scrypto

package
v0.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 14, 2019 License: Apache-2.0 Imports: 22 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	Ed25519                    = "ed25519"
	Curve25519xSalsa20Poly1305 = "curve25519xsalsa20poly1305"
)

Available asymmetric crypto algorithms. The values must be lower case.

View Source 
const (
	NaClBoxNonceSize = 24
	NaClBoxKeySize   = 32
)

Constants for nacl/box implementation of Curve25519xSalsa20Poly1305

View Source 
const (
	ErrInvalidPubKeySize      common.ErrMsg = "Invalid public key size"
	ErrInvalidPrivKeySize     common.ErrMsg = "Invalid private key size"
	ErrInvalidSignatureSize   common.ErrMsg = "Invalid signature size"
	ErrInvalidSignatureFormat common.ErrMsg = "Invalid signature format: " +
		"sig[63]&224 should equal 0"
	ErrVerification            common.ErrMsg = "Signature verification failed"
	ErrUnableToGenerateKeyPair common.ErrMsg = "Unable to generate key pair"
	ErrUnableToDecrypt         common.ErrMsg = "Unable to decrypt message"
	ErrUnsupportedAlgo         common.ErrMsg = "Unsupported algorithm"
	ErrUnsupportedSignAlgo     common.ErrMsg = "Unsupported signing algorithm"
	ErrUnsupportedEncAlgo      common.ErrMsg = "Unsupported encryption algorithm"
)
View Source 
const (
	ErrCipherFailure common.ErrMsg = "Unable to initialize AES cipher"
	ErrMacFailure    common.ErrMsg = "Unable to initialize Mac"
)
View Source 
const (
	ErrInvalidNonceSize      common.ErrMsg = "Invalid nonce size"
	ErrUnableToGenerateNonce common.ErrMsg = "Unable to generate nonce"
)

Variables

View Source 
var (
	// ErrKeyVersionNotSet indicates KeyVersion is not set.
	ErrKeyVersionNotSet = errors.New("key version not set")
	// ErrAlgorithmNotSet indicates the key algorithm is not set.
	ErrAlgorithmNotSet = errors.New("algorithm not set")
	// ErrKeyNotSet indicates the key is not set.
	ErrKeyNotSet = errors.New("key not set")
)
View Source 
var (
	// ErrNotAfterNotSet indicates not_after is not set.
	ErrNotAfterNotSet = errors.New("not_after not set")
	// ErrNotBeforeNotSet indicates not_before is not set.
	ErrNotBeforeNotSet = errors.New("not_before not set")
	// ErrInvalidValidityPeriod indicates an invalid validity period.
	ErrInvalidValidityPeriod = errors.New("not_after before not_before")
)
View Source 
var Base64 = base64.RawURLEncoding

Base64 is the base64 encoding used when packing and unpacking encoded data. In accordance with rfc7515 (see https://tools.ietf.org/html/rfc7515#section-2), this is the URL safe encoding with padding omitted.

View Source 
var ErrInvalidVersion = errors.New("version must not be zero")

ErrInvalidVersion indicates an invalid trust file version.

Functions

func Decrypt 

func Decrypt(msg, nonce, pubkey, privkey common.RawBytes, algo string) (common.RawBytes, error)

Decrypt decrypts a message for a given nonce and public/private keypair.

func Encrypt 

func Encrypt(msg, nonce, pubkey, privkey common.RawBytes, algo string) (common.RawBytes, error)

Encrypt takes a message, a nonce and a public/private keypair and returns the encrypted and authenticated message. Note: Nonce must be different for each message that is encrypted with the same key.

func GenKeyPair 

func GenKeyPair(algo string) (common.RawBytes, common.RawBytes, error)

GenKeyPair generates a public/private key pair.

func GetPubKey added in v0.4.0 

func GetPubKey(privKey []byte, algo string) ([]byte, error)

GetPubKey generates the public key for the provided private key.

func HFMacFactory added in v0.4.0 

func HFMacFactory(key []byte) (func() hash.Hash, error)

func InitMac 

func InitMac(key []byte) (hash.Hash, error)

func JWSignatureInput added in v0.4.0 

func JWSignatureInput(protected []byte, payload []byte) common.RawBytes

JWSignatureInput computes the signature input according to rfc7517 (see: https://tools.ietf.org/html/rfc7515#section-5.1)

func Nonce 

func Nonce(l int) (common.RawBytes, error)

Nonce takes an input length and returns a random nonce of the given length.

func RandInt64 

func RandInt64() int64

RandInt64 returns a random int64 value. The returned value can be negative.

func RandUint64 

func RandUint64() uint64

func Sign 

func Sign(sigInput, signKey common.RawBytes, signAlgo string) (common.RawBytes, error)

Sign takes a signature input and a signing key to create a signature. Currently only ed25519 is supported.

func Verify 

func Verify(sigInput, sig, verifyKey common.RawBytes, signAlgo string) error

Verify takes a signature input and a verifying key and returns an error, if the signature does not match. Currently only ed25519 is supported.

Types

type KeyMeta added in v0.4.0 

type KeyMeta struct {
	// KeyVersion identifies the key. It must change if the key changes, and
	// stay the same if the key does not change.
	KeyVersion KeyVersion `json:"key_version"`
	// Algorithm indicates the algorithm associated with the key.
	Algorithm string `json:"algorithm"`
	// Key is the raw public key.
	Key common.RawBytes `json:"key"`
}

KeyMeta holds the raw key with metadata.

func (*KeyMeta) UnmarshalJSON added in v0.4.0 

func (m *KeyMeta) UnmarshalJSON(b []byte) error

UnmarshalJSON checks that all fields are set.

type KeyVersion added in v0.4.0 

type KeyVersion uint64

KeyVersion identifies a key version.

type Validity added in v0.4.0 

type Validity struct {
	NotBefore util.UnixTime `json:"not_before"`
	NotAfter  util.UnixTime `json:"not_after"`
}

Validity indicates a validity period.

func (Validity) Contains added in v0.4.0 

func (v Validity) Contains(t time.Time) bool

Contains indicates whether the provided time is inside the validity period.

func (Validity) Covers added in v0.4.0 

func (v Validity) Covers(other Validity) bool

Covers indicates whether the other validity is covered by this validity.

func (Validity) String added in v0.4.0 

func (v Validity) String() string

func (*Validity) UnmarshalJSON added in v0.4.0 

func (v *Validity) UnmarshalJSON(b []byte) error

UnmarshalJSON checks that both NotBefore and NotAfter are set.

func (Validity) Validate added in v0.4.0 

func (v Validity) Validate() error

Validate checks that NotAfter is after NotBefore.

type Version added in v0.4.0 

type Version uint64

Version identifies the version of a trust file. It cannot be marshalled/unmarshalled to/from LatestVer. 

const LatestVer Version = 0

LatestVer is the wildcard version indicating the highest available version when requesting certificate chains and TRCs.

func (Version) IsLatest added in v0.4.0 

func (v Version) IsLatest() bool

IsLatest checks if the value is LatestVer

func (Version) MarshalJSON added in v0.4.0 

func (v Version) MarshalJSON() ([]byte, error)

MarshalJSON checks that the value is not LatestVer.

func (*Version) UnmarshalJSON added in v0.4.0 

func (v *Version) UnmarshalJSON(b []byte) error

UnmarshalJSON checks that the value is not LatestVer.

Source Files

View all Source files

Directories

Path Synopsis
v2
trc
v2
Package trc contains the TRC implementation according to the new control-plane PKI design.
 Package trc contains the TRC implementation according to the new control-plane PKI design.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.