1 // Copyright 2011 The Go Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style
3 // license that can be found in the LICENSE file.
5 // Package crypto collects common cryptographic constants.
14 // Hash identifies a cryptographic hash function that is implemented in another
18 // HashFunc simply returns the value of h so that Hash implements SignerOpts.
19 func (h Hash
) HashFunc() Hash
{
23 func (h Hash
) String() string {
64 return "unknown hash value " + strconv
.Itoa(int(h
))
69 MD4 Hash
= 1 + iota // import golang.org/x/crypto/md4
70 MD5
// import crypto/md5
71 SHA1
// import crypto/sha1
72 SHA224
// import crypto/sha256
73 SHA256
// import crypto/sha256
74 SHA384
// import crypto/sha512
75 SHA512
// import crypto/sha512
76 MD5SHA1
// no implementation; MD5+SHA1 used for TLS RSA
77 RIPEMD160
// import golang.org/x/crypto/ripemd160
78 SHA3_224
// import golang.org/x/crypto/sha3
79 SHA3_256
// import golang.org/x/crypto/sha3
80 SHA3_384
// import golang.org/x/crypto/sha3
81 SHA3_512
// import golang.org/x/crypto/sha3
82 SHA512_224
// import crypto/sha512
83 SHA512_256
// import crypto/sha512
84 BLAKE2s_256
// import golang.org/x/crypto/blake2s
85 BLAKE2b_256
// import golang.org/x/crypto/blake2b
86 BLAKE2b_384
// import golang.org/x/crypto/blake2b
87 BLAKE2b_512
// import golang.org/x/crypto/blake2b
91 var digestSizes
= []uint8{
113 // Size returns the length, in bytes, of a digest resulting from the given hash
114 // function. It doesn't require that the hash function in question be linked
116 func (h Hash
) Size() int {
117 if h
> 0 && h
< maxHash
{
118 return int(digestSizes
[h
])
120 panic("crypto: Size of unknown hash function")
123 var hashes
= make([]func() hash
.Hash
, maxHash
)
125 // New returns a new hash.Hash calculating the given hash function. New panics
126 // if the hash function is not linked into the binary.
127 func (h Hash
) New() hash
.Hash
{
128 if h
> 0 && h
< maxHash
{
134 panic("crypto: requested hash function #" + strconv
.Itoa(int(h
)) + " is unavailable")
137 // Available reports whether the given hash function is linked into the binary.
138 func (h Hash
) Available() bool {
139 return h
< maxHash
&& hashes
[h
] != nil
142 // RegisterHash registers a function that returns a new instance of the given
143 // hash function. This is intended to be called from the init function in
144 // packages that implement hash functions.
145 func RegisterHash(h Hash
, f
func() hash
.Hash
) {
147 panic("crypto: RegisterHash of unknown hash function")
152 // PublicKey represents a public key using an unspecified algorithm.
154 // Although this type is an empty interface for backwards compatibility reasons,
155 // all public key types in the standard library implement the following interface
158 // Equal(x crypto.PublicKey) bool
161 // which can be used for increased type safety within applications.
164 // PrivateKey represents a private key using an unspecified algorithm.
166 // Although this type is an empty interface for backwards compatibility reasons,
167 // all private key types in the standard library implement the following interface
170 // Public() crypto.PublicKey
171 // Equal(x crypto.PrivateKey) bool
174 // as well as purpose-specific interfaces such as Signer and Decrypter, which
175 // can be used for increased type safety within applications.
178 // Signer is an interface for an opaque private key that can be used for
179 // signing operations. For example, an RSA key kept in a hardware module.
180 type Signer
interface {
181 // Public returns the public key corresponding to the opaque,
185 // Sign signs digest with the private key, possibly using entropy from
186 // rand. For an RSA key, the resulting signature should be either a
187 // PKCS #1 v1.5 or PSS signature (as indicated by opts). For an (EC)DSA
188 // key, it should be a DER-serialised, ASN.1 signature structure.
190 // Hash implements the SignerOpts interface and, in most cases, one can
191 // simply pass in the hash function used as opts. Sign may also attempt
192 // to type assert opts to other types in order to obtain algorithm
193 // specific values. See the documentation in each package for details.
195 // Note that when a signature of a hash of a larger message is needed,
196 // the caller is responsible for hashing the larger message and passing
197 // the hash (as digest) and the hash function (as opts) to Sign.
198 Sign(rand io
.Reader
, digest
[]byte, opts SignerOpts
) (signature
[]byte, err error
)
201 // SignerOpts contains options for signing with a Signer.
202 type SignerOpts
interface {
203 // HashFunc returns an identifier for the hash function used to produce
204 // the message passed to Signer.Sign, or else zero to indicate that no
209 // Decrypter is an interface for an opaque private key that can be used for
210 // asymmetric decryption operations. An example would be an RSA key
211 // kept in a hardware module.
212 type Decrypter
interface {
213 // Public returns the public key corresponding to the opaque,
217 // Decrypt decrypts msg. The opts argument should be appropriate for
218 // the primitive used. See the documentation in each implementation for
220 Decrypt(rand io
.Reader
, msg
[]byte, opts DecrypterOpts
) (plaintext
[]byte, err error
)
223 type DecrypterOpts any