cryptoapi

package module
v0.1.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 10, 2024 License: MIT Imports: 13 Imported by: 0

README

xk6-cryptoapi

k6 extension for cryptographic operations.
Based on module go-cryptoapi. Allows to perform cryptographic operations during load testing.

Requirements

go install go.k6.io/xk6/cmd/xk6@latest

For Linux, you must additionally install library lsb-cprocsp-devel_5.0 from archive

Build

From local repository:

xk6 build --with xk6-formdata=.

From remote repository:

xk6 build --with github.com/Gwinkamp/xk6-cryptoapi

Usage

In load testing scenarios

To run this script, you need to run k6 executable file, which was previously built with xk6 build command

./k6 run scripts/example.js

Contribution

Freely. I am always glad to have suggestions

Documentation

Overview

Package csp provides mid-level cryptographic API based on CryptoAPI 2.0 on Windows and CryptoPro CSP on Linux.

Index

Constants

View Source 
const (
	GOSTR341012256 = "1.2.643.7.1.1.1.1"
	GOSTR341012512 = "1.2.643.7.1.1.1.2"
)

Public key algorithm IDs

Variables

View Source 
var (
	GOST_R3411        asn1.ObjectIdentifier = []int{1, 2, 643, 2, 2, 9}
	GOST_R3411_12_256 asn1.ObjectIdentifier = []int{1, 2, 643, 7, 1, 1, 2, 2}
	GOST_R3411_12_512 asn1.ObjectIdentifier = []int{1, 2, 643, 7, 1, 1, 2, 3}

	MD5RSA      asn1.ObjectIdentifier = []int{1, 2, 840, 113549, 1, 1, 4}
	SHA1RSA     asn1.ObjectIdentifier = []int{1, 2, 840, 113549, 1, 1, 5}
	SETOAEP_RSA asn1.ObjectIdentifier = []int{1, 2, 840, 113549, 1, 1, 6}

	SHA256RSA asn1.ObjectIdentifier = []int{1, 2, 840, 113549, 1, 1, 11}
	SHA384RSA asn1.ObjectIdentifier = []int{1, 2, 840, 113549, 1, 1, 12}
	SHA512RSA asn1.ObjectIdentifier = []int{1, 2, 840, 113549, 1, 1, 13}
)

Common object identifiers

Functions

func BlockDecrypt added in v0.1.3 

func BlockDecrypt(recipient Cert, data BlockEncryptedData) ([]byte, error)

func DecryptData added in v0.1.3 

func DecryptData(data []byte, store *CertStore) ([]byte, error)

DecryptData decrypts byte slice using provided certificate store for private key lookup

func DeleteCtx added in v0.1.3 

func DeleteCtx(container, provider string, provType ProvType) error

DeleteCtx deletes key container from CSP.

func EncryptData added in v0.1.3 

func EncryptData(data []byte, options EncryptOptions) (_ []byte, rErr error)

EncryptData encrypts arbitrary byte slice for one or more recipient certificates

Types

type AlgorithmIdentifier added in v0.1.3 

type AlgorithmIdentifier struct {
	PublicKeyOID asn1.ObjectIdentifier
	SignParams   SignParams
}

type BlockEncryptOptions added in v0.1.3 

type BlockEncryptOptions struct {
	Receiver Cert
	KeyAlg   C.ALG_ID // If not set, C.CALG_DH_GR3410_12_256_EPHEM is used
	KeyExp   C.DWORD  // If not set, C.CALG_PRO_EXPORT is used
}

type BlockEncryptedData added in v0.1.3 

type BlockEncryptedData struct {
	IV               []byte
	CipherText       []byte
	SessionKey       SessionKey
	SessionPublicKey []byte
	KeyExp           C.DWORD
	DHParamsOID      string
	DigestOID        string
	PublicKeyOID     string
}

func BlockEncrypt added in v0.1.3 

func BlockEncrypt(opts BlockEncryptOptions, data []byte) (BlockEncryptedData, error)

