crypto

package
v0.0.0-...-b597805 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 22, 2025 License: MIT Imports: 18 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ECDH 

func ECDH(privateKey, peerPublicKey []byte) ([]byte, error)

ECDH 执行 ECDH 密钥交换

func GenerateChaCha20Key 

func GenerateChaCha20Key() ([]byte, error)

GenerateKey 生成随机密钥

func GenerateRootKey 

func GenerateRootKey() ([]byte, error)

GenerateRootKey 生成根密钥

func SignMessage 

func SignMessage(privateKey, message []byte) ([]byte, error)

SignMessage 签名消息(静态方法)

func VerifySignature 

func VerifySignature(publicKey, message, signature []byte) bool

VerifySignature 验证签名(静态方法)

Types

type ChaCha20Config 

type ChaCha20Config struct {
	KeySize int // 密钥长度,支持32字节
}

ChaCha20Config ChaCha20配置

type ChaCha20Poly1305 

type ChaCha20Poly1305 struct {
	// contains filtered or unexported fields
}

ChaCha20Poly1305 ChaCha20-Poly1305 AEAD 加密器

func NewChaCha20Poly1305 

func NewChaCha20Poly1305(key []byte) (*ChaCha20Poly1305, error)

NewChaCha20Poly1305 创建新的 ChaCha20-Poly1305 加密器

func NewChaCha20WithConfig 

func NewChaCha20WithConfig(config *ChaCha20Config) (*ChaCha20Poly1305, error)

NewChaCha20WithConfig 使用配置创建ChaCha20加密器

func (*ChaCha20Poly1305) Clone 

func (c *ChaCha20Poly1305) Clone() (*ChaCha20Poly1305, error)

Clone 克隆加密器

func (*ChaCha20Poly1305) Decrypt 

func (c *ChaCha20Poly1305) Decrypt(ciphertext []byte, additionalData []byte) ([]byte, error)

Decrypt 解密数据

func (*ChaCha20Poly1305) DecryptStream 

func (c *ChaCha20Poly1305) DecryptStream(reader io.Reader, writer io.Writer) error

DecryptStream 流式解密

func (*ChaCha20Poly1305) DecryptWithNonce 

func (c *ChaCha20Poly1305) DecryptWithNonce(ciphertext, nonce []byte, additionalData []byte) ([]byte, error)

DecryptWithNonce 使用指定nonce解密数据

func (*ChaCha20Poly1305) Destroy 

func (c *ChaCha20Poly1305) Destroy()

Destroy 销毁加密器(清零密钥)

func (*ChaCha20Poly1305) Encrypt 

func (c *ChaCha20Poly1305) Encrypt(plaintext []byte, additionalData []byte) ([]byte, error)

Encrypt 加密数据

func (*ChaCha20Poly1305) EncryptStream 

func (c *ChaCha20Poly1305) EncryptStream(reader io.Reader, writer io.Writer) error

EncryptStream 流式加密

func (*ChaCha20Poly1305) EncryptWithNonce 

func (c *ChaCha20Poly1305) EncryptWithNonce(plaintext, nonce []byte, additionalData []byte) ([]byte, error)

EncryptWithNonce 使用指定nonce加密数据

func (*ChaCha20Poly1305) GetKey 

func (c *ChaCha20Poly1305) GetKey() []byte

GetKey 获取密钥

func (*ChaCha20Poly1305) GetKeySize 

func (c *ChaCha20Poly1305) GetKeySize() int

GetKeySize 获取密钥长度

func (*ChaCha20Poly1305) GetNonceSize 

func (c *ChaCha20Poly1305) GetNonceSize() int

GetNonceSize 获取nonce长度

func (*ChaCha20Poly1305) GetOverhead 

func (c *ChaCha20Poly1305) GetOverhead() int

GetOverhead 获取加密开销

func (*ChaCha20Poly1305) Reset 

func (c *ChaCha20Poly1305) Reset(key []byte) error

Reset 重置加密器(使用新密钥)

type ChaCha20Pool 

type ChaCha20Pool struct {
	// contains filtered or unexported fields
}

ChaCha20Pool ChaCha20加密器池

func NewChaCha20Pool 

func NewChaCha20Pool(key []byte, poolSize int) (*ChaCha20Pool, error)

NewChaCha20Pool 创建ChaCha20加密器池

func (*ChaCha20Pool) Close 

func (p *ChaCha20Pool) Close()

Close 关闭池

func (*ChaCha20Pool) Get 

func (p *ChaCha20Pool) Get() *ChaCha20Poly1305

Get 从池中获取加密器

func (*ChaCha20Pool) Put 

func (p *ChaCha20Pool) Put(cipher *ChaCha20Poly1305)

Put 将加密器放回池中

type Ed25519KeyPair 

type Ed25519KeyPair struct {
	PrivateKey ed25519.PrivateKey
	PublicKey  ed25519.PublicKey
}

