hsm

package
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 3, 2023 License: Apache-2.0 Imports: 23 Imported by: 0

Documentation

Overview

By fsc/00416537

Index

Constants

View Source 
const (
	// GM hash identifier
	SM3 = "SM3"
)

Variables

This section is empty.

Functions

func MarshalECDSASignature 

func MarshalECDSASignature(r, s *big.Int) ([]byte, error)

func New 

func New(securityLevel int, hashFamily string, keyStore bccsp.KeyStore) (bccsp.BCCSP, error)

New returns a new instance of the software-based BCCSP set at the passed security level, hash family and KeyStore.

func NewDefaultSecurityLevel 

func NewDefaultSecurityLevel(keyStorePath string) (bccsp.BCCSP, error)

NewDefaultSecurityLevel returns a new instance of the software-based BCCSP at security level 256, hash family SHA2 and using FolderBasedKeyStore as KeyStore.

func NewDefaultSecurityLevelWithKeystore 

func NewDefaultSecurityLevelWithKeystore(keyStore bccsp.KeyStore) (bccsp.BCCSP, error)

NewDefaultSecurityLevel returns a new instance of the software-based BCCSP at security level 256, hash family SHA2 and using the passed KeyStore.

func NewDummyKeyStore 

func NewDummyKeyStore() bccsp.KeyStore

NewDummyKeyStore instantiate a dummy key store that neither loads nor stores keys

func NewFileBasedKeyStore 

func NewFileBasedKeyStore(pwd []byte, path string, readOnly bool) (bccsp.KeyStore, error)

NewFileBasedKeyStore instantiated a file-based key store at a given position. The key store can be encrypted if a non-empty password is specifiec. It can be also be set as read only. In this case, any store operation will be forbidden

func VerifySM2 

func VerifySM2(k *ecdsa.PublicKey, signature, digest []byte, opts bccsp.SignerOpts) (valid bool, err error)

Types

type Decryptor 

type Decryptor interface {

	// Decrypt decrypts ciphertext using key k.
	// The opts argument should be appropriate for the algorithm used.
	Decrypt(k bccsp.Key, ciphertext []byte, opts bccsp.DecrypterOpts) (plaintext []byte, err error)
}

Decryptor is a BCCSP-like interface that provides decryption algorithms

type ECDSASignature 

type ECDSASignature struct {
	R, S *big.Int
}

type Encryptor 

type Encryptor interface {

	// Encrypt encrypts plaintext using key k.
	// The opts argument should be appropriate for the algorithm used.
	Encrypt(k bccsp.Key, plaintext []byte, opts bccsp.EncrypterOpts) (ciphertext []byte, err error)
}

Encryptor is a BCCSP-like interface that provides encryption algorithms

type Hasher 

type Hasher interface {

	// Hash hashes messages msg using options opts.
	// If opts is nil, the default hash function will be used.
	Hash(msg []byte, opts bccsp.HashOpts) (hash []byte, err error)

	// GetHash returns and instance of hash.Hash using options opts.
	// If opts is nil, the default hash function will be returned.
	GetHash(opts bccsp.HashOpts) (h hash.Hash, err error)
}

Hasher is a BCCSP-like interface that provides hash algorithms

type KeyDeriver 

type KeyDeriver interface {

	// KeyDeriv derives a key from k using opts.
	// The opts argument should be appropriate for the primitive used.
	KeyDeriv(k bccsp.Key, opts bccsp.KeyDerivOpts) (dk bccsp.Key, err error)
}

KeyDeriver is a BCCSP-like interface that provides key derivation algorithms

type KeyGenerator 

type KeyGenerator interface {

	// KeyGen generates a key using opts.
	KeyGen(opts bccsp.KeyGenOpts) (k bccsp.Key, err error)
}

KeyGenerator is a BCCSP-like interface that provides key generation algorithms

type KeyImporter 

type KeyImporter interface {

	// KeyImport imports a key from its raw representation using opts.
	// The opts argument should be appropriate for the primitive used.
	KeyImport(raw interface{}, opts bccsp.KeyImportOpts) (k bccsp.Key, err error)
}

