cryptoki

package
v0.0.0-...-48496ca Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 16, 2018 License: MIT Imports: 11 Imported by: 0

Documentation

Overview

Package cryptoki implements cryptographic token interface as defined in PKCS #11.

Index

Constants

View Source 
const (
	RSA   = "rsa"
	ECDSA = "ecdsa"
)

Supported algorithm strings. Compatible with CFSSL.

Variables

This section is empty.

Functions

This section is empty.

Types

type KeyPair 

type KeyPair struct {
	// contains filtered or unexported fields
}

KeyPair implements the crypto.Signer interface using a key pair kept in PKCS #11 cryptographic token.

func (*KeyPair) Public 

func (kp *KeyPair) Public() crypto.PublicKey

Public returns the public key of the key pair.

func (*KeyPair) Sign 

func (kp *KeyPair) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) ([]byte, error)

Sign signs digest with the private key. The entropy from rand will be ignored.

For RSA, the signature scheme will be RSASSA-PKCS1-v1_5, unless opts is an *rsa.PSSOptions in which case RSASSA-PSS scheme will be used.

For ECDSA, the resulting signature will be a DER-serialised, ASN.1 signature structure.

type Token 

type Token struct {
	// contains filtered or unexported fields
}

A Token represents a cryptographic token that implements PKCS #11.

func OpenToken 

func OpenToken(modulePath, tokenLabel, pin string) (*Token, error)

OpenToken opens a new session with the given cryptographic token.

func (*Token) Close 

func (tk *Token) Close() error

Close closes all sessions with the token.

func (*Token) ExportPublicKey 

func (tk *Token) ExportPublicKey(pub pkcs11.ObjectHandle) (crypto.PublicKey, error)

ExportPublicKey returns the public key object as crypto.PublicKey.

func (*Token) FindKeyPair 

func (tk *Token) FindKeyPair(key crypto.PublicKey) (crypto.Signer, error)

FindKeyPair looks up a key pair inside the token with the public key.

func (*Token) FindObject 

func (tk *Token) FindObject(query []*pkcs11.Attribute) (pkcs11.ObjectHandle, error)

FindObject returns the first object it found that matches the query.

func (*Token) GenerateKeyPair 

func (tk *Token) GenerateKeyPair(label string, algo string, size int) (crypto.Signer, error)

GenerateKeyPair generates a key pair inside the token.

func (*Token) GetAttribute 

func (tk *Token) GetAttribute(obj pkcs11.ObjectHandle, typ uint) ([]byte, error)

GetAttribute obtains the value of a single object attribute. If there are multiple attributes of the same type, it only returns the value of the first one.

func (*Token) GetReadOnlySession 

func (tk *Token) GetReadOnlySession() (pkcs11.SessionHandle, error)

GetReadOnlySession returns a read-only session with the token.

func (*Token) GetSession 

func (tk *Token) GetSession() (pkcs11.SessionHandle, error)

GetSession returns a writable session with the token.

func (*Token) GetUintAttribute 

func (tk *Token) GetUintAttribute(obj pkcs11.ObjectHandle, typ uint) (uint, error)

GetUintAttribute returns the value of a single object attribute as uint.

func (*Token) Info 

func (tk *Token) Info() (pkcs11.TokenInfo, error)

Info obtains information about the token.

func (*Token) Sign 

func (tk *Token) Sign(msg []byte, priv pkcs11.ObjectHandle, mech uint) ([]byte, error)

Sign signs msg the with the private key using designated mechanism.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.