func (BlockEncryptedData) ToGOST2001KeyTransport added in v0.1.3 

func (s BlockEncryptedData) ToGOST2001KeyTransport() []byte

func (BlockEncryptedData) ToGOST2001KeyTransportASN1 added in v0.1.3 

func (s BlockEncryptedData) ToGOST2001KeyTransportASN1() (res Gost2001KeyTransportASN1, _ error)

type Cert added in v0.1.3 

type Cert struct {
	// contains filtered or unexported fields
}

Cert encapsulates certificate context

func ParseCert added in v0.1.3 

func ParseCert(buf []byte) (res Cert, err error)

ParseCert creates certificate context from byte slice

func (Cert) Bytes added in v0.1.3 

func (c Cert) Bytes() []byte

Bytes returns encoded certificate as byte slice

func (Cert) Close added in v0.1.3 

func (c Cert) Close() error

Close releases certificate context

func (Cert) Context added in v0.1.3 

func (c Cert) Context() (Ctx, error)

Context returns cryptographic context associated with the certificate

func (Cert) GetProperty added in v0.1.3 

func (c Cert) GetProperty(propID CertPropertyID) ([]byte, error)

GetProperty is a base function for extracting certificate context properties

func (Cert) Info added in v0.1.3 

func (c Cert) Info() CertInfo

Info extracts CertInfo from Cert

func (Cert) IsZero added in v0.1.3 

func (c Cert) IsZero() bool

IsZero returns true if certificate struct was not initialized

func (Cert) MustSubjectID added in v0.1.3 

func (c Cert) MustSubjectID() string

MustSubjectID returns certificate's subject id or panics

func (Cert) MustThumbPrint added in v0.1.3 

func (c Cert) MustThumbPrint() string

MustThumbPrint returns certificate's hash as a hexadecimal string or panics

func (Cert) SubjectID added in v0.1.3 

func (c Cert) SubjectID() (string, error)

SubjectID returns certificate's subject public key ID as a hexadecimal string

func (Cert) ThumbPrint added in v0.1.3 

func (c Cert) ThumbPrint() (string, error)

ThumbPrint returns certificate's hash as a hexadecimal string

type CertInfo added in v0.1.3 

type CertInfo struct {
	// contains filtered or unexported fields
}

CertInfo encapsulates certificate properties

func (CertInfo) IssuerStr added in v0.1.3 

func (ci CertInfo) IssuerStr() (string, error)

IssuerStr returns certificate issuer converted to Go string

func (CertInfo) PublicKeyAlgorithm added in v0.1.3 

func (ci CertInfo) PublicKeyAlgorithm() string

PublicKeyAlgorithm returns certificate subject public key algorithm as object ID string

func (CertInfo) PublicKeyBytes added in v0.1.3 

func (ci CertInfo) PublicKeyBytes() []byte

PublicKeyBytes returns certificate subject public key as byte slice

func (CertInfo) SignatureAlgorithm added in v0.1.3 

func (ci CertInfo) SignatureAlgorithm() string

SignatureAlgorithm returns certificate signature algorithm as object ID string

func (CertInfo) SubjectStr added in v0.1.3 

func (ci CertInfo) SubjectStr() (string, error)

SubjectStr returns certificate subject converted to Go string

type CertPropertyID added in v0.1.3 

type CertPropertyID C.DWORD

CertPropertyID corresponds to a C type of DWORD 

const (
	CertHashProp          CertPropertyID = C.CERT_HASH_PROP_ID
	CertKeyIDentifierProp CertPropertyID = C.CERT_KEY_IDENTIFIER_PROP_ID
	CertProvInfoProp      CertPropertyID = C.CERT_KEY_PROV_INFO_PROP_ID
)

Constants for certificate property IDs

type CertStore added in v0.1.3 

type CertStore struct {
	// contains filtered or unexported fields
}

CertStore incapsulates certificate store

func MemoryStore added in v0.1.3 

func MemoryStore() (res CertStore, err error)

