aboutsummaryrefslogtreecommitdiff
path: root/types.go
blob: 53db1a995d9f1caa724608408416be2e0cce6dd5 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
// Package pki provides an easier way to create crypto related structures
// with the intent of making the management of these structures easier for
// other programs.
// Currently it provides mechanisms to create private keys in ECDSA and RSA,
// create public keys, create certificate sign requests and certificates.
//
// To create a new private key, there are two ways
// for an ecdsa key
//   private_key, err := NewPrivateKeyEcdsa(elliptic.P521())
// or for a RSA key
//   private_key, err := NewPrivateKeyRSA(4096)
//
// Getting a private key from the private key can be done with
//   public_key := private_key.Public()
package pki

import (
	"crypto"
	"encoding/pem"
	"io"
)

// This label is used as the type in the pem encoding of public keys.
const PemLabelPublic = "PUBLIC KEY"

type (
	// PrivateKey is a common interface for all crypto implementations to provide
	// the same functions, like deriving a public key or signing a message.
	PrivateKey interface {
		// Derive a new public key from the private key.
		Public() PublicKey
		// Sign a message using the public key and the given hash method.
		// To use a hash method, include the package
		//   import _ "crypto/sha512"
		Sign(message []byte, hash crypto.Hash) ([]byte, error)

		// Return the original go structure of the private key.
		PrivateKey() crypto.PrivateKey

		// ToPem must return a pem block of the private key.
		ToPem() (pem.Block, error)
	}

	// PublicKey is used by the different crypto implementations to provide the
	// same functionality like verifying a message against a signature.
	PublicKey interface {
		Pemmer
		// This function can be used to verify a message against a provided signature
		// using the given hash function.
		Verify(message []byte, signature []byte, hash crypto.Hash) (bool, error)
	}

	// Pemmer is used by all crypto structures which need to be available
	// in the pem format. The result can then be written to any structure
	// implementing the io.Writer interface.
	Pemmer interface {
		MarshalPem() (io.WriterTo, error)
	}

	// ToPem returns the raw pem block to make it possible to write the result to
	// any place.
	PemOutput interface {
		ToPem() (pem.Block, error)
	}
)