Documentation

Overview

    Copyright IBM Corp. 2016 All Rights Reserved.

    Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0
    

    Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

    Notice: This file has been modified for Hyperledger Fabric SDK Go usage. Please review third_party pinning scripts and patches for more details.

    Index

    Constants

    View Source
    const (
    	// ECDSA Elliptic Curve Digital Signature Algorithm (key gen, import, sign, verify),
    	// at default security level.
    	// Each BCCSP may or may not support default security level. If not supported than
    	// an error will be returned.
    	ECDSA = "ECDSA"
    
    	// ECDSA Elliptic Curve Digital Signature Algorithm over P-256 curve
    	ECDSAP256 = "ECDSAP256"
    
    	// ECDSA Elliptic Curve Digital Signature Algorithm over P-384 curve
    	ECDSAP384 = "ECDSAP384"
    
    	// ECDSAReRand ECDSA key re-randomization
    	ECDSAReRand = "ECDSA_RERAND"
    
    	// AES Advanced Encryption Standard at the default security level.
    	// Each BCCSP may or may not support default security level. If not supported than
    	// an error will be returned.
    	AES = "AES"
    	// AES Advanced Encryption Standard at 128 bit security level
    	AES128 = "AES128"
    	// AES Advanced Encryption Standard at 192 bit security level
    	AES192 = "AES192"
    	// AES Advanced Encryption Standard at 256 bit security level
    	AES256 = "AES256"
    
    	// HMAC keyed-hash message authentication code
    	HMAC = "HMAC"
    	// HMACTruncated256 HMAC truncated at 256 bits.
    	HMACTruncated256 = "HMAC_TRUNCATED_256"
    
    	// SHA Secure Hash Algorithm using default family.
    	// Each BCCSP may or may not support default security level. If not supported than
    	// an error will be returned.
    	SHA = "SHA"
    
    	// SHA2 is an identifier for SHA2 hash family
    	SHA2 = "SHA2"
    	// SHA3 is an identifier for SHA3 hash family
    	SHA3 = "SHA3"
    
    	// SHA256
    	SHA256 = "SHA256"
    	// SHA384
    	SHA384 = "SHA384"
    	// SHA3_256
    	SHA3_256 = "SHA3_256"
    	// SHA3_384
    	SHA3_384 = "SHA3_384"
    
    	// X509Certificate Label for X509 certificate related operation
    	X509Certificate = "X509Certificate"
    )

    Variables

    This section is empty.

    Functions

    This section is empty.

    Types

    type AES128KeyGenOpts

    type AES128KeyGenOpts struct {
    	Temporary bool
    }

      AES128KeyGenOpts contains options for AES key generation at 128 security level

      func (*AES128KeyGenOpts) Algorithm

      func (opts *AES128KeyGenOpts) Algorithm() string

        Algorithm returns the key generation algorithm identifier (to be used).

        func (*AES128KeyGenOpts) Ephemeral

        func (opts *AES128KeyGenOpts) Ephemeral() bool

          Ephemeral returns true if the key to generate has to be ephemeral, false otherwise.

          type AES192KeyGenOpts

          type AES192KeyGenOpts struct {
          	Temporary bool
          }

            AES192KeyGenOpts contains options for AES key generation at 192 security level

            func (*AES192KeyGenOpts) Algorithm

            func (opts *AES192KeyGenOpts) Algorithm() string

              Algorithm returns the key generation algorithm identifier (to be used).

              func (*AES192KeyGenOpts) Ephemeral

              func (opts *AES192KeyGenOpts) Ephemeral() bool

                Ephemeral returns true if the key to generate has to be ephemeral, false otherwise.

                type AES256ImportKeyOpts

                type AES256ImportKeyOpts struct {
                	Temporary bool
                }

                  AES256ImportKeyOpts contains options for importing AES 256 keys.

                  func (*AES256ImportKeyOpts) Algorithm

                  func (opts *AES256ImportKeyOpts) Algorithm() string

                    Algorithm returns the key importation algorithm identifier (to be used).

                    func (*AES256ImportKeyOpts) Ephemeral

                    func (opts *AES256ImportKeyOpts) Ephemeral() bool

                      Ephemeral returns true if the key generated has to be ephemeral, false otherwise.

                      type AES256KeyGenOpts

                      type AES256KeyGenOpts struct {
                      	Temporary bool
                      }

                        AES256KeyGenOpts contains options for AES key generation at 256 security level

                        func (*AES256KeyGenOpts) Algorithm

                        func (opts *AES256KeyGenOpts) Algorithm() string

                          Algorithm returns the key generation algorithm identifier (to be used).

