Version: v0.12.1 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Mar 31, 2020 License: Apache-2.0 Imports: 13 Imported by: 8




This section is empty.


View Source
var ErrTooShort = errors.New("SealedSecret data is too short")

ErrTooShort indicates the provided data is too short to be valid


func GeneratePrivateKeyAndCert added in v0.9.2

func GeneratePrivateKeyAndCert(keySize int, validFor time.Duration, cn string) (*rsa.PrivateKey, *x509.Certificate, error)

GeneratePrivateKeyAndCert generates a keypair and signed certificate.

func HybridDecrypt

func HybridDecrypt(rnd io.Reader, privKeys map[string]*rsa.PrivateKey, ciphertext, label []byte) ([]byte, error)

HybridDecrypt performs a regular AES-GCM + RSA-OAEP decryption. The private keys map has a fingerprint of each public key as the map key.

func HybridEncrypt

func HybridEncrypt(rnd io.Reader, pubKey *rsa.PublicKey, plaintext, label []byte) ([]byte, error)

HybridEncrypt performs a regular AES-GCM + RSA-OAEP encryption. The output bytestring is:

RSA ciphertext length || RSA ciphertext || AES ciphertext

func PublicKeyFingerprint added in v0.8.2

func PublicKeyFingerprint(rp *rsa.PublicKey) (string, error)

PublicKeyFingerprint returns a fingerprint for a public key.

func SignKey added in v0.9.2

func SignKey(r io.Reader, key *rsa.PrivateKey, validFor time.Duration, cn string) (*x509.Certificate, error)

SignKey returns a signed certificate.


This section is empty.

Source Files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL