xmlenc

package
v1.2.3-leifj7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 11, 2026 License: MIT Imports: 12 Imported by: 0

README

xmlenc - XML Encryption 1.1 for Go

This package implements XML Encryption Syntax and Processing Version 1.1 as specified in W3C Recommendation.

Features

  • AES Key Wrap (RFC 3394) - AES-128/192/256-KW
  • X25519 Key Agreement with HKDF key derivation
  • AES-GCM and AES-CBC content encryption
  • Complete XML Encryption types: EncryptedData, EncryptedKey, AgreementMethod, KeyDerivationMethod
  • XML serialization/parsing compatible with standard XML Encryption documents

Installation

go get github.com/leifj/signedxml/xmlenc

Quick Start

Encrypt an XML Element with X25519
import (
    "github.com/beevik/etree"
    "github.com/leifj/signedxml/xmlenc"
)

// Generate or load recipient X25519 key
recipientPrivate, _ := xmlenc.GenerateX25519KeyPair()
recipientPublic := recipientPrivate.PublicKey()

// Create XML document
doc := etree.NewDocument()
root := doc.CreateElement("Message")
sensitive := root.CreateElement("SensitiveData")
sensitive.SetText("Confidential information")

// Encrypt with X25519 + AES-128-GCM
hkdfParams := xmlenc.DefaultHKDFParams([]byte("Application context"))
senderKA, _ := xmlenc.NewX25519KeyAgreement(recipientPublic, hkdfParams)
encryptor := xmlenc.NewEncryptor(xmlenc.AlgorithmAES128GCM, senderKA)

encryptedData, _ := encryptor.EncryptElement(sensitive)

// Generate XML output
xmlDoc := xmlenc.NewEncryptedDataDocument(encryptedData)
xmlBytes, _ := xmlDoc.WriteToBytes()
Decrypt an EncryptedData Element
// Parse the EncryptedData from XML
doc := etree.NewDocument()
doc.ReadFromBytes(xmlBytes)
encryptedData, _ := xmlenc.ParseEncryptedData(doc.Root())

// Extract ephemeral public key from EncryptedKey
ephemeralPubBytes := encryptedData.KeyInfo.EncryptedKey.KeyInfo.AgreementMethod.
    OriginatorKeyInfo.KeyValue.ECKeyValue.PublicKey
ephemeralPublic, _ := xmlenc.ParseX25519PublicKey(ephemeralPubBytes)

// Create key agreement for decryption
recipientKA := xmlenc.NewX25519KeyAgreementForDecrypt(
    recipientPrivate, ephemeralPublic, hkdfParams)

// Decrypt
decryptor := xmlenc.NewDecryptor(recipientKA)
decryptedElement, _ := decryptor.DecryptElement(encryptedData)
Use AES Key Wrap Directly
// Wrap a key
kek := make([]byte, 16) // Key Encryption Key
plaintext := make([]byte, 16) // Key to wrap

ciphertext, _ := xmlenc.AESKeyWrap(kek, plaintext)

// Unwrap
unwrapped, _ := xmlenc.AESKeyUnwrap(kek, ciphertext)

Supported Algorithms

Block Encryption
Algorithm URI
AES-128-GCM http://www.w3.org/2009/xmlenc11#aes128-gcm
AES-192-GCM http://www.w3.org/2009/xmlenc11#aes192-gcm
AES-256-GCM http://www.w3.org/2009/xmlenc11#aes256-gcm
AES-128-CBC http://www.w3.org/2001/04/xmlenc#aes128-cbc
AES-192-CBC http://www.w3.org/2001/04/xmlenc#aes192-cbc
AES-256-CBC http://www.w3.org/2001/04/xmlenc#aes256-cbc
Key Wrap
Algorithm URI
AES-128-KW http://www.w3.org/2001/04/xmlenc#kw-aes128
AES-192-KW http://www.w3.org/2001/04/xmlenc#kw-aes192
AES-256-KW http://www.w3.org/2001/04/xmlenc#kw-aes256
Key Agreement
Algorithm URI
X25519 http://www.w3.org/2021/04/xmldsig-more#x25519
ECDH-ES http://www.w3.org/2009/xmlenc11#ECDH-ES
Key Derivation
Algorithm URI
HKDF http://www.w3.org/2021/04/xmldsig-more#hkdf
ConcatKDF http://www.w3.org/2009/xmlenc11#ConcatKDF