MemoryStore returns handle to new empty in-memory certificate store

func SystemStore added in v0.1.3 

func SystemStore(name string) (*CertStore, error)

SystemStore returns handle to certificate store with certain name, using default system cryptoprovider

func (CertStore) Add added in v0.1.3 

func (s CertStore) Add(cert Cert) error

Add inserts certificate into store replacing existing certificate link if it's already added

func (CertStore) Certs added in v0.1.3 

func (s CertStore) Certs() (res []Cert)

func (CertStore) Close added in v0.1.3 

func (s CertStore) Close() error

Close releases cert store handle

func (CertStore) FindBySubject added in v0.1.3 

func (s CertStore) FindBySubject(subject string) []Cert

FindBySubject returns slice of certificates with a subject that matches string

func (CertStore) FindBySubjectId added in v0.1.3 

func (s CertStore) FindBySubjectId(thumb string) []Cert

FindBySubjectId returns slice of certificates that match given subject key ID. If ID supplied could not be decoded from string, FindBySubjectId will return nil slice

func (CertStore) FindByThumb added in v0.1.3 

func (s CertStore) FindByThumb(thumb string) []Cert

FindByThumb returns slice of certificates that match given thumbprint. If thumbprint supplied could not be decoded from string, FindByThumb will return nil slice

func (CertStore) GetByID added in v0.1.3 

func (s CertStore) GetByID(issuerName []byte, serialNumber *big.Int) (res Cert, err error)

GetByID returns certificate with specified issuer and serial number

func (CertStore) GetBySubject added in v0.1.3 

func (s CertStore) GetBySubject(subject string) (res Cert, err error)

GetBySubject returns first certificate with a subject that matches given string

func (CertStore) GetBySubjectId added in v0.1.3 

func (s CertStore) GetBySubjectId(keyId string) (res Cert, err error)

GetBySubjectId returns first certificate in store that match given subject key ID

func (CertStore) GetByThumb added in v0.1.3 

func (s CertStore) GetByThumb(thumb string) (res Cert, err error)

GetByThumb returns first certificate in store that match given thumbprint

type CryptFlag added in v0.1.3 

type CryptFlag C.DWORD

CryptFlag determines behaviour of acquired context 

const (
	CryptVerifyContext CryptFlag = C.CRYPT_VERIFYCONTEXT
	CryptNewKeyset     CryptFlag = C.CRYPT_NEWKEYSET
	CryptMachineKeyset CryptFlag = C.CRYPT_MACHINE_KEYSET
	CryptDeleteKeyset  CryptFlag = C.CRYPT_DELETEKEYSET
	CryptSilent        CryptFlag = C.CRYPT_SILENT
)

Flags for acquiring context

type CryptoAPI 

type CryptoAPI struct{}

func (*CryptoAPI) Hash 

func (c *CryptoAPI) Hash(data []byte) ([]byte, error)

Hash calculates hash of provided data using specified algorithm

type CryptoProvider added in v0.1.3 

type CryptoProvider struct {
	Name string
	Type ProvType
}

CryptoProvider struct contains description of CSP that can be used for creation of CSP Context.

func EnumProviders added in v0.1.3 

func EnumProviders() (res []CryptoProvider, err error)

EnumProviders returns slice of CryptoProvider structures, describing available CSPs.

type Ctx added in v0.1.3 

type Ctx struct {
	// contains filtered or unexported fields
}

Ctx is a CSP context nessessary for cryptographic functions.

func AcquireCtx added in v0.1.3 

func AcquireCtx(container, provider string, provType ProvType, flags CryptFlag) (res Ctx, err error)

AcquireCtx acquires new CSP context from container name, provider name, type and flags. Empty strings for container and provider names are typically used for CryptVerifyContext flag setting. Created context must be eventually released with its Close method.

func (Ctx) CertStore added in v0.1.3 

func (c Ctx) CertStore(name string) (res CertStore, err error)

