openssl

package
v0.2.9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 20, 2024 License: MIT Imports: 14 Imported by: 2

Documentation

Overview

Copyright (c) Microsoft Corporation. Licensed under the MIT License.

Package openssl provides access to OpenSSL cryptographic functions.

Index

Constants

View Source 
const RandReader = randReader(0)

Variables

This section is empty.

Functions

func DecryptRSANoPadding 

func DecryptRSANoPadding(priv *PrivateKeyRSA, ciphertext []byte) ([]byte, error)

func DecryptRSAOAEP 

func DecryptRSAOAEP(h hash.Hash, priv *PrivateKeyRSA, ciphertext, label []byte) ([]byte, error)

func DecryptRSAOAEPWithMGF1Hash added in v0.2.2 

func DecryptRSAOAEPWithMGF1Hash(h, mgfHash hash.Hash, priv *PrivateKeyRSA, ciphertext, label []byte) ([]byte, error)

func DecryptRSAPKCS1 

func DecryptRSAPKCS1(priv *PrivateKeyRSA, ciphertext []byte) ([]byte, error)

func ECDH added in v0.2.3 

func ECDH(priv *PrivateKeyECDH, pub *PublicKeyECDH) ([]byte, error)

func EncryptRSANoPadding 

func EncryptRSANoPadding(pub *PublicKeyRSA, msg []byte) ([]byte, error)

func EncryptRSAOAEP 

func EncryptRSAOAEP(h hash.Hash, pub *PublicKeyRSA, msg, label []byte) ([]byte, error)

func EncryptRSAOAEPWithMGF1Hash added in v0.2.2 

func EncryptRSAOAEPWithMGF1Hash(h, mgfHash hash.Hash, pub *PublicKeyRSA, msg, label []byte) ([]byte, error)

func EncryptRSAPKCS1 

func EncryptRSAPKCS1(pub *PublicKeyRSA, msg []byte) ([]byte, error)

func FIPS 

func FIPS() bool

FIPS returns true if OpenSSL is running in FIPS mode, else returns false.

func Init 

func Init() error

Init loads and initializes OpenSSL. It must be called before any other OpenSSL call.

Only the first call to Init is effective, subsequent calls will return the same error result as the one from the first call.

If GO_OPENSSL_VERSION_OVERRIDE environment variable is not empty, its value will be appended to the OpenSSL shared library name as a version suffix when calling dlopen. For example, "GO_OPENSSL_VERSION_OVERRIDE=1.1.1k-fips" makes Init look for the shared library libcrypto.so.1.1.1k-fips. If GO_OPENSSL_VERSION_OVERRIDE environment variable is empty, Init will try to load the OpenSSL shared library using a list if supported and well-known version suffixes, going from higher to lower versions.

func NewAESCipher 

func NewAESCipher(key []byte) (cipher.Block, error)

func NewGCMTLS added in v0.2.0 

func NewGCMTLS(c cipher.Block) (cipher.AEAD, error)

NewGCMTLS returns a GCM cipher specific to TLS and should not be used for non-TLS purposes.

func NewGCMTLS13 added in v0.2.9 

func NewGCMTLS13(c cipher.Block) (cipher.AEAD, error)

NewGCMTLS13 returns a GCM cipher specific to TLS 1.3 and should not be used for non-TLS purposes.

func NewHMAC 

func NewHMAC(h func() hash.Hash, key []byte) hash.Hash

NewHMAC returns a new HMAC using OpenSSL. The function h must return a hash implemented by OpenSSL (for example, h could be openssl.NewSHA256). If h is not recognized, NewHMAC returns nil.

func NewSHA1 

func NewSHA1() hash.Hash

NewSHA1 returns a new SHA1 hash.

func NewSHA224 

func NewSHA224() hash.Hash

NewSHA224 returns a new SHA224 hash.

func NewSHA256 

func NewSHA256() hash.Hash

NewSHA256 returns a new SHA256 hash.

func NewSHA384 

func NewSHA384() hash.Hash

NewSHA384 returns a new SHA384 hash.

func NewSHA512 

func NewSHA512() hash.Hash

NewSHA512 returns a new SHA512 hash.

func SHA1 added in v0.2.0 

func SHA1(p []byte) (sum [20]byte)

func SHA224 added in v0.2.0 

func SHA224(p []byte) (sum [28]byte)

func SHA256 added in v0.2.0 

func SHA256(p []byte) (sum [32]byte)

func SHA384 added in v0.2.0 

func SHA384(p []byte) (sum [48]byte)

func SHA512 added in v0.2.0 

func SHA512(p []byte) (sum [64]byte)

func SetFIPS 

func SetFIPS(enabled bool) error

SetFIPS enables or disables FIPS mode.

