brainpool

package module
v0.0.0-...-95977df Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 21, 2025 License: EUPL-1.2 Imports: 36 Imported by: 4

Documentation

Overview

Package brainpool implements Brainpool elliptic curves. Implementation of rcurves is from github.com/ebfe/brainpool Note that these curves are implemented with naive, non-constant time operations and are likely not suitable for enviroments where timing attacks are a concern.

Modified version from Go standard library x509 package. Copyright 2012 The Go Authors. All rights reserved. Use of this source code is governed by a BSD-style license that can be found in the LICENSE file.

Modified version from Go standard library x509 package.

Copyright 2023 The Go Authors. All rights reserved. Use of this source code is governed by a BSD-style license that can be found in the LICENSE file.

Modified Version of the x509 package from the Go standard library. Copyright 2021 The Go Authors. All rights reserved. Use of this source code is governed by a BSD-style license that can be found in the LICENSE file.

Index

Constants

View Source 
const (
	AlgorithmNameES256   = "ES256"
	AlgorithmNameES384   = "ES384"
	AlgorithmNameES512   = "ES512"
	AlgorithmNameBP256R1 = "BP256R1"
	AlgorithmNameBP384R1 = "BP384R1"
	AlgorithmNameBP512R1 = "BP512R1"
)

Variables

View Source 
var OIDNamedCurveP256r1 = asn1.ObjectIdentifier{1, 3, 36, 3, 3, 2, 8, 1, 1, 7}

Functions

func AlgorithmForCurve 

func AlgorithmForCurve(curve elliptic.Curve) (string, error)

func CurveForJWA 

func CurveForJWA(name string) (elliptic.Curve, error)

func DeriveECDHES 

func DeriveECDHES(algorithm string, apuData, apvData []byte, privateKey *ecdsa.PrivateKey, publicKey *ecdsa.PublicKey, keySize int) ([]byte, error)

func HashFunctionForCurve 

func HashFunctionForCurve(curve elliptic.Curve) (hash.Hash, error)

func JWAForCurve 

func JWAForCurve(curve elliptic.Curve) string

func MarshalECPrivateKey 

func MarshalECPrivateKey(key *ecdsa.PrivateKey) ([]byte, error)

MarshalECPrivateKey converts an EC private key to SEC 1, ASN.1 DER form.

This kind of key is commonly encoded in PEM blocks of type "EC PRIVATE KEY". For a more flexible key format which is not EC specific, use MarshalPKCS8PrivateKey.

func MarshalPKCS8PrivateKey 

func MarshalPKCS8PrivateKey(key any) ([]byte, error)

MarshalPKCS8PrivateKey converts a private key to PKCS #8, ASN.1 DER form.

The following key types are currently supported: *rsa.PrivateKey, *ecdsa.PrivateKey, ed25519.PrivateKey (not a pointer), and *ecdh.PrivateKey. Unsupported key types result in an error.

This kind of key is commonly encoded in PEM blocks of type "PRIVATE KEY".

MarshalPKCS8PrivateKey runs rsa.PrivateKey.Precompute on RSA keys.

func P256r1 

func P256r1() elliptic.Curve

P256r1 returns a Curve which implements Brainpool P256r1 (see RFC 5639, section 3.4)

func P256t1 

func P256t1() elliptic.Curve

P256t1 returns a Curve which implements Brainpool P256t1 (see RFC 5639, section 3.4)

func P384r1 

func P384r1() elliptic.Curve

P384r1 returns a Curve which implements Brainpool P384r1 (see RFC 5639, section 3.6)

func P384t1 

func P384t1() elliptic.Curve

P384t1 returns a Curve which implements Brainpool P384t1 (see RFC 5639, section 3.6)

func P512r1 

func P512r1() elliptic.Curve

P512r1 returns a Curve which implements Brainpool P512r1 (see RFC 5639, section 3.7)

func P512t1 

func P512t1() elliptic.Curve

P512t1 returns a Curve which implements Brainpool P512t1 (see RFC 5639, section 3.7)

func ParseCertificate 

func ParseCertificate(der []byte) (*x509.Certificate, error)

ParseCertificate parses a single certificate from the given ASN.1 DER data.

func ParseCertificatePEM 

func ParseCertificatePEM(pemBytes []byte) (*x509.Certificate, error)

func ParseCertificates 

func ParseCertificates(der []byte) ([]*x509.Certificate, error)

ParseCertificates parses one or more certificates from the given ASN.1 DER data. The certificates must be concatenated with no intermediate padding.

func ParseECPrivateKey 

func ParseECPrivateKey(der []byte) (*ecdsa.PrivateKey, error)

ParseECPrivateKey parses an EC private key in SEC 1, ASN.1 DER form.

This kind of key is commonly encoded in PEM blocks of type "EC PRIVATE KEY".

func ParsePKCS8PrivateKey 

func ParsePKCS8PrivateKey(der []byte) (key any, err error)

ParsePKCS8PrivateKey parses an unencrypted private key in PKCS #8, ASN.1 DER form.

It returns a *rsa.PrivateKey, an *ecdsa.PrivateKey, an ed25519.PrivateKey (not a pointer), or an *ecdh.PrivateKey (for X25519). More types might be supported in the future.

This kind of key is commonly encoded in PEM blocks of type "PRIVATE KEY".

Before Go 1.24, the CRT parameters of RSA keys were ignored and recomputed. To restore the old behavior, use the GODEBUG=x509rsacrt=0 environment variable.

func ParsePrivateKeyPEM 

func ParsePrivateKeyPEM(pemBytes []byte) (*ecdsa.PrivateKey, error)

func ParseRevocationList 

func ParseRevocationList(der []byte) (*x509.RevocationList, error)

ParseRevocationList parses a X509 v2 [Certificate] Revocation List from the given ASN.1 DER data.

Types

type Claims 

type Claims map[string]interface{}

type Headers 

type Headers map[string]interface{}

type JSONWebKey 

type JSONWebKey struct {
	KeyType         string              `json:"kty"`
	Use             string              `json:"use,omitempty"`
	Algortihm       string              `json:"alg,omitempty"`
	KeyID           string              `json:"kid,omitempty"`
	Key             interface{}         `json:"-"`
	CertificatesRaw [][]byte            `json:"x5c,omitempty"`
	Certificates    []*x509.Certificate `json:"-"`
	X               string              `json:"x"`
	Y               string              `json:"y"`
	D               string              `json:"d,omitempty"`
	CurveName       string              `json:"crv"`
}

See https://datatracker.ietf.org/doc/html/rfc7517

func (*JSONWebKey) MarshalJSON 

func (jwk *JSONWebKey) MarshalJSON() ([]byte, error)

func (*JSONWebKey) UnmarshalJSON 

func (jwk *JSONWebKey) UnmarshalJSON(data []byte) error

type JWEBuilder 

type JWEBuilder struct {
	// contains filtered or unexported fields
}

func NewJWEBuilder 

func NewJWEBuilder() *JWEBuilder

func (*JWEBuilder) EncryptECDHES 

func (b *JWEBuilder) EncryptECDHES(recipient interface{}) ([]byte, error)

func (*JWEBuilder) Header 

func (b *JWEBuilder) Header(key string, value interface{}) *JWEBuilder

func (*JWEBuilder) Plaintext 

func (b *JWEBuilder) Plaintext(plaintext []byte) *JWEBuilder

type JWT 

type JWT struct {
	Raw         []byte
	HeadersJson []byte
	PayloadJson []byte
	Signature   []byte
	Headers     Headers
	Claims      Claims
}

func ParseToken 

func ParseToken(rawToken []byte, verifiers ...VerifierFunc) (*JWT, error)

type JWTBuilder 

type JWTBuilder struct {
	// contains filtered or unexported fields
}

func NewJWTBuilder 

func NewJWTBuilder() *JWTBuilder

func (*JWTBuilder) Claim 

func (b *JWTBuilder) Claim(key string, value interface{}) *JWTBuilder

func (*JWTBuilder) Header 

func (b *JWTBuilder) Header(key string, value interface{}) *JWTBuilder

func (*JWTBuilder) Sign 

func (b *JWTBuilder) Sign(hashFunc hash.Hash, signFunc SignFunc) ([]byte, error)

type SignFunc 

type SignFunc func(hash []byte) ([]byte, error)

func SignFuncPrivateKey 

func SignFuncPrivateKey(sigPrK *ecdsa.PrivateKey) SignFunc

type VerifierErrorUnsupportedSignatureAlgorithm 

type VerifierErrorUnsupportedSignatureAlgorithm error

type VerifierFunc 

type VerifierFunc func(token *JWT) error

func WithEcdsaPublicKey 

func WithEcdsaPublicKey(pubKey *ecdsa.PublicKey) VerifierFunc

func WithKey 

func WithKey(key *JSONWebKey) VerifierFunc

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.