EU eDelivery AS4 2.0 Compatibility

This package is designed to support the EU eDelivery AS4 2.0 interoperability profile which mandates:

  • X25519 key agreement
  • HKDF key derivation with HMAC-SHA256
  • AES-128-KW key wrapping
  • AES-128-GCM content encryption

Example for EU AS4 2.0:

// EU AS4 2.0 Common Usage Profile
hkdfParams := &xmlenc.HKDFParams{
    PRF:       xmlenc.AlgorithmHMACSHA256,
    Info:      []byte("eDelivery AS4 2.0"),
    KeyLength: 128, // bits
}

senderKA, _ := xmlenc.NewX25519KeyAgreement(recipientPublicKey, hkdfParams)
encryptor := xmlenc.NewEncryptor(xmlenc.AlgorithmAES128GCM, senderKA)

XML Output Example

The generated XML follows the XML Encryption 1.1 specification:

<xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" 
                   Type="http://www.w3.org/2001/04/xmlenc#Element">
  <xenc:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
  <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
    <xenc:EncryptedKey>
      <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes128"/>
      <ds:KeyInfo>
        <xenc:AgreementMethod Algorithm="http://www.w3.org/2021/04/xmldsig-more#x25519">
          <xenc11:KeyDerivationMethod xmlns:xenc11="http://www.w3.org/2009/xmlenc11#" 
                                     Algorithm="http://www.w3.org/2021/04/xmldsig-more#hkdf">
            <dsig-more:HKDFParams xmlns:dsig-more="http://www.w3.org/2001/04/xmldsig-more#">
              <dsig-more:PRF Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
              <dsig-more:Info>...</dsig-more:Info>
              <dsig-more:KeyLength>128</dsig-more:KeyLength>
            </dsig-more:HKDFParams>
          </xenc11:KeyDerivationMethod>
          <xenc:OriginatorKeyInfo>
            <ds:KeyValue>
              <dsig11:ECKeyValue xmlns:dsig11="http://www.w3.org/2009/xmldsig11#">
                <dsig11:NamedCurve URI="urn:ietf:params:xml:ns:keyprov:curve:x25519"/>
                <dsig11:PublicKey>...</dsig11:PublicKey>
              </dsig11:ECKeyValue>
            </ds:KeyValue>
          </xenc:OriginatorKeyInfo>
        </xenc:AgreementMethod>
      </ds:KeyInfo>
      <xenc:CipherData>
        <xenc:CipherValue>...</xenc:CipherValue>
      </xenc:CipherData>
    </xenc:EncryptedKey>
  </ds:KeyInfo>
  <xenc:CipherData>
    <xenc:CipherValue>...</xenc:CipherValue>
  </xenc:CipherData>
</xenc:EncryptedData>

References

License

MIT License - see parent signedxml package for details.

Documentation

Overview

Package xmlenc implements XML Encryption Syntax and Processing Version 1.1 as specified in https://www.w3.org/TR/xmlenc-core1/

This package provides encryption primitives that complement the XML Signature functionality in signedxml. Both share common infrastructure like canonicalization and KeyInfo handling.