Ed25519KeyPair Ed25519 签名密钥对

func GenerateEd25519KeyPair 

func GenerateEd25519KeyPair() (*Ed25519KeyPair, error)

GenerateEd25519KeyPair 生成 Ed25519 签名密钥对

func (*Ed25519KeyPair) Sign 

func (kp *Ed25519KeyPair) Sign(message []byte) []byte

Sign 使用私钥签名数据

func (*Ed25519KeyPair) Verify 

func (kp *Ed25519KeyPair) Verify(message, signature []byte) bool

Verify 使用公钥验证签名

type HSMConfig 

type HSMConfig struct {
	Provider   string            `json:"provider"`
	SlotID     int               `json:"slot_id"`
	Pin        string            `json:"-"`
	KeyLabel   string            `json:"key_label"`
	Attributes map[string]string `json:"attributes"`
}

HSMConfig 硬件安全模块配置

type KeyEscrow 

type KeyEscrow struct {
	Shares    map[string]string `json:"shares"`
	Threshold int               `json:"threshold"`
	CreatedAt time.Time         `json:"created_at"`
}

KeyEscrow 密钥托管

type KeyManager 

type KeyManager struct {
	// contains filtered or unexported fields
}

KeyManager 密钥管理器

func NewKeyManager 

func NewKeyManager(rootKey []byte, config *KeyManagerConfig) (*KeyManager, error)

NewKeyManager 创建新的密钥管理器

func (*KeyManager) ExportKeys 

func (km *KeyManager) ExportKeys(password string) ([]byte, error)

ExportKeys 导出密钥(用于密钥托管)

func (*KeyManager) ForceRotation 

func (km *KeyManager) ForceRotation() error

ForceRotation 强制轮换密钥

func (*KeyManager) GetDataKey 

func (km *KeyManager) GetDataKey() []byte

GetDataKey 获取当前数据密钥

func (*KeyManager) GetNodeKey 

func (km *KeyManager) GetNodeKey() *Ed25519KeyPair

GetNodeKey 获取节点密钥

func (*KeyManager) GetSessionKey 

func (km *KeyManager) GetSessionKey() []byte

GetSessionKey 获取当前会话密钥

func (*KeyManager) ImportKeys 

func (km *KeyManager) ImportKeys(encryptedData []byte, password string) error

ImportKeys 导入密钥

type KeyManagerConfig 

type KeyManagerConfig struct {
	KeyStorePath     string        `json:"key_store_path"`
	AutoBackup       bool          `json:"auto_backup"`
	BackupInterval   time.Duration `json:"backup_interval"`
	MaxBackups       int           `json:"max_backups"`
	EncryptKeyStore  bool          `json:"encrypt_key_store"`
	KeyStorePassword string        `json:"-"` // 不序列化密码
	EnableKeyEscrow  bool          `json:"enable_key_escrow"`
	EscrowThreshold  int           `json:"escrow_threshold"`
	EnableHSM        bool          `json:"enable_hsm"`
	HSMConfig        *HSMConfig    `json:"hsm_config,omitempty"`
}

KeyManagerConfig 密钥管理器配置

type KeyStore 

type KeyStore struct {
	Keys      map[string]*StoredKey `json:"keys"`
	Metadata  *KeyStoreMetadata     `json:"metadata"`
	Signature string                `json:"signature"`
}

KeyStore 密钥存储

type KeyStoreMetadata 

type KeyStoreMetadata struct {
	Version     string    `json:"version"`
	CreatedAt   time.Time `json:"created_at"`
	UpdatedAt   time.Time `json:"updated_at"`
	NodeID      string    `json:"node_id"`
	BackupCount int       `json:"backup_count"`
}

KeyStoreMetadata 密钥存储元数据

type StoredKey 

type StoredKey struct {
	ID        string            `json:"id"`
	Type      string            `json:"type"`
	Algorithm string            `json:"algorithm"`
	KeyData   string            `json:"key_data"` // Base64编码
	CreatedAt time.Time         `json:"created_at"`
	ExpiresAt *time.Time        `json:"expires_at,omitempty"`
	Usage     []string          `json:"usage"`
	Metadata  map[string]string `json:"metadata"`
	Version   int               `json:"version"`
}

StoredKey 存储的密钥

type X25519KeyPair 

type X25519KeyPair struct {
	PrivateKey []byte
	PublicKey  []byte
}

X25519KeyPair X25519 密钥对

func GenerateX25519KeyPair 

func GenerateX25519KeyPair() (*X25519KeyPair, error)

GenerateX25519KeyPair 生成 X25519 密钥对

func (*X25519KeyPair) ComputeSharedSecret 

func (kp *X25519KeyPair) ComputeSharedSecret(peerPublicKey []byte) ([]byte, error)

ComputeSharedSecret 计算共享密钥

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.