                          func (*AES256KeyGenOpts) Ephemeral

                          func (opts *AES256KeyGenOpts) Ephemeral() bool

                            Ephemeral returns true if the key to generate has to be ephemeral, false otherwise.

                            type AESCBCPKCS7ModeOpts

                            type AESCBCPKCS7ModeOpts struct {
                            	// IV is the initialization vector to be used by the underlying cipher.
                            	// The length of IV must be the same as the Block's block size.
                            	// It is used only if different from nil.
                            	IV []byte
                            	// PRNG is an instance of a PRNG to be used by the underlying cipher.
                            	// It is used only if different from nil.
                            	PRNG io.Reader
                            }

                              AESCBCPKCS7ModeOpts contains options for AES encryption in CBC mode with PKCS7 padding. Notice that both IV and PRNG can be nil. In that case, the BCCSP implementation is supposed to sample the IV using a cryptographic secure PRNG. Notice also that either IV or PRNG can be different from nil.

                              type AESKeyGenOpts

                              type AESKeyGenOpts struct {
                              	Temporary bool
                              }

                                AESKeyGenOpts contains options for AES key generation at default security level

                                func (*AESKeyGenOpts) Algorithm

                                func (opts *AESKeyGenOpts) Algorithm() string

                                  Algorithm returns the key generation algorithm identifier (to be used).

                                  func (*AESKeyGenOpts) Ephemeral

                                  func (opts *AESKeyGenOpts) Ephemeral() bool

                                    Ephemeral returns true if the key to generate has to be ephemeral, false otherwise.

                                    type BCCSP

                                    type BCCSP interface {
                                    
                                    	// KeyGen generates a key using opts.
                                    	KeyGen(opts KeyGenOpts) (k Key, err error)
                                    
                                    	// KeyDeriv derives a key from k using opts.
                                    	// The opts argument should be appropriate for the primitive used.
                                    	KeyDeriv(k Key, opts KeyDerivOpts) (dk Key, err error)
                                    
                                    	// KeyImport imports a key from its raw representation using opts.
                                    	// The opts argument should be appropriate for the primitive used.
                                    	KeyImport(raw interface{}, opts KeyImportOpts) (k Key, err error)
                                    
                                    	// GetKey returns the key this CSP associates to
                                    	// the Subject Key Identifier ski.
                                    	GetKey(ski []byte) (k Key, err error)
                                    
                                    	// Hash hashes messages msg using options opts.
                                    	// If opts is nil, the default hash function will be used.
                                    	Hash(msg []byte, opts HashOpts) (hash []byte, err error)
                                    
                                    	// GetHash returns and instance of hash.Hash using options opts.
                                    	// If opts is nil, the default hash function will be returned.
                                    	GetHash(opts HashOpts) (h hash.Hash, err error)
                                    
                                    	// Sign signs digest using key k.
                                    	// The opts argument should be appropriate for the algorithm used.
                                    	//
                                    	// Note that when a signature of a hash of a larger message is needed,
                                    	// the caller is responsible for hashing the larger message and passing
                                    	// the hash (as digest).
                                    	Sign(k Key, digest []byte, opts SignerOpts) (signature []byte, err error)
                                    
                                    	// Verify verifies signature against key k and digest
                                    	// The opts argument should be appropriate for the algorithm used.
                                    	Verify(k Key, signature, digest []byte, opts SignerOpts) (valid bool, err error)
                                    
                                    	// Encrypt encrypts plaintext using key k.
                                    	// The opts argument should be appropriate for the algorithm used.
                                    	Encrypt(k Key, plaintext []byte, opts EncrypterOpts) (ciphertext []byte, err error)
                                    
                                    	// Decrypt decrypts ciphertext using key k.
                                    	// The opts argument should be appropriate for the algorithm used.
                                    	Decrypt(k Key, ciphertext []byte, opts DecrypterOpts) (plaintext []byte, err error)
                                    }

                                      BCCSP is the blockchain cryptographic service provider that offers the implementation of cryptographic standards and algorithms.