CertStore method returns handle to certificate store in certain CSP context

func (Ctx) Close added in v0.1.3 

func (ctx Ctx) Close() error

Close releases CSP context

func (Ctx) GenKey added in v0.1.3 

func (ctx Ctx) GenKey(at KeyPairID, flags KeyFlag) (res Key, err error)

GenKey generates public/private key pair for given context. Flags parameter determines if generated key will be exportable or archivable and at parameter determines KeyExchange or Signature key pair. Resulting key must be eventually closed by calling Close.

func (Ctx) ImportKey added in v0.1.3 

func (ctx Ctx) ImportKey(buf SimpleBlob, cryptKey *Key) (Key, error)

ImportKey transfers a cryptographic key from a key BLOB into a context.

func (Ctx) ImportPublicKeyInfo added in v0.1.3 

func (ctx Ctx) ImportPublicKeyInfo(cert Cert) (Key, error)

ImportPublicKeyInfo imports public key information into the context and returns public key

func (Ctx) IsZero added in v0.1.3 

func (c Ctx) IsZero() bool

IsZero returns true if context was not initialized

func (Ctx) Key added in v0.1.3 

func (ctx Ctx) Key(at KeyPairID) (res Key, err error)

Key extracts public key from container represented by context ctx, from key pair given by at parameter. It must be released after use by calling Close method.

func (Ctx) SetDHOID added in v0.1.3 

func (ctx Ctx) SetDHOID(oid string) error

SetDHOID changes D-H OID on key container to specified OID (typically, result of Key.GetDHOID method)

func (Ctx) SetPassword added in v0.1.3 

func (ctx Ctx) SetPassword(pwd string, at KeyPairID) error

SetPassword changes PIN on key container acquired with AcquireCtx to pwd. Which private/public key pair affected is determined by at parameter.

type Decryptor added in v0.1.3 

type Decryptor struct {
	// contains filtered or unexported fields
}

func OpenToDecrypt added in v0.1.3 

func OpenToDecrypt(dest io.Writer, store *CertStore, maxHeaderSize int) (msg *Decryptor, rErr error)

OpenToDecrypt creates new Msg in decrypt mode. Maximum header size, if non-zero, limits size of data read from message until envelope recipient info is available.

func (*Decryptor) Write added in v0.1.3 

func (msg *Decryptor) Write(buf []byte) (int, error)

Write encodes provided bytes into message output data stream

type EncodeOptions added in v0.1.3 

type EncodeOptions struct {
	Detached bool                  // Signature is detached
	HashAlg  asn1.ObjectIdentifier // Signature hash algorithm ID
	Signers  []Cert                // Signing certificate list
}

EncodeOptions specifies message creation details

type EncryptOptions added in v0.1.3 

type EncryptOptions struct {
	Receivers []Cert // Receiving certificate list
}

EncryptOptions specifies message encryption details

type Error added in v0.1.3 

type Error struct {
	Code ErrorCode // Code indicates exact CryptoAPI error code
	// contains filtered or unexported fields
}