Package xmlenc implements XML Encryption Syntax and Processing Version 1.1

Index

Constants

View Source 
const (
	// Namespace URIs
	NamespaceXMLEnc      = "http://www.w3.org/2001/04/xmlenc#"
	NamespaceXMLEnc11    = "http://www.w3.org/2009/xmlenc11#"
	NamespaceXMLDSig     = "http://www.w3.org/2000/09/xmldsig#"
	NamespaceXMLDSig11   = "http://www.w3.org/2009/xmldsig11#"
	NamespaceXMLDSigMore = "http://www.w3.org/2001/04/xmldsig-more#"
	NamespaceXMLDSig2021 = "http://www.w3.org/2021/04/xmldsig-more#"

	// Block Encryption Algorithms
	AlgorithmAES128CBC = "http://www.w3.org/2001/04/xmlenc#aes128-cbc"
	AlgorithmAES192CBC = "http://www.w3.org/2001/04/xmlenc#aes192-cbc"
	AlgorithmAES256CBC = "http://www.w3.org/2001/04/xmlenc#aes256-cbc"
	AlgorithmAES128GCM = "http://www.w3.org/2009/xmlenc11#aes128-gcm"
	AlgorithmAES192GCM = "http://www.w3.org/2009/xmlenc11#aes192-gcm"
	AlgorithmAES256GCM = "http://www.w3.org/2009/xmlenc11#aes256-gcm"
	AlgorithmTripleDES = "http://www.w3.org/2001/04/xmlenc#tripledes-cbc"

	// Key Transport Algorithms
	AlgorithmRSAv15    = "http://www.w3.org/2001/04/xmlenc#rsa-1_5"
	AlgorithmRSAOAEP   = "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"
	AlgorithmRSAOAEP11 = "http://www.w3.org/2009/xmlenc11#rsa-oaep"

	// Key Wrap Algorithms
	AlgorithmAES128KW    = "http://www.w3.org/2001/04/xmlenc#kw-aes128"
	AlgorithmAES192KW    = "http://www.w3.org/2001/04/xmlenc#kw-aes192"
	AlgorithmAES256KW    = "http://www.w3.org/2001/04/xmlenc#kw-aes256"
	AlgorithmTripleDESKW = "http://www.w3.org/2001/04/xmlenc#kw-tripledes"

	// Key Agreement Algorithms
	AlgorithmDH     = "http://www.w3.org/2001/04/xmlenc#dh"
	AlgorithmDHES   = "http://www.w3.org/2009/xmlenc11#dh-es"
	AlgorithmECDHES = "http://www.w3.org/2009/xmlenc11#ECDH-ES"
	AlgorithmX25519 = "http://www.w3.org/2021/04/xmldsig-more#x25519"

	// Key Derivation Algorithms
	AlgorithmConcatKDF = "http://www.w3.org/2009/xmlenc11#ConcatKDF"
	AlgorithmPBKDF2    = "http://www.w3.org/2009/xmlenc11#pbkdf2"
	AlgorithmHKDF      = "http://www.w3.org/2021/04/xmldsig-more#hkdf"

	// Digest Algorithms (from XML Signature, used in key derivation)
	AlgorithmSHA1       = "http://www.w3.org/2000/09/xmldsig#sha1"
	AlgorithmSHA256     = "http://www.w3.org/2001/04/xmlenc#sha256"
	AlgorithmSHA384     = "http://www.w3.org/2001/04/xmlenc#sha384"
	AlgorithmSHA512     = "http://www.w3.org/2001/04/xmlenc#sha512"
	AlgorithmHMACSHA256 = "http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"

	// MGF Algorithms (for RSA-OAEP)
	AlgorithmMGF1SHA1   = "http://www.w3.org/2009/xmlenc11#mgf1sha1"
	AlgorithmMGF1SHA256 = "http://www.w3.org/2009/xmlenc11#mgf1sha256"
	AlgorithmMGF1SHA384 = "http://www.w3.org/2009/xmlenc11#mgf1sha384"
	AlgorithmMGF1SHA512 = "http://www.w3.org/2009/xmlenc11#mgf1sha512"

	// Type URIs
	TypeEncryptedKey = "http://www.w3.org/2001/04/xmlenc#EncryptedKey"
	TypeDerivedKey   = "http://www.w3.org/2009/xmlenc11#DerivedKey"
	TypeElement      = "http://www.w3.org/2001/04/xmlenc#Element"
	TypeContent      = "http://www.w3.org/2001/04/xmlenc#Content"
)