                                      type DecrypterOpts

                                      type DecrypterOpts interface{}

                                        DecrypterOpts contains options for decrypting with a CSP.

                                        type ECDSAGoPublicKeyImportOpts

                                        type ECDSAGoPublicKeyImportOpts struct {
                                        	Temporary bool
                                        }

                                          ECDSAGoPublicKeyImportOpts contains options for ECDSA key importation from ecdsa.PublicKey

                                          func (*ECDSAGoPublicKeyImportOpts) Algorithm

                                          func (opts *ECDSAGoPublicKeyImportOpts) Algorithm() string

                                            Algorithm returns the key importation algorithm identifier (to be used).

                                            func (*ECDSAGoPublicKeyImportOpts) Ephemeral

                                            func (opts *ECDSAGoPublicKeyImportOpts) Ephemeral() bool

                                              Ephemeral returns true if the key to generate has to be ephemeral, false otherwise.

                                              type ECDSAKeyGenOpts

                                              type ECDSAKeyGenOpts struct {
                                              	Temporary bool
                                              }

                                                ECDSAKeyGenOpts contains options for ECDSA key generation.

                                                func (*ECDSAKeyGenOpts) Algorithm

                                                func (opts *ECDSAKeyGenOpts) Algorithm() string

                                                  Algorithm returns the key generation algorithm identifier (to be used).

                                                  func (*ECDSAKeyGenOpts) Ephemeral

                                                  func (opts *ECDSAKeyGenOpts) Ephemeral() bool

                                                    Ephemeral returns true if the key to generate has to be ephemeral, false otherwise.

                                                    type ECDSAP256KeyGenOpts

                                                    type ECDSAP256KeyGenOpts struct {
                                                    	Temporary bool
                                                    }

                                                      ECDSAP256KeyGenOpts contains options for ECDSA key generation with curve P-256.

                                                      func (*ECDSAP256KeyGenOpts) Algorithm

                                                      func (opts *ECDSAP256KeyGenOpts) Algorithm() string

                                                        Algorithm returns the key generation algorithm identifier (to be used).

                                                        func (*ECDSAP256KeyGenOpts) Ephemeral

                                                        func (opts *ECDSAP256KeyGenOpts) Ephemeral() bool

                                                          Ephemeral returns true if the key to generate has to be ephemeral, false otherwise.

                                                          type ECDSAP384KeyGenOpts

                                                          type ECDSAP384KeyGenOpts struct {
                                                          	Temporary bool
                                                          }

                                                            ECDSAP384KeyGenOpts contains options for ECDSA key generation with curve P-384.

                                                            func (*ECDSAP384KeyGenOpts) Algorithm

                                                            func (opts *ECDSAP384KeyGenOpts) Algorithm() string

                                                              Algorithm returns the key generation algorithm identifier (to be used).

                                                              func (*ECDSAP384KeyGenOpts) Ephemeral

                                                              func (opts *ECDSAP384KeyGenOpts) Ephemeral() bool

                                                                Ephemeral returns true if the key to generate has to be ephemeral, false otherwise.

                                                                type ECDSAPKIXPublicKeyImportOpts

                                                                type ECDSAPKIXPublicKeyImportOpts struct {
                                                                	Temporary bool
                                                                }

                                                                  ECDSAPKIXPublicKeyImportOpts contains options for ECDSA public key importation in PKIX format

                                                                  func (*ECDSAPKIXPublicKeyImportOpts) Algorithm

                                                                  func (opts *ECDSAPKIXPublicKeyImportOpts) Algorithm() string

                                                                    Algorithm returns the key importation algorithm identifier (to be used).

                                                                    func (*ECDSAPKIXPublicKeyImportOpts) Ephemeral

                                                                    func (opts *ECDSAPKIXPublicKeyImportOpts) Ephemeral() bool

                                                                      Ephemeral returns true if the key to generate has to be ephemeral, false otherwise.