Error provides error type

func (Error) Error added in v0.1.3 

func (e Error) Error() string

type ErrorCode added in v0.1.3 

type ErrorCode C.DWORD

ErrorCode corresponds to a C type DWORD 

const (
	ErrBadKeysetParam ErrorCode = C.NTE_BAD_KEYSET_PARAM & (1<<32 - 1) // Typically occurs when trying to acquire context
	ErrFail           ErrorCode = C.NTE_FAIL & (1<<32 - 1)             // Misc error
	// ErrInvalidParameter ErrorCode = C.NTE_INVALID_PARAMETER & (1<<32 - 1) // Bad parameter to cryptographic function
	ErrNoKey          ErrorCode = C.NTE_NO_KEY & (1<<32 - 1)                   // Key not found
	ErrExists         ErrorCode = C.NTE_EXISTS & (1<<32 - 1)                   // Object already exists
	ErrNotFound       ErrorCode = C.NTE_NOT_FOUND & (1<<32 - 1)                // Object not found
	ErrKeysetNotDef   ErrorCode = C.NTE_KEYSET_NOT_DEF & (1<<32 - 1)           // Operation on unknown container
	ErrBadKeyset      ErrorCode = C.NTE_BAD_KEYSET & (1<<32 - 1)               // Operation on unknown container
	ErrStreamNotReady ErrorCode = C.CRYPT_E_STREAM_MSG_NOT_READY & (1<<32 - 1) // Returned until stream header is parsed
	ErrCryptNotFound  ErrorCode = C.CRYPT_E_NOT_FOUND & (1<<32 - 1)
	ErrMoreData       ErrorCode = C.ERROR_MORE_DATA & (1<<32 - 1)
)

Some C error codes translated to Go constants

func (ErrorCode) String added in v0.1.3 

func (ec ErrorCode) String() string

type GOST2001KeyTransport added in v0.1.3 

type GOST2001KeyTransport [172]byte

func (GOST2001KeyTransport) ToBlockEncryptedData added in v0.1.3 

func (s GOST2001KeyTransport) ToBlockEncryptedData(dataStream []byte) BlockEncryptedData

type Gost2001KeyTransportASN1 added in v0.1.3 

type Gost2001KeyTransportASN1 struct {
	SessionKey          Gost28147_89EncryptedKey
	TransportParameters GostR3410TransportParameters `asn1:"tag:0,optional"`
}
GostR3410-KeyTransport ::= SEQUENCE {
  sessionEncryptedKey   Gost28147-89-EncryptedKey,
  transportParameters
    [0] IMPLICIT GostR3410-TransportParameters OPTIONAL
}

func (Gost2001KeyTransportASN1) ToBlockEncryptedData added in v0.1.3 

func (k Gost2001KeyTransportASN1) ToBlockEncryptedData(dataStream []byte) (BlockEncryptedData, error)

type Gost28147_89EncryptedKey added in v0.1.3 

type Gost28147_89EncryptedKey struct {
	EncryptedKey []byte
	MaskKey      []byte `asn1:"tag:0,optional"`
	MacKey       []byte
}
Gost28147-89-EncryptedKey ::=   SEQUENCE {
  encryptedKey         Gost28147-89-Key,
  maskKey              [0] IMPLICIT Gost28147-89-Key
                           OPTIONAL,
  macKey               Gost28147-89-MAC
}

type GostR3410TransportParameters added in v0.1.3 

type GostR3410TransportParameters struct {
	EncryptionParamSet asn1.ObjectIdentifier
	EphemeralPublicKey SubjectPublicKeyInfo `asn1:"tag:0,optional"`
	SeanceVector       []byte
}
GostR3410-TransportParameters ::= SEQUENCE {
  encryptionParamSet   OBJECT IDENTIFIER,
  ephemeralPublicKey   [0] IMPLICIT SubjectPublicKeyInfo OPTIONAL,
  ukm                  OCTET STRING
}

type Hash added in v0.1.3 

type Hash struct {
	// contains filtered or unexported fields
}

Hash encapsulates GOST hash

func NewHMAC added in v0.1.3 

func NewHMAC(hashAlg asn1.ObjectIdentifier, key []byte) (_ *Hash, rErr error)

NewHMAC creates HMAC object initialized with given byte key

func NewHash added in v0.1.3 

func NewHash(options HashOptions) (*Hash, error)

func (*Hash) BlockSize added in v0.1.3 

func (h *Hash) BlockSize() int

BlockSize returns the hash's underlying block size. The Write method must be able to accept any amount of data, but it may operate more efficiently if all writes are a multiple of the block size.

func (*Hash) Close added in v0.1.3 

func (h *Hash) Close() error

func (*Hash) Reset added in v0.1.3 

func (h *Hash) Reset()

Reset resets the Hash to its initial state.

