dkimcrypt

import "gitlab.one.com/go/dkimcrypt"

Overview
Index
Subdirectories

Overview

Package dkimcrypt provides convenient functions for en- or decrypting, as well as signing and verifying data using a combination of local private key files and public keys present in DKIM DNS TXT records

Index

func Decrypt(selector, privkeypath string, in, key, mac []byte) (out []byte, err error)
func DecryptSingle(selector, privkeypath string, in []byte) (out []byte, err error)
func Encrypt(selector, domain string, in []byte) (out, key, mac []byte, err error)
func EncryptSingle(selector, domain string, in []byte) (out []byte, err error)
func GetPrivateKey(filename string) (*rsa.PrivateKey, error)
func GetPublicKey(selector, domain string) (*rsa.PublicKey, error)
func Sign(message []byte, privkeypath string) (out []byte, err error)
func Verify(message, signature []byte, selector, domain string) (err error)

Package files

crypt_decrypt.go privkey.go pubkey.go sign_verify.go

func Decrypt

func Decrypt(selector, privkeypath string, in, key, mac []byte) (out []byte, err error)

Decrypt will decrypt the data in 'in' and return it in 'out', given the path to a PEM-encoded private key file, an RSA-encrypted key, a message authentication code hash, and a selector, which must be the same used for encryption

func DecryptSingle

func DecryptSingle(selector, privkeypath string, in []byte) (out []byte, err error)

DecryptSingle is a wrapper around Decrypt, which will decrypt a byte slice encrypted by EncryptSingle

func Encrypt

func Encrypt(selector, domain string, in []byte) (out, key, mac []byte, err error)

Encrypt will AES-encrypt the data given in 'in', and return the encrypted version in 'out', as well as a key, which is RSA-encrypted using the public key it finds in the DKIM-like TXT record at [selector]._domainkey.[domain], and a message authentication code hash. Use the same selector in 'Decrypt'

func EncryptSingle

func EncryptSingle(selector, domain string, in []byte) (out []byte, err error)

EncryptSingle is a wrapper around Encrypt, which will encrypt a byte slice and return a single byte slice representing a key, a verification hash and the ecrypted data, useful for sending over a network. Decrypt using DecryptSingle

func GetPrivateKey

func GetPrivateKey(filename string) (*rsa.PrivateKey, error)

GetPrivateKey loads a private key from the given filename and returns it.

func GetPublicKey

func GetPublicKey(selector, domain string) (*rsa.PublicKey, error)

GetPublicKey will look up a public key for a domain with selector, and return it. If no key is found, an error is returned.

func Sign

func Sign(message []byte, privkeypath string) (out []byte, err error)

Sign will return the signature of the message in 'message' using the private key in the file at 'privkeypath'.

func Verify

func Verify(message, signature []byte, selector, domain string) (err error)

Verify a signature given the signature, the message it signed and the selector and domain that signed it. If err is nil, then the signature is good.

Generated by godoc2md

One-com / dkimcrypt