protocol

package
v0.0.0-...-3f58f9a Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 21, 2018 License: MIT, MIT, MIT Imports: 21 Imported by: 0

Documentation

Overview

Package protocol implemets parts of cryptographic message syntax RFC 5652. This package is mostly for handling of the asn1 sturctