Documentation ¶
Overview ¶
Elliptic curve cryptography in Go using OpenSSL. This is an implementation of pyelliptic by yann2192 in Go.
Index ¶
- Constants
- Variables
- func Cleanup()
- func Nid2ShortName(nid NID) (string, error)
- func RandomPrivateKeyEncrypt(data []byte, pubkey *PublicKey) ([]byte, error)
- type Cipher
- type CipherCtx
- type Curve
- type DecryptionCipherCtx
- type EncryptionCipherCtx
- type NID
- type OpenSSLError
- type PrivateKey
- func (key *PrivateKey) Decrypt(raw []byte) ([]byte, error)
- func (key *PrivateKey) Encrypt(data []byte, pubkey *PublicKey) ([]byte, error)
- func (key *PrivateKey) GetRawECDHKey(pubKey *PublicKey, length int) ([]byte, error)
- func (key *PrivateKey) Serialize() []byte
- func (key *PrivateKey) Sign(rawData []byte) ([]byte, error)
- type PublicKey
Constants ¶
const DisableUselessChecks bool = true
Variables ¶
var InvalidMACError = errors.New("invalid mac address")
InvalidMACError results when Message Authentication Check (MAC) fails during decryption. This happens because of either invalid private key or corrupt ciphertext.
Functions ¶
func Cleanup ¶
func Cleanup()
Cleanup cleans the memory reserved for OpenSSL strings, digests and ciphers.
func Nid2ShortName ¶
Types ¶
type Cipher ¶
type Cipher struct {
// contains filtered or unexported fields
}
func GetCipherByName ¶
func GetCipherByNid ¶
type Curve ¶
type Curve int16
Curve repesents the ASN.1 OID of an elliptic curve.
const ( Secp112r1 Curve = C.NID_secp112r1 Secp112r2 Curve = C.NID_secp112r2 Secp128r1 Curve = C.NID_secp128r1 Secp128r2 Curve = C.NID_secp128r2 Secp160k1 Curve = C.NID_secp160k1 Secp160r1 Curve = C.NID_secp160r1 Secp160r2 Curve = C.NID_secp160r2 Secp192k1 Curve = C.NID_secp192k1 Secp224k1 Curve = C.NID_secp224k1 Secp224r1 Curve = C.NID_secp224r1 Secp256k1 Curve = C.NID_secp256k1 Secp384r1 Curve = C.NID_secp384r1 Secp521r1 Curve = C.NID_secp521r1 Sect113r1 Curve = C.NID_sect113r1 Sect113r2 Curve = C.NID_sect113r2 Sect131r1 Curve = C.NID_sect131r1 Sect131r2 Curve = C.NID_sect131r2 Sect163k1 Curve = C.NID_sect163k1 Sect163r1 Curve = C.NID_sect163r1 Sect163r2 Curve = C.NID_sect163r2 Sect193r1 Curve = C.NID_sect193r1 Sect193r2 Curve = C.NID_sect193r2 Sect233k1 Curve = C.NID_sect233k1 Sect233r1 Curve = C.NID_sect233r1 Sect239k1 Curve = C.NID_sect239k1 Sect283k1 Curve = C.NID_sect283k1 Sect283r1 Curve = C.NID_sect283r1 Sect409k1 Curve = C.NID_sect409k1 Sect409r1 Curve = C.NID_sect409r1 Sect571k1 Curve = C.NID_sect571k1 Sect571r1 Curve = C.NID_sect571r1 )
Supported elliptic curves. Generated from openssl/obj_mac.h
type DecryptionCipherCtx ¶
type DecryptionCipherCtx interface { CipherCtx // Pass in ciphertext, get back plaintext. Can be called multiple times as // needed. DecryptUpdate(input []byte) ([]byte, error) // Call after all ciphertext has been passed in; may return additional // plaintext if needed to finish off a block. DecryptFinal() ([]byte, error) // Call DecryptUpdate to decrypt data, and then call DecryptFinal to finish // decryption. Decrypt(input []byte) ([]byte, error) }
func NewDecryptionCipherCtx ¶
func NewDecryptionCipherCtx(c *Cipher, key, iv []byte) ( DecryptionCipherCtx, error)
type EncryptionCipherCtx ¶
type EncryptionCipherCtx interface { CipherCtx // pass in plaintext, get back ciphertext. can be called // multiple times as needed EncryptUpdate(input []byte) ([]byte, error) // call after all plaintext has been passed in; may return // additional ciphertext if needed to finish off a block // or extra padding information EncryptFinal() ([]byte, error) // Call EncryptUpdate to encrypt data, and then call EncryptFinal to finish // encryption. Encrypt(input []byte) ([]byte, error) }
func NewEncryptionCipherCtx ¶
func NewEncryptionCipherCtx(c *Cipher, key, iv []byte) ( EncryptionCipherCtx, error)
type OpenSSLError ¶
type OpenSSLError struct {
Function string
}
OpenSSLError represents an error encountered while running an OpenSSL function.