Algorithm URIs for XML Encryption 1.1 These are the standard algorithm identifiers as defined in the W3C XML Encryption specification

Variables

View Source 
var (
	// ErrInvalidKeySize is returned when the key size is not valid for AES
	ErrInvalidKeySize = errors.New("invalid key size: must be 16, 24, or 32 bytes")
	// ErrInvalidPlaintextSize is returned when plaintext is too small or not aligned
	ErrInvalidPlaintextSize = errors.New("invalid plaintext size: must be >= 16 bytes and multiple of 8")
	// ErrInvalidCiphertextSize is returned when ciphertext is too small or not aligned
	ErrInvalidCiphertextSize = errors.New("invalid ciphertext size: must be >= 24 bytes and multiple of 8")
	// ErrIntegrityCheckFailed is returned when the integrity check fails during unwrap
	ErrIntegrityCheckFailed = errors.New("integrity check failed: invalid wrapped key")
)

Functions

func AESCBCDecrypt 

func AESCBCDecrypt(key, ciphertext []byte) ([]byte, error)

AESCBCDecrypt decrypts ciphertext encrypted with AESCBCEncrypt. Expects format: IV (16 bytes) || ciphertext

func AESCBCEncrypt 

func AESCBCEncrypt(key, plaintext []byte) ([]byte, error)

AESCBCEncrypt encrypts plaintext using AES-CBC with PKCS#7 padding. The IV is generated randomly and prepended to the ciphertext.

func AESGCMDecrypt 

func AESGCMDecrypt(key, ciphertext, additionalData []byte) ([]byte, error)

AESGCMDecrypt decrypts ciphertext encrypted with AESGCMEncrypt. Expects format: IV (12 bytes) || ciphertext || tag (16 bytes)

func AESGCMEncrypt 

func AESGCMEncrypt(key, plaintext, additionalData []byte) ([]byte, error)

AESGCMEncrypt encrypts plaintext using AES-GCM. The IV is generated randomly and prepended to the ciphertext. The returned data format is: IV (12 bytes) || ciphertext || tag (16 bytes)

func AESKeyUnwrap 

func AESKeyUnwrap(kek, ciphertext []byte) ([]byte, error)

AESKeyUnwrap unwraps a wrapped key encrypted with AESKeyWrap.

The ciphertext must be at least 24 bytes and a multiple of 8 bytes. The returned plaintext will be 8 bytes shorter than the ciphertext.

Algorithm: RFC 3394 Section 2.2.2

func AESKeyUnwrapWithIV 

func AESKeyUnwrapWithIV(kek, ciphertext, expectedIV []byte) ([]byte, error)

AESKeyUnwrapWithIV unwraps with a custom IV for verification. Most uses should prefer AESKeyUnwrap which uses the standard IV.

func AESKeyWrap 

func AESKeyWrap(kek, plaintext []byte) ([]byte, error)

AESKeyWrap wraps a content encryption key (plaintext) with a key encryption key.

The plaintext must be at least 16 bytes and a multiple of 8 bytes. The returned ciphertext will be 8 bytes longer than the plaintext.

Algorithm: RFC 3394 Section 2.2.1

func AESKeyWrapWithIV 

func AESKeyWrapWithIV(kek, plaintext, iv []byte) ([]byte, error)

AESKeyWrapWithIV wraps a content encryption key with a custom IV. Most uses should prefer AESKeyWrap which uses the standard IV.

func DecryptElementInPlace 

func DecryptElementInPlace(edElem *etree.Element, decryptor *Decryptor) error

DecryptElementInPlace decrypts an EncryptedData element and replaces it in the document

func EncryptElementInPlace 

func EncryptElementInPlace(elem *etree.Element, encryptor *Encryptor) error

EncryptElementInPlace encrypts an element and replaces it in the document

func GenerateX25519KeyPair 

func GenerateX25519KeyPair() (*ecdh.PrivateKey, error)