                                                                      type ECDSAPrivateKeyImportOpts

                                                                      type ECDSAPrivateKeyImportOpts struct {
                                                                      	Temporary bool
                                                                      }

                                                                        ECDSAPrivateKeyImportOpts contains options for ECDSA secret key importation in DER format or PKCS#8 format.

                                                                        func (*ECDSAPrivateKeyImportOpts) Algorithm

                                                                        func (opts *ECDSAPrivateKeyImportOpts) Algorithm() string

                                                                          Algorithm returns the key importation algorithm identifier (to be used).

                                                                          func (*ECDSAPrivateKeyImportOpts) Ephemeral

                                                                          func (opts *ECDSAPrivateKeyImportOpts) Ephemeral() bool

                                                                            Ephemeral returns true if the key to generate has to be ephemeral, false otherwise.

                                                                            type ECDSAReRandKeyOpts

                                                                            type ECDSAReRandKeyOpts struct {
                                                                            	Temporary bool
                                                                            	Expansion []byte
                                                                            }

                                                                              ECDSAReRandKeyOpts contains options for ECDSA key re-randomization.

                                                                              func (*ECDSAReRandKeyOpts) Algorithm

                                                                              func (opts *ECDSAReRandKeyOpts) Algorithm() string

                                                                                Algorithm returns the key derivation algorithm identifier (to be used).

                                                                                func (*ECDSAReRandKeyOpts) Ephemeral

                                                                                func (opts *ECDSAReRandKeyOpts) Ephemeral() bool

                                                                                  Ephemeral returns true if the key to generate has to be ephemeral, false otherwise.

                                                                                  func (*ECDSAReRandKeyOpts) ExpansionValue

                                                                                  func (opts *ECDSAReRandKeyOpts) ExpansionValue() []byte

                                                                                    ExpansionValue returns the re-randomization factor

                                                                                    type EncrypterOpts

                                                                                    type EncrypterOpts interface{}

                                                                                      EncrypterOpts contains options for encrypting with a CSP.

                                                                                      type HMACDeriveKeyOpts

                                                                                      type HMACDeriveKeyOpts struct {
                                                                                      	Temporary bool
                                                                                      	Arg       []byte
                                                                                      }

                                                                                        HMACDeriveKeyOpts contains options for HMAC key derivation.

                                                                                        func (*HMACDeriveKeyOpts) Algorithm

                                                                                        func (opts *HMACDeriveKeyOpts) Algorithm() string

                                                                                          Algorithm returns the key derivation algorithm identifier (to be used).

                                                                                          func (*HMACDeriveKeyOpts) Argument

                                                                                          func (opts *HMACDeriveKeyOpts) Argument() []byte

                                                                                            Argument returns the argument to be passed to the HMAC

                                                                                            func (*HMACDeriveKeyOpts) Ephemeral

                                                                                            func (opts *HMACDeriveKeyOpts) Ephemeral() bool

                                                                                              Ephemeral returns true if the key to generate has to be ephemeral, false otherwise.

                                                                                              type HMACImportKeyOpts

                                                                                              type HMACImportKeyOpts struct {
                                                                                              	Temporary bool
                                                                                              }

                                                                                                HMACImportKeyOpts contains options for importing HMAC keys.

                                                                                                func (*HMACImportKeyOpts) Algorithm

                                                                                                func (opts *HMACImportKeyOpts) Algorithm() string

                                                                                                  Algorithm returns the key importation algorithm identifier (to be used).

                                                                                                  func (*HMACImportKeyOpts) Ephemeral

                                                                                                  func (opts *HMACImportKeyOpts) Ephemeral() bool

                                                                                                    Ephemeral returns true if the key generated has to be ephemeral, false otherwise.

                                                                                                    type HMACTruncated256AESDeriveKeyOpts

                                                                                                    type HMACTruncated256AESDeriveKeyOpts struct {
                                                                                                    	Temporary bool
                                                                                                    	Arg       []byte
                                                                                                    }

                                                                                                      HMACTruncated256AESDeriveKeyOpts contains options for HMAC truncated at 256 bits key derivation.