On OpenSSL 3, the `fips` provider is loaded if enabled is true, else the `default` provider is loaded.

func SignMarshalECDSA 

func SignMarshalECDSA(priv *PrivateKeyECDSA, hash []byte) ([]byte, error)

func SignRSAPKCS1v15 

func SignRSAPKCS1v15(priv *PrivateKeyRSA, h crypto.Hash, hashed []byte) ([]byte, error)

func SignRSAPSS 

func SignRSAPSS(priv *PrivateKeyRSA, h crypto.Hash, hashed []byte, saltLen int) ([]byte, error)

func VerifyECDSA 

func VerifyECDSA(pub *PublicKeyECDSA, hash []byte, sig []byte) bool

func VerifyRSAPKCS1v15 

func VerifyRSAPKCS1v15(pub *PublicKeyRSA, h crypto.Hash, hashed, sig []byte) error

func VerifyRSAPSS 

func VerifyRSAPSS(pub *PublicKeyRSA, h crypto.Hash, hashed, sig []byte, saltLen int) error

func VersionText 

func VersionText() string

VersionText returns the version text of the OpenSSL currently loaded.

Types

type BigInt added in v0.2.0 

type BigInt []uint

A BigInt is the raw words from a BigInt. This definition allows us to avoid importing math/big. Conversion between BigInt and *big.Int is in openssl/bbig.

func GenerateKeyECDSA 

func GenerateKeyECDSA(curve string) (X, Y, D BigInt, err error)

func GenerateKeyRSA 

func GenerateKeyRSA(bits int) (N, E, D, P, Q, Dp, Dq, Qinv BigInt, err error)

type PrivateKeyECDH added in v0.2.3 

type PrivateKeyECDH struct {
	// contains filtered or unexported fields
}

func GenerateKeyECDH added in v0.2.3 

func GenerateKeyECDH(curve string) (*PrivateKeyECDH, []byte, error)

func NewPrivateKeyECDH added in v0.2.3 

func NewPrivateKeyECDH(curve string, bytes []byte) (*PrivateKeyECDH, error)

func (*PrivateKeyECDH) PublicKey added in v0.2.3 

func (k *PrivateKeyECDH) PublicKey() (*PublicKeyECDH, error)

type PrivateKeyECDSA 

type PrivateKeyECDSA struct {
	// contains filtered or unexported fields
}

func NewPrivateKeyECDSA 

func NewPrivateKeyECDSA(curve string, X, Y, D BigInt) (*PrivateKeyECDSA, error)

type PrivateKeyRSA 

type PrivateKeyRSA struct {
	// contains filtered or unexported fields
}

func NewPrivateKeyRSA 

func NewPrivateKeyRSA(N, E, D, P, Q, Dp, Dq, Qinv BigInt) (*PrivateKeyRSA, error)

type PublicKeyECDH added in v0.2.3 

type PublicKeyECDH struct {
	// contains filtered or unexported fields
}

func NewPublicKeyECDH added in v0.2.3 

func NewPublicKeyECDH(curve string, bytes []byte) (*PublicKeyECDH, error)

func (*PublicKeyECDH) Bytes added in v0.2.3 

func (k *PublicKeyECDH) Bytes() []byte

type PublicKeyECDSA 

type PublicKeyECDSA struct {
	// contains filtered or unexported fields
}

func NewPublicKeyECDSA 

func NewPublicKeyECDSA(curve string, X, Y BigInt) (*PublicKeyECDSA, error)

type PublicKeyRSA 

type PublicKeyRSA struct {
	// contains filtered or unexported fields
}

func NewPublicKeyRSA 

func NewPublicKeyRSA(N, E BigInt) (*PublicKeyRSA, error)

Source Files

View all Source files

Directories

Path Synopsis
bridge
internal
subtle
Package subtle implements functions that are often useful in cryptographic code but require careful thought to use correctly.
 Package subtle implements functions that are often useful in cryptographic code but require careful thought to use correctly.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.