GenerateX25519KeyPair generates a new X25519 key pair

func IsGCM 

func IsGCM(algorithm string) bool

IsGCM returns true if the algorithm is an AES-GCM variant

func IsKeyAgreement 

func IsKeyAgreement(algorithm string) bool

IsKeyAgreement returns true if the algorithm is a key agreement algorithm

func IsKeyWrap 

func IsKeyWrap(algorithm string) bool

IsKeyWrap returns true if the algorithm is a key wrap algorithm

func KeySize 

func KeySize(algorithm string) int

KeySize returns the key size in bytes for the given algorithm URI. Returns 0 if the algorithm is not recognized or has variable key size.

func KeyWrapAlgorithmForContentAlgorithm 

func KeyWrapAlgorithmForContentAlgorithm(contentAlgorithm string) string

KeyWrapAlgorithmForContentAlgorithm returns the appropriate key wrap algorithm for a given content encryption algorithm based on key size.

func NewEncryptedDataDocument 

func NewEncryptedDataDocument(ed *EncryptedData) *etree.Document

NewEncryptedDataDocument creates an etree.Document containing an EncryptedData element

func NewEncryptedKeyDocument 

func NewEncryptedKeyDocument(ek *EncryptedKey) *etree.Document

NewEncryptedKeyDocument creates an etree.Document containing an EncryptedKey element

func ParseX25519PrivateKey 

func ParseX25519PrivateKey(data []byte) (*ecdh.PrivateKey, error)

ParseX25519PrivateKey parses an X25519 private key from raw bytes

func ParseX25519PublicKey 

func ParseX25519PublicKey(data []byte) (*ecdh.PublicKey, error)

ParseX25519PublicKey parses an X25519 public key from raw bytes

Types

type AgreementMethod 

type AgreementMethod struct {
	Algorithm           string // e.g., AlgorithmECDHES, AlgorithmX25519
	KeyDerivationMethod *KeyDerivationMethod
	OriginatorKeyInfo   *KeyInfo
	RecipientKeyInfo    *KeyInfo
	KANonce             []byte // Key Agreement Nonce
}

AgreementMethod represents xenc11:AgreementMethod for key agreement

type CipherData 

type CipherData struct {
	CipherValue     []byte           // Base64-decoded encrypted content
	CipherReference *CipherReference // URI reference to encrypted content
}

CipherData contains either CipherValue (inline) or CipherReference (external)

type CipherReference 

type CipherReference struct {
	URI        string
	Transforms []Transform
}

CipherReference points to external encrypted data

type ConcatKDFParams 

type ConcatKDFParams struct {
	DigestMethod string
	AlgorithmID  []byte
	PartyUInfo   []byte
	PartyVInfo   []byte
	SuppPubInfo  []byte
	SuppPrivInfo []byte
}

ConcatKDFParams contains parameters for Concat KDF

type DataReference 

type DataReference struct {
	URI string
}

DataReference points to an EncryptedData element

type Decryptor 

type Decryptor struct {
	// KeyUnwrapper handles key decryption
	KeyUnwrapper KeyUnwrapper
}

Decryptor provides XML Decryption operations

func NewDecryptor 

func NewDecryptor(keyUnwrapper KeyUnwrapper) *Decryptor

NewDecryptor creates a new Decryptor with the specified key unwrapper

func (*Decryptor) DecryptElement 

func (d *Decryptor) DecryptElement(ed *EncryptedData) (*etree.Element, error)

DecryptElement decrypts an EncryptedData structure and returns the XML element

func (*Decryptor) DecryptEncryptedData 

func (d *Decryptor) DecryptEncryptedData(ed *EncryptedData) ([]byte, error)

DecryptEncryptedData decrypts an EncryptedData structure and returns the plaintext

type DerivedKey 

type DerivedKey struct {
	ID                  string
	Type                string
	Recipient           string
	KeyDerivationMethod *KeyDerivationMethod
	ReferenceList       []DataReference
	MasterKeyName       string
}

DerivedKey represents xenc11:DerivedKey

type ECKeyValue 

type ECKeyValue struct {
	NamedCurve string // OID or named curve identifier
	PublicKey  []byte
}

