| // Copyright 2011 The Go Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style |
| // license that can be found in the LICENSE file. |
| |
| // Package crypto collects common cryptographic constants. |
| package crypto |
| |
| import ( |
| "hash" |
| "io" |
| "strconv" |
| ) |
| |
| // Hash identifies a cryptographic hash function that is implemented in another |
| // package. |
| type Hash uint |
| |
| // HashFunc simply returns the value of h so that Hash implements SignerOpts. |
| func (h Hash) HashFunc() Hash { |
| return h |
| } |
| |
| const ( |
| MD4 Hash = 1 + iota // import golang.org/x/crypto/md4 |
| MD5 // import crypto/md5 |
| SHA1 // import crypto/sha1 |
| SHA224 // import crypto/sha256 |
| SHA256 // import crypto/sha256 |
| SHA384 // import crypto/sha512 |
| SHA512 // import crypto/sha512 |
| MD5SHA1 // no implementation; MD5+SHA1 used for TLS RSA |
| RIPEMD160 // import golang.org/x/crypto/ripemd160 |
| SHA3_224 // import golang.org/x/crypto/sha3 |
| SHA3_256 // import golang.org/x/crypto/sha3 |
| SHA3_384 // import golang.org/x/crypto/sha3 |
| SHA3_512 // import golang.org/x/crypto/sha3 |
| SHA512_224 // import crypto/sha512 |
| SHA512_256 // import crypto/sha512 |
| BLAKE2s_256 // import golang.org/x/crypto/blake2s |
| BLAKE2b_256 // import golang.org/x/crypto/blake2b |
| BLAKE2b_384 // import golang.org/x/crypto/blake2b |
| BLAKE2b_512 // import golang.org/x/crypto/blake2b |
| maxHash |
| ) |
| |
| var digestSizes = []uint8{ |
| MD4: 16, |
| MD5: 16, |
| SHA1: 20, |
| SHA224: 28, |
| SHA256: 32, |
| SHA384: 48, |
| SHA512: 64, |
| SHA512_224: 28, |
| SHA512_256: 32, |
| SHA3_224: 28, |
| SHA3_256: 32, |
| SHA3_384: 48, |
| SHA3_512: 64, |
| MD5SHA1: 36, |
| RIPEMD160: 20, |
| BLAKE2s_256: 32, |
| BLAKE2b_256: 32, |
| BLAKE2b_384: 48, |
| BLAKE2b_512: 64, |
| } |
| |
| // Size returns the length, in bytes, of a digest resulting from the given hash |
| // function. It doesn't require that the hash function in question be linked |
| // into the program. |
| func (h Hash) Size() int { |
| if h > 0 && h < maxHash { |
| return int(digestSizes[h]) |
| } |
| panic("crypto: Size of unknown hash function") |
| } |
| |
| var hashes = make([]func() hash.Hash, maxHash) |
| |
| // New returns a new hash.Hash calculating the given hash function. New panics |
| // if the hash function is not linked into the binary. |
| func (h Hash) New() hash.Hash { |
| if h > 0 && h < maxHash { |
| f := hashes[h] |
| if f != nil { |
| return f() |
| } |
| } |
| panic("crypto: requested hash function #" + strconv.Itoa(int(h)) + " is unavailable") |
| } |
| |
| // Available reports whether the given hash function is linked into the binary. |
| func (h Hash) Available() bool { |
| return h < maxHash && hashes[h] != nil |
| } |
| |
| // RegisterHash registers a function that returns a new instance of the given |
| // hash function. This is intended to be called from the init function in |
| // packages that implement hash functions. |
| func RegisterHash(h Hash, f func() hash.Hash) { |
| if h >= maxHash { |
| panic("crypto: RegisterHash of unknown hash function") |
| } |
| hashes[h] = f |
| } |
| |
| // PublicKey represents a public key using an unspecified algorithm. |
| type PublicKey interface{} |
| |
| // PrivateKey represents a private key using an unspecified algorithm. |
| type PrivateKey interface{} |
| |
| // Signer is an interface for an opaque private key that can be used for |
| // signing operations. For example, an RSA key kept in a hardware module. |
| type Signer interface { |
| // Public returns the public key corresponding to the opaque, |
| // private key. |
| Public() PublicKey |
| |
| // Sign signs digest with the private key, possibly using entropy from |
| // rand. For an RSA key, the resulting signature should be either a |
| // PKCS#1 v1.5 or PSS signature (as indicated by opts). For an (EC)DSA |
| // key, it should be a DER-serialised, ASN.1 signature structure. |
| // |
| // Hash implements the SignerOpts interface and, in most cases, one can |
| // simply pass in the hash function used as opts. Sign may also attempt |
| // to type assert opts to other types in order to obtain algorithm |
| // specific values. See the documentation in each package for details. |
| // |
| // Note that when a signature of a hash of a larger message is needed, |
| // the caller is responsible for hashing the larger message and passing |
| // the hash (as digest) and the hash function (as opts) to Sign. |
| Sign(rand io.Reader, digest []byte, opts SignerOpts) (signature []byte, err error) |
| } |
| |
| // SignerOpts contains options for signing with a Signer. |
| type SignerOpts interface { |
| // HashFunc returns an identifier for the hash function used to produce |
| // the message passed to Signer.Sign, or else zero to indicate that no |
| // hashing was done. |
| HashFunc() Hash |
| } |
| |
| // Decrypter is an interface for an opaque private key that can be used for |
| // asymmetric decryption operations. An example would be an RSA key |
| // kept in a hardware module. |
| type Decrypter interface { |
| // Public returns the public key corresponding to the opaque, |
| // private key. |
| Public() PublicKey |
| |
| // Decrypt decrypts msg. The opts argument should be appropriate for |
| // the primitive used. See the documentation in each implementation for |
| // details. |
| Decrypt(rand io.Reader, msg []byte, opts DecrypterOpts) (plaintext []byte, err error) |
| } |
| |
| type DecrypterOpts interface{} |