                                                                                                      func (*HMACTruncated256AESDeriveKeyOpts) Algorithm

                                                                                                      func (opts *HMACTruncated256AESDeriveKeyOpts) Algorithm() string

                                                                                                        Algorithm returns the key derivation algorithm identifier (to be used).

                                                                                                        func (*HMACTruncated256AESDeriveKeyOpts) Argument

                                                                                                        func (opts *HMACTruncated256AESDeriveKeyOpts) Argument() []byte

                                                                                                          Argument returns the argument to be passed to the HMAC

                                                                                                          func (*HMACTruncated256AESDeriveKeyOpts) Ephemeral

                                                                                                          func (opts *HMACTruncated256AESDeriveKeyOpts) Ephemeral() bool

                                                                                                            Ephemeral returns true if the key to generate has to be ephemeral, false otherwise.

                                                                                                            type HashOpts

                                                                                                            type HashOpts interface {
                                                                                                            
                                                                                                            	// Algorithm returns the hash algorithm identifier (to be used).
                                                                                                            	Algorithm() string
                                                                                                            }

                                                                                                              HashOpts contains options for hashing with a CSP.

                                                                                                              func GetHashOpt

                                                                                                              func GetHashOpt(hashFunction string) (HashOpts, error)

                                                                                                                GetHashOpt returns the HashOpts corresponding to the passed hash function

                                                                                                                type Key

                                                                                                                type Key interface {
                                                                                                                
                                                                                                                	// Bytes converts this key to its byte representation,
                                                                                                                	// if this operation is allowed.
                                                                                                                	Bytes() ([]byte, error)
                                                                                                                
                                                                                                                	// SKI returns the subject key identifier of this key.
                                                                                                                	SKI() []byte
                                                                                                                
                                                                                                                	// Symmetric returns true if this key is a symmetric key,
                                                                                                                	// false is this key is asymmetric
                                                                                                                	Symmetric() bool
                                                                                                                
                                                                                                                	// Private returns true if this key is a private key,
                                                                                                                	// false otherwise.
                                                                                                                	Private() bool
                                                                                                                
                                                                                                                	// PublicKey returns the corresponding public key part of an asymmetric public/private key pair.
                                                                                                                	// This method returns an error in symmetric key schemes.
                                                                                                                	PublicKey() (Key, error)
                                                                                                                }

                                                                                                                  Key represents a cryptographic key

                                                                                                                  type KeyDerivOpts

                                                                                                                  type KeyDerivOpts interface {
                                                                                                                  
                                                                                                                  	// Algorithm returns the key derivation algorithm identifier (to be used).
                                                                                                                  	Algorithm() string
                                                                                                                  
                                                                                                                  	// Ephemeral returns true if the key to derived has to be ephemeral,
                                                                                                                  	// false otherwise.
                                                                                                                  	Ephemeral() bool
                                                                                                                  }

                                                                                                                    KeyDerivOpts contains options for key-derivation with a CSP.

                                                                                                                    type KeyGenOpts

                                                                                                                    type KeyGenOpts interface {
                                                                                                                    
                                                                                                                    	// Algorithm returns the key generation algorithm identifier (to be used).
                                                                                                                    	Algorithm() string
                                                                                                                    
                                                                                                                    	// Ephemeral returns true if the key to generate has to be ephemeral,
                                                                                                                    	// false otherwise.
                                                                                                                    	Ephemeral() bool
                                                                                                                    }

                                                                                                                      KeyGenOpts contains options for key-generation with a CSP.

                                                                                                                      type KeyImportOpts

                                                                                                                      type KeyImportOpts interface {
                                                                                                                      
                                                                                                                      	// Algorithm returns the key importation algorithm identifier (to be used).
                                                                                                                      	Algorithm() string
                                                                                                                      
                                                                                                                      	// Ephemeral returns true if the key generated has to be ephemeral,
                                                                                                                      	// false otherwise.
                                                                                                                      	Ephemeral() bool
                                                                                                                      }

                                                                                                                        KeyImportOpts contains options for importing the raw material of a key with a CSP.