KeyImporter is a BCCSP-like interface that provides key import algorithms

type SM2GoPublicKeyImportOpts 

type SM2GoPublicKeyImportOpts struct {
	Temporary bool
}

SM2GoPublicKeyImportOpts contains options for SM2 key importation from SM2.PublicKey

func (*SM2GoPublicKeyImportOpts) Algorithm 

func (opts *SM2GoPublicKeyImportOpts) Algorithm() string

Algorithm returns the key importation algorithm identifier (to be used).

func (*SM2GoPublicKeyImportOpts) Ephemeral 

func (opts *SM2GoPublicKeyImportOpts) Ephemeral() bool

Ephemeral returns true if the key to generate has to be ephemeral, false otherwise.

type SM2KeyGenOpts 

type SM2KeyGenOpts struct {
	Temporary bool
}

SM2KeyGenOpts contains options for SM2 key generation.

func (*SM2KeyGenOpts) Algorithm 

func (opts *SM2KeyGenOpts) Algorithm() string

Algorithm returns the key generation algorithm identifier (to be used).

func (*SM2KeyGenOpts) Ephemeral 

func (opts *SM2KeyGenOpts) Ephemeral() bool

Ephemeral returns true if the key to generate has to be ephemeral, false otherwise.

type SM2PKIXPublicKeyImportOpts 

type SM2PKIXPublicKeyImportOpts struct {
	Temporary bool
}

SM2PKIXPublicKeyImportOpts contains options for SM2 public key importation in PKIX format

func (*SM2PKIXPublicKeyImportOpts) Algorithm 

func (opts *SM2PKIXPublicKeyImportOpts) Algorithm() string

Algorithm returns the key importation algorithm identifier (to be used).

func (*SM2PKIXPublicKeyImportOpts) Ephemeral 

func (opts *SM2PKIXPublicKeyImportOpts) Ephemeral() bool

Ephemeral returns true if the key to generate has to be ephemeral, false otherwise.

type SM2PrivateKeyImportOpts 

type SM2PrivateKeyImportOpts struct {
	Temporary bool
}

SM2PrivateKeyImportOpts contains options for SM2 secret key importation in DER format or PKCS#8 format.

func (*SM2PrivateKeyImportOpts) Algorithm 

func (opts *SM2PrivateKeyImportOpts) Algorithm() string

Algorithm returns the key importation algorithm identifier (to be used).

func (*SM2PrivateKeyImportOpts) Ephemeral 

func (opts *SM2PrivateKeyImportOpts) Ephemeral() bool

Ephemeral returns true if the key to generate has to be ephemeral, false otherwise.

type SM2ReRandKeyOpts 

type SM2ReRandKeyOpts struct {
	Temporary bool
	Expansion []byte
}

SM2ReRandKeyOpts contains options for SM2 key re-randomization.

func (*SM2ReRandKeyOpts) Algorithm 

func (opts *SM2ReRandKeyOpts) Algorithm() string

Algorithm returns the key derivation algorithm identifier (to be used).

func (*SM2ReRandKeyOpts) Ephemeral 

func (opts *SM2ReRandKeyOpts) Ephemeral() bool

Ephemeral returns true if the key to generate has to be ephemeral, false otherwise.

func (*SM2ReRandKeyOpts) ExpansionValue 

func (opts *SM2ReRandKeyOpts) ExpansionValue() []byte

ExpansionValue returns the re-randomization factor

type SM3Opts 

type SM3Opts struct {
}

func (*SM3Opts) Algorithm 

func (opts *SM3Opts) Algorithm() string

Algorithm returns the hash algorithm identifier (to be used).

type Signer 

type Signer interface {

	// Sign signs digest using key k.
	// The opts argument should be appropriate for the algorithm used.
	//
	// Note that when a signature of a hash of a larger message is needed,
	// the caller is responsible for hashing the larger message and passing
	// the hash (as digest).
	Sign(k bccsp.Key, digest []byte, opts bccsp.SignerOpts) (signature []byte, err error)
}

Signer is a BCCSP-like interface that provides signing algorithms

type Verifier 

type Verifier interface {

	// Verify verifies signature against key k and digest
	// The opts argument should be appropriate for the algorithm used.
	Verify(k bccsp.Key, signature, digest []byte, opts bccsp.SignerOpts) (valid bool, err error)
}

Verifier is a BCCSP-like interface that provides verifying algorithms

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.