plaintext, key, nonce, aad []byte) ([]byte, error)

EncryptChaCha20Poly1305 encrypts plaintext using ChaCha20-Poly1305 key must be 32 bytes (ChaCha20-Poly1305 key length) nonce must be 12 bytes (ChaCha20-Poly1305 nonce length) aad is additional authenticated data (can be nil) Returns ciphertext with authentication tag appended (16 bytes tag)

func EncryptRSA 

func EncryptRSA(data []byte, cert *x509.Certificate) ([]byte, error)

EncryptRSA encrypts data using RSA PKCS#1 v1.5 encryption

func ExtractECPublicKeyFromCertificate 

func ExtractECPublicKeyFromCertificate(cert *x509.Certificate) (*ecdsa.PublicKey, error)

ExtractECPublicKeyFromCertificate extracts the EC public key from a certificate

func GenerateDataEncryptionKey 

func GenerateDataEncryptionKey(lengthInBytes int) ([]byte, error)

GenerateDataEncryptionKey generates a random AES key of specified length in bytes

func GenerateECKeyPair 

func GenerateECKeyPair(publicKey *ecdsa.PublicKey) (*ecdsa.PrivateKey, error)

GenerateECKeyPair generates an ephemeral EC key pair on the same curve as the given public key

func GenerateIV 

func GenerateIV(lengthInBytes int) ([]byte, error)

GenerateIV generates a random IV/nonce of specified length in bytes

func HKDFExpand 

func HKDFExpand(prk, info []byte, length int) ([]byte, error)

HKDFExpand performs HKDF Expand operation (RFC 5869) Expand(PRK, info, L) -> OKM (Output Keying Material) PRK is the pseudo-random key from Extract info is optional context/application-specific information L is the desired output length in bytes

func HKDFExpandSHA512 

func HKDFExpandSHA512(prk, info []byte, length int) ([]byte, error)

HKDFExpandSHA512 performs HKDF Expand with SHA-512 Used for CDOC2 ECC key derivation

func HKDFExtract 

func HKDFExtract(salt, ikm []byte) []byte

HKDFExtract performs HKDF Extract operation (RFC 5869) Extract(salt, IKM) -> PRK (Pseudo-Random Key) If salt is empty or nil, it uses a zero-filled salt of hash length

func HKDFExtractSHA512 

func HKDFExtractSHA512(salt, ikm []byte) []byte

HKDFExtractSHA512 performs HKDF Extract with SHA-512 Used for CDOC2 ECC key derivation

func NewChaCha20Poly1305 

func NewChaCha20Poly1305(key []byte) (cipher.AEAD, error)

NewChaCha20Poly1305 creates a new ChaCha20-Poly1305 AEAD cipher This can be used for streaming encryption/decryption if needed

func RemovePKCS7Padding 

func RemovePKCS7Padding(data []byte) ([]byte, error)

RemovePKCS7Padding removes PKCS#7 padding (internal helper)

func RemovePKCS7PaddingFromData 

func RemovePKCS7PaddingFromData(data []byte) ([]byte, error)

RemovePKCS7PaddingFromData removes PKCS#7 padding from the data This is a separate function to avoid conflict with the internal helper in aes.go

func RemoveX923Padding 

func RemoveX923Padding(data []byte) ([]byte, error)

RemoveX923Padding removes X.923 padding (internal helper)

func RemoveX923PaddingFromData 

func RemoveX923PaddingFromData(data []byte) ([]byte, error)

RemoveX923PaddingFromData removes X.923 padding from the data This is a separate function to avoid conflict with the internal helper in aes.go

func UnwrapAES256 

func UnwrapAES256(wrappedKey []byte, wrappingKey []byte) ([]byte, error)

UnwrapAES256 unwraps a wrapped key using AES-KW-256 (RFC 3394)

func ValidateECPoint 

func ValidateECPoint(x, y *big.Int, curve elliptic.Curve) bool

ValidateECPoint validates that an EC point is on the given curve

func ValidateECPublicKey 

func ValidateECPublicKey(pubKey *ecdsa.PublicKey) error

ValidateECPublicKey validates an EC public key point

func WrapAES256 

func WrapAES256(keyToWrap []byte, wrappingKey []byte) ([]byte, error)

WrapAES256 wraps a 256-bit key using AES-KW-256 (RFC 3394)

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.