                                                                                                                        type KeyStore

                                                                                                                        type KeyStore interface {
                                                                                                                        
                                                                                                                        	// ReadOnly returns true if this KeyStore is read only, false otherwise.
                                                                                                                        	// If ReadOnly is true then StoreKey will fail.
                                                                                                                        	ReadOnly() bool
                                                                                                                        
                                                                                                                        	// GetKey returns a key object whose SKI is the one passed.
                                                                                                                        	GetKey(ski []byte) (k Key, err error)
                                                                                                                        
                                                                                                                        	// StoreKey stores the key k in this KeyStore.
                                                                                                                        	// If this KeyStore is read only then the method will fail.
                                                                                                                        	StoreKey(k Key) (err error)
                                                                                                                        }

                                                                                                                          KeyStore represents a storage system for cryptographic keys. It allows to store and retrieve bccsp.Key objects. The KeyStore can be read only, in that case StoreKey will return an error.

                                                                                                                          type SHA256Opts

                                                                                                                          type SHA256Opts struct {
                                                                                                                          }

                                                                                                                            SHA256Opts contains options relating to SHA-256.

                                                                                                                            func (*SHA256Opts) Algorithm

                                                                                                                            func (opts *SHA256Opts) Algorithm() string

                                                                                                                              Algorithm returns the hash algorithm identifier (to be used).

                                                                                                                              type SHA384Opts

                                                                                                                              type SHA384Opts struct {
                                                                                                                              }

                                                                                                                                SHA384Opts contains options relating to SHA-384.

                                                                                                                                func (*SHA384Opts) Algorithm

                                                                                                                                func (opts *SHA384Opts) Algorithm() string

                                                                                                                                  Algorithm returns the hash algorithm identifier (to be used).

                                                                                                                                  type SHA3_256Opts

                                                                                                                                  type SHA3_256Opts struct {
                                                                                                                                  }

                                                                                                                                    SHA3_256Opts contains options relating to SHA3-256.

                                                                                                                                    func (*SHA3_256Opts) Algorithm

                                                                                                                                    func (opts *SHA3_256Opts) Algorithm() string

                                                                                                                                      Algorithm returns the hash algorithm identifier (to be used).

                                                                                                                                      type SHA3_384Opts

                                                                                                                                      type SHA3_384Opts struct {
                                                                                                                                      }

                                                                                                                                        SHA3_384Opts contains options relating to SHA3-384.

                                                                                                                                        func (*SHA3_384Opts) Algorithm

                                                                                                                                        func (opts *SHA3_384Opts) Algorithm() string

                                                                                                                                          Algorithm returns the hash algorithm identifier (to be used).

                                                                                                                                          type SHAOpts

                                                                                                                                          type SHAOpts struct{}

                                                                                                                                            SHAOpts contains options for computing SHA.

                                                                                                                                            func (*SHAOpts) Algorithm

                                                                                                                                            func (opts *SHAOpts) Algorithm() string

                                                                                                                                              Algorithm returns the hash algorithm identifier (to be used).

                                                                                                                                              type SignerOpts

                                                                                                                                              type SignerOpts interface {
                                                                                                                                              	crypto.SignerOpts
                                                                                                                                              }

                                                                                                                                                SignerOpts contains options for signing with a CSP.

                                                                                                                                                type X509PublicKeyImportOpts

                                                                                                                                                type X509PublicKeyImportOpts struct {
                                                                                                                                                	Temporary bool
                                                                                                                                                }

                                                                                                                                                  X509PublicKeyImportOpts contains options for importing public keys from an x509 certificate

                                                                                                                                                  func (*X509PublicKeyImportOpts) Algorithm

                                                                                                                                                  func (opts *X509PublicKeyImportOpts) Algorithm() string

                                                                                                                                                    Algorithm returns the key importation algorithm identifier (to be used).

                                                                                                                                                    func (*X509PublicKeyImportOpts) Ephemeral

                                                                                                                                                    func (opts *X509PublicKeyImportOpts) Ephemeral() bool

                                                                                                                                                      Ephemeral returns true if the key to generate has to be ephemeral, false otherwise.

                                                                                                                                                      Directories

                                                                                                                                                      Path Synopsis
                                                                                                                                                      factory
                                                                                                                                                      sw