ECKeyValue contains EC public key parameters

type EncryptedData 

type EncryptedData struct {
	EncryptedType
}

EncryptedData represents the xenc:EncryptedData element which contains encrypted content (either element or content encryption).

func ParseEncryptedData 

func ParseEncryptedData(elem *etree.Element) (*EncryptedData, error)

ParseEncryptedData parses an xenc:EncryptedData element from an etree.Element

func (*EncryptedData) ToElement 

func (ed *EncryptedData) ToElement() *etree.Element

ToElement converts EncryptedData to an etree.Element

type EncryptedKey 

type EncryptedKey struct {
	EncryptedType
	Recipient      string // Optional hint to the recipient
	CarriedKeyName string // Name for the key being carried
	ReferenceList  []DataReference
}

EncryptedKey represents the xenc:EncryptedKey element which contains an encrypted key wrapped for a specific recipient.

func ParseEncryptedKey 

func ParseEncryptedKey(elem *etree.Element) (*EncryptedKey, error)

ParseEncryptedKey parses an xenc:EncryptedKey element

func (*EncryptedKey) ToElement 

func (ek *EncryptedKey) ToElement() *etree.Element

ToElement converts EncryptedKey to an etree.Element

type EncryptedType 

type EncryptedType struct {
	ID               string
	Type             string // TypeElement, TypeContent, or custom URI
	MimeType         string
	Encoding         string
	EncryptionMethod *EncryptionMethod
	KeyInfo          *KeyInfo
	CipherData       *CipherData
}

EncryptedType is the abstract base type for EncryptedData and EncryptedKey as defined in the XML Encryption specification.

type EncryptionMethod 

type EncryptionMethod struct {
	Algorithm    string // URI of the encryption algorithm
	KeySize      int    // Optional explicit key size
	OAEPParams   []byte // For RSA-OAEP: MGF and DigestMethod
	DigestMethod string // Digest algorithm for RSA-OAEP
	MGFAlgorithm string // MGF algorithm for RSA-OAEP 1.1
}

EncryptionMethod specifies the algorithm used for encryption.

type Encryptor 

type Encryptor struct {
	// Algorithm is the content encryption algorithm (e.g., AlgorithmAES128GCM)
	Algorithm string
	// KeyWrapper handles key encryption (e.g., X25519KeyAgreement)
	KeyWrapper KeyWrapper
}

Encryptor provides XML Encryption operations

func NewEncryptor 

func NewEncryptor(algorithm string, keyWrapper KeyWrapper) *Encryptor

NewEncryptor creates a new Encryptor with the specified algorithm and key wrapper

func (*Encryptor) EncryptContent 

func (e *Encryptor) EncryptContent(elem *etree.Element) (*EncryptedData, error)

EncryptContent encrypts the content of an XML element

func (*Encryptor) EncryptElement 

func (e *Encryptor) EncryptElement(elem *etree.Element) (*EncryptedData, error)

EncryptElement encrypts an XML element and replaces it with EncryptedData

type HKDFParams 

type HKDFParams struct {
	PRF       string // PRF algorithm URI (e.g., HMAC-SHA256)
	Salt      []byte
	Info      []byte
	KeyLength int // Output key length in bits
}

HKDFParams contains parameters for HKDF (RFC 5869)

func DefaultHKDFParams 

func DefaultHKDFParams(info []byte) *HKDFParams

DefaultHKDFParams returns default HKDF parameters for XML Encryption

type KeyDerivationMethod 

type KeyDerivationMethod struct {
	Algorithm       string // e.g., AlgorithmHKDF, AlgorithmConcatKDF
	ConcatKDFParams *ConcatKDFParams
	HKDFParams      *HKDFParams
	PBKDF2Params    *PBKDF2Params
}

KeyDerivationMethod specifies how to derive the key encryption key

type KeyInfo 

type KeyInfo struct {
	ID              string
	EncryptedKey    *EncryptedKey
	AgreementMethod *AgreementMethod
	KeyName         string
	KeyValue        *KeyValue
	X509Data        *X509Data
	RetrievalMethod *RetrievalMethod
}