func (OpenSSLError) Error ¶
func (err OpenSSLError) Error() string
type PrivateKey ¶
PrivateKey represents a private key which can be used for signing, encryption, decryption etc.
func GeneratePrivateKey ¶
func GeneratePrivateKey(curve Curve) (*PrivateKey, error)
GeneratePrivateKey generates a random private key for the given curve.
func PrivateKeyFromBytes ¶
func PrivateKeyFromBytes(raw []byte) (*PrivateKey, error)
PrivateKeyFromBytes re-creates the private key from the binary format that it was stored in.
func PrivateKeyFromRawBytes ¶
func PrivateKeyFromRawBytes(curve Curve, raw []byte) (*PrivateKey, error)
PrivateKeyFromRawBytes accepts a byte array which contains the private key and creates a PrivateKey object based on that.
func (*PrivateKey) Decrypt ¶
func (key *PrivateKey) Decrypt(raw []byte) ([]byte, error)
Decrypt decrypts data that was encrypted using the Encrypt function.
func (*PrivateKey) Encrypt ¶
func (key *PrivateKey) Encrypt(data []byte, pubkey *PublicKey) ([]byte, error)
Encrypt encrypts data for the target public key using AES-256-CBC. This is meant to be used with a randomly generated private key (the pubkey of which is also in the output byte slice). The structure that it encodes everything into is:
struct { // Initialization Vector used for AES-256-CBC IV [16]byte // Serialized Public Key PublicKey []byte // Cipher text Data []byte // HMACSHA256 Message Authentication Code HMAC [32]byte }
func (*PrivateKey) GetRawECDHKey ¶
func (key *PrivateKey) GetRawECDHKey(pubKey *PublicKey, length int) ([]byte, error)
GetRawECDHKey generates the raw ECDH key which must be passed through an appropriate hashing function before being used for encryption/decryption. The maximum length of the shared key is dependent on the curve used.
func (*PrivateKey) Serialize ¶
func (key *PrivateKey) Serialize() []byte
Serialize serializes the private key into a binary format useful for network transfer or storage.
type PublicKey ¶
PublicKey represents a public key which can be used for signature verification, encryption etc.
func PublicKeyFromBytes ¶
PublicKeyFromBytes re-creates a PublicKey object from the binary format that it was stored in.
func PublicKeyFromUncompressedBytes ¶
PublicKeyFromUncompressedBytes de-serializes a public key from the 65-byte uncompressed format.
func (*PublicKey) Serialize ¶
Serialize serializes the public key into a binary format useful for network transfer or storage.
func (*PublicKey) SerializeUncompressed ¶
SerializeUncompressed serializes a public key in a 65-byte uncompressed format. Refer to https://github.com/conformal/btcec/blob/master/pubkey.go#L126