func (*Hash) Sign added in v0.1.3 

func (h *Hash) Sign() ([]byte, error)

func (*Hash) Size added in v0.1.3 

func (h *Hash) Size() int

Size returns the number of bytes Sum will return.

func (*Hash) Sum added in v0.1.3 

func (h *Hash) Sum(b []byte) []byte

Sum appends the current hash to b and returns the resulting slice. It does not change the underlying hash state.

func (*Hash) Verify added in v0.1.3 

func (h *Hash) Verify(signer Cert, sig []byte) error

func (*Hash) Write added in v0.1.3 

func (h *Hash) Write(buf []byte) (n int, err error)

type HashOptions added in v0.1.3 

type HashOptions struct {
	HashAlg  asn1.ObjectIdentifier // Hash algorithm ID
	SignCert Cert                  // Certificate with a reference to private key container used to sign the hash
	HMACKey  Key                   // HMAC key for creating hash in HMAC mode
}

HashOptions describe hash creation parameters

type Key added in v0.1.3 

type Key struct {
	// contains filtered or unexported fields
}

Key incapsulates key pair functions

func (Key) Close added in v0.1.3 

func (key Key) Close() error

Close releases key handle.

func (Key) Decrypt added in v0.1.3 

func (key Key) Decrypt(buf []byte, hash *Hash) ([]byte, error)

Decrypt byte data on given key

func (Key) Encode added in v0.1.3 

func (key Key) Encode(cryptKey *Key) (SimpleBlob, error)

Encode exports a cryptographic key or a key pair in a secure manner. If cryptKey is nil, exports public key in unencrypted for, else -- session key.

func (Key) Encrypt added in v0.1.3 

func (key Key) Encrypt(buf []byte, hash *Hash) ([]byte, error)

Encrypt byte data on given key

func (Key) GetAlgID added in v0.1.3 

func (key Key) GetAlgID() (res C.ALG_ID, err error)

GetAlgID retrieves key's KP_ALGID parameter

func (Key) GetCipherOID added in v0.1.3 

func (key Key) GetCipherOID() ([]byte, error)

GetCipherOID retrieves key's cipher OID

func (Key) GetDHOID added in v0.1.3 

func (key Key) GetDHOID() (string, error)

GetDHOID retrieves key's DH OID

func (Key) GetHashOID added in v0.1.3 

func (key Key) GetHashOID() (string, error)

GetHashOID retrieves key's HASH OID

func (Key) GetOID added in v0.1.3 

func (key Key) GetOID() (string, error)

GetOID retrieves key's algorithm OID

func (Key) GetParam added in v0.1.3 

func (key Key) GetParam(param KeyParamID) (res []byte, err error)

GetParam retrieves data that governs the operations of a key.

func (Key) IsZero added in v0.1.3 

func (key Key) IsZero() bool

func (Key) SetAlgID added in v0.1.3 

func (key Key) SetAlgID(algID C.ALG_ID) error

SetAlgID sets KP_ALGID parameter on the key

func (Key) SetCipherOID added in v0.1.3 

func (key Key) SetCipherOID(oid []byte) error

SetCipherOID sets key's cipher OID

func (Key) SetIV added in v0.1.3 

func (key Key) SetIV(iv []byte) error

SetIV sets key initialization vector

func (Key) SetMode added in v0.1.3 

func (key Key) SetMode(mode C.DWORD) error

SetMode sets KP_MODE parameter on the key

func (Key) SetPadding added in v0.1.3 

func (key Key) SetPadding(padding C.DWORD) error

SetPadding sets KP_PADDING parameter on the key

type KeyFlag added in v0.1.3 

type KeyFlag C.DWORD

KeyFlag sets options on created key pair 

const (
	KeyArchivable KeyFlag = C.CRYPT_ARCHIVABLE
	KeyExportable KeyFlag = C.CRYPT_EXPORTABLE
)

Key flags

type KeyPairID added in v0.1.3 

type KeyPairID C.DWORD

KeyPairID selects public/private key pair from CSP container 

const (
	AtKeyExchange KeyPairID = C.AT_KEYEXCHANGE
	AtSignature   KeyPairID = C.AT_SIGNATURE
)

