1 // Copyright 2011 The Go Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style
3 // license that can be found in the LICENSE file.
5 // Package crypto collects common cryptographic constants.
14 // Hash identifies a cryptographic hash function that is implemented in another
18 // HashFunc simply returns the value of h so that Hash implements SignerOpts.
19 func (h Hash
) HashFunc() Hash
{
24 MD4 Hash
= 1 + iota // import golang.org/x/crypto/md4
25 MD5
// import crypto/md5
26 SHA1
// import crypto/sha1
27 SHA224
// import crypto/sha256
28 SHA256
// import crypto/sha256
29 SHA384
// import crypto/sha512
30 SHA512
// import crypto/sha512
31 MD5SHA1
// no implementation; MD5+SHA1 used for TLS RSA
32 RIPEMD160
// import golang.org/x/crypto/ripemd160
33 SHA3_224
// import golang.org/x/crypto/sha3
34 SHA3_256
// import golang.org/x/crypto/sha3
35 SHA3_384
// import golang.org/x/crypto/sha3
36 SHA3_512
// import golang.org/x/crypto/sha3
37 SHA512_224
// import crypto/sha512
38 SHA512_256
// import crypto/sha512
39 BLAKE2s_256
// import golang.org/x/crypto/blake2s
40 BLAKE2b_256
// import golang.org/x/crypto/blake2b
41 BLAKE2b_384
// import golang.org/x/crypto/blake2b
42 BLAKE2b_512
// import golang.org/x/crypto/blake2b
46 var digestSizes
= []uint8{
68 // Size returns the length, in bytes, of a digest resulting from the given hash
69 // function. It doesn't require that the hash function in question be linked
71 func (h Hash
) Size() int {
72 if h
> 0 && h
< maxHash
{
73 return int(digestSizes
[h
])
75 panic("crypto: Size of unknown hash function")
78 var hashes
= make([]func() hash
.Hash
, maxHash
)
80 // New returns a new hash.Hash calculating the given hash function. New panics
81 // if the hash function is not linked into the binary.
82 func (h Hash
) New() hash
.Hash
{
83 if h
> 0 && h
< maxHash
{
89 panic("crypto: requested hash function #" + strconv
.Itoa(int(h
)) + " is unavailable")
92 // Available reports whether the given hash function is linked into the binary.
93 func (h Hash
) Available() bool {
94 return h
< maxHash
&& hashes
[h
] != nil
97 // RegisterHash registers a function that returns a new instance of the given
98 // hash function. This is intended to be called from the init function in
99 // packages that implement hash functions.
100 func RegisterHash(h Hash
, f
func() hash
.Hash
) {
102 panic("crypto: RegisterHash of unknown hash function")
107 // PublicKey represents a public key using an unspecified algorithm.
108 type PublicKey
interface{}
110 // PrivateKey represents a private key using an unspecified algorithm.
111 type PrivateKey
interface{}
113 // Signer is an interface for an opaque private key that can be used for
114 // signing operations. For example, an RSA key kept in a hardware module.
115 type Signer
interface {
116 // Public returns the public key corresponding to the opaque,
120 // Sign signs digest with the private key, possibly using entropy from
121 // rand. For an RSA key, the resulting signature should be either a
122 // PKCS#1 v1.5 or PSS signature (as indicated by opts). For an (EC)DSA
123 // key, it should be a DER-serialised, ASN.1 signature structure.
125 // Hash implements the SignerOpts interface and, in most cases, one can
126 // simply pass in the hash function used as opts. Sign may also attempt
127 // to type assert opts to other types in order to obtain algorithm
128 // specific values. See the documentation in each package for details.
130 // Note that when a signature of a hash of a larger message is needed,
131 // the caller is responsible for hashing the larger message and passing
132 // the hash (as digest) and the hash function (as opts) to Sign.
133 Sign(rand io
.Reader
, digest
[]byte, opts SignerOpts
) (signature
[]byte, err error
)
136 // SignerOpts contains options for signing with a Signer.
137 type SignerOpts
interface {
138 // HashFunc returns an identifier for the hash function used to produce
139 // the message passed to Signer.Sign, or else zero to indicate that no
144 // Decrypter is an interface for an opaque private key that can be used for
145 // asymmetric decryption operations. An example would be an RSA key
146 // kept in a hardware module.
147 type Decrypter
interface {
148 // Public returns the public key corresponding to the opaque,
152 // Decrypt decrypts msg. The opts argument should be appropriate for
153 // the primitive used. See the documentation in each implementation for
155 Decrypt(rand io
.Reader
, msg
[]byte, opts DecrypterOpts
) (plaintext
[]byte, err error
)
158 type DecrypterOpts
interface{}