KeyInfo contains key identification information This is compatible with ds:KeyInfo from XML Signatures

type KeyUnwrapper 

type KeyUnwrapper interface {
	// UnwrapKey unwraps a content encryption key from EncryptedKey
	UnwrapKey(ek *EncryptedKey) ([]byte, error)
}

KeyUnwrapper interface for key unwrapping mechanisms

type KeyValue 

type KeyValue struct {
	RSAKeyValue *RSAKeyValue
	ECKeyValue  *ECKeyValue
}

KeyValue contains a public key value

type KeyWrapper 

type KeyWrapper interface {
	// WrapKey wraps a content encryption key
	WrapKey(cek []byte, wrapAlgorithm string) (*EncryptedKey, error)
}

KeyWrapper interface for key wrapping mechanisms

type PBKDF2Params 

type PBKDF2Params struct {
	Salt           []byte
	IterationCount int
	KeyLength      int
	PRF            string
}

PBKDF2Params contains parameters for PBKDF2

type RSAKeyValue 

type RSAKeyValue struct {
	Modulus  []byte
	Exponent []byte
}

RSAKeyValue contains RSA public key parameters

type RetrievalMethod 

type RetrievalMethod struct {
	URI  string
	Type string
}

RetrievalMethod indicates where to retrieve key info

type Transform 

type Transform struct {
	Algorithm string
}

Transform represents a transformation to be applied

type X25519KeyAgreement 

type X25519KeyAgreement struct {
	// EphemeralPrivateKey is the sender's ephemeral private key (generated during Wrap)
	EphemeralPrivateKey *ecdh.PrivateKey
	// EphemeralPublicKey is the sender's ephemeral public key (included in OriginatorKeyInfo)
	EphemeralPublicKey *ecdh.PublicKey
	// RecipientPublicKey is the recipient's static public key
	RecipientPublicKey *ecdh.PublicKey
	// RecipientPrivateKey is for decryption (only set on recipient side)
	RecipientPrivateKey *ecdh.PrivateKey
	// HKDFParams contains the key derivation parameters
	HKDFParams *HKDFParams
}

X25519KeyAgreement performs X25519 ECDH key agreement and key derivation as specified for XML Encryption with the HKDF key derivation function.

func NewX25519KeyAgreement 

func NewX25519KeyAgreement(recipientPublicKey *ecdh.PublicKey, hkdfParams *HKDFParams) (*X25519KeyAgreement, error)

NewX25519KeyAgreement creates a new X25519 key agreement instance for encryption. It generates a fresh ephemeral key pair and uses the provided recipient public key.

func NewX25519KeyAgreementForDecrypt 

func NewX25519KeyAgreementForDecrypt(recipientPrivateKey *ecdh.PrivateKey, ephemeralPublicKey *ecdh.PublicKey, hkdfParams *HKDFParams) *X25519KeyAgreement

NewX25519KeyAgreementForDecrypt creates a key agreement instance for decryption.

func (*X25519KeyAgreement) DeriveKeyEncryptionKey 

func (ka *X25519KeyAgreement) DeriveKeyEncryptionKey(keyLength int) ([]byte, error)

DeriveKeyEncryptionKey derives a key encryption key (KEK) using X25519 ECDH and HKDF. This is used to encrypt/decrypt the content encryption key.

func (*X25519KeyAgreement) UnwrapKey 

func (ka *X25519KeyAgreement) UnwrapKey(ek *EncryptedKey) ([]byte, error)

UnwrapKey unwraps a content encryption key from an EncryptedKey structure.

func (*X25519KeyAgreement) WrapKey 

func (ka *X25519KeyAgreement) WrapKey(cek []byte, wrapAlgorithm string) (*EncryptedKey, error)

WrapKey wraps a content encryption key (CEK) using X25519 key agreement. Returns the wrapped key and the EncryptedKey structure.

type X509Data 

type X509Data struct {
	X509Certificate []byte // DER-encoded certificate
}

X509Data contains X.509 certificate data

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.