Key specification

type KeyParamID added in v0.1.3 

type KeyParamID C.DWORD

KeyParamID represents key parameters that can be retrieved for key. 

const (
	KeyCertificateParam KeyParamID = C.KP_CERTIFICATE // X.509 certificate that has been encoded by using DER
)

Certificate parameter IDs

type Msg added in v0.1.3 

type Msg struct {
	// contains filtered or unexported fields
}

Msg encapsulates stream decoder of PKCS7 message

func OpenToDecode added in v0.1.3 

func OpenToDecode(dest io.Writer) (msg *Msg, rErr error)

OpenToDecode creates new Msg in decode mode. If detachedSig parameter is specified, it must contain detached P7S signature

func OpenToEncode added in v0.1.3 

func OpenToEncode(dest io.Writer, options EncodeOptions) (msg *Msg, rErr error)

OpenToEncode creates new Msg in encode mode.

func OpenToEncrypt added in v0.1.3 

func OpenToEncrypt(dest io.Writer, options EncryptOptions) (*Msg, error)

OpenToEncrypt creates new Msg in encrypt mode.

func OpenToVerify added in v0.1.3 

func OpenToVerify(detachedSig ...[]byte) (msg *Msg, rErr error)

OpenToVerify creates new Msg in decode mode. If detachedSig parameter is specified, it must contain detached P7S signature

func (*Msg) CertStore added in v0.1.3 

func (msg *Msg) CertStore() (res CertStore, err error)

CertStore returns message certificate store. As a side-effect, source stream is fully read and parsed.

func (*Msg) Close added in v0.1.3 

func (msg *Msg) Close() error

Close needs to be called to release internal message handle and flush underlying encoded message.

func (*Msg) GetSignerCert added in v0.1.3 

func (msg *Msg) GetSignerCert(i int, store CertStore) (Cert, error)

GetSignerCert returns i-th message signer certificate from provided certificate store (usually acquired by msg.CertStore() method).

func (*Msg) GetSignerCount added in v0.1.3 

func (msg *Msg) GetSignerCount() (int, error)

GetSignerCount returns number of signer infos in message

func (*Msg) Verify added in v0.1.3 

func (msg *Msg) Verify(c Cert) error

Verify verifies message signature against signer certificate

func (*Msg) Write added in v0.1.3 

func (msg *Msg) Write(buf []byte) (int, error)

Write encodes provided bytes into message output data stream

type ProvType added in v0.1.3 

type ProvType C.DWORD

ProvType is CryptoAPI provider type 

const (
	ProvRsa          ProvType = C.PROV_RSA_FULL
	ProvGost94       ProvType = 71
	ProvGost2001     ProvType = 75
	ProvGost2012     ProvType = 80
	ProvGost2012_512 ProvType = 81
)

Provider types

type SessionKey added in v0.1.3 

type SessionKey struct {
	SeanceVector       []byte
	EncryptedKey       []byte
	MACKey             []byte
	EncryptionParamSet []byte
}

func (SessionKey) ToSimpleBlob added in v0.1.3 

func (s SessionKey) ToSimpleBlob() SimpleBlob

type SignParams added in v0.1.3 

type SignParams struct {
	DHParamsOID asn1.ObjectIdentifier
	DigestOID   asn1.ObjectIdentifier
}

type SimpleBlob added in v0.1.3 

type SimpleBlob []byte

func (SimpleBlob) ToSessionKey added in v0.1.3 

func (s SimpleBlob) ToSessionKey() (SessionKey, error)

type SubjectPublicKeyInfo added in v0.1.3 

type SubjectPublicKeyInfo struct {
	Algorithm             AlgorithmIdentifier
	EncapsulatedPublicKey asn1.BitString
}

Source Files

View all Source files

Directories

Path Synopsis
cmd
main

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.
JackTT - Gopher 🇻🇳