package josecipher

import "gopkg.in/go-jose/go-jose.v2/cipher"

Index ¶

• func DeriveECDHES(alg string, apuData, apvData []byte, priv *ecdsa.PrivateKey, pub *ecdsa.PublicKey, size int) []byte
• func KeyUnwrap(block cipher.Block, ciphertext []byte) ([]byte, error)
• func KeyWrap(block cipher.Block, cek []byte) ([]byte, error)
• func NewCBCHMAC(key []byte, newBlockCipher func([]byte) (cipher.Block, error)) (cipher.AEAD, error)
• func NewConcatKDF(hash crypto.Hash, z, algID, ptyUInfo, ptyVInfo, supPubInfo, supPrivInfo []byte) io.Reader

Functions ¶

func DeriveECDHES ¶

func DeriveECDHES(alg string, apuData, apvData []byte, priv *ecdsa.PrivateKey, pub *ecdsa.PublicKey, size int) []byte

DeriveECDHES derives a shared encryption key using ECDH/ConcatKDF as described in JWE/JWA. It is an error to call this function with a private/public key that are not on the same curve. Callers must ensure that the keys are valid before calling this function. Output size may be at most 1<<16 bytes (64 KiB).

func KeyUnwrap ¶

func KeyUnwrap(block cipher.Block, ciphertext []byte) ([]byte, error)

KeyUnwrap implements NIST key unwrapping; it unwraps a content encryption key (cek) with the given block cipher.

func KeyWrap ¶

func KeyWrap(block cipher.Block, cek []byte) ([]byte, error)

KeyWrap implements NIST key wrapping; it wraps a content encryption key (cek) with the given block cipher.

func NewCBCHMAC ¶

func NewCBCHMAC(key []byte, newBlockCipher func([]byte) (cipher.Block, error)) (cipher.AEAD, error)

NewCBCHMAC instantiates a new AEAD based on CBC+HMAC.

func NewConcatKDF ¶

func NewConcatKDF(hash crypto.Hash, z, algID, ptyUInfo, ptyVInfo, supPubInfo, supPrivInfo []byte) io.Reader

NewConcatKDF builds a KDF reader based on the given inputs.

Source Files ¶

cbc_hmac.go concat_kdf.go ecdh_es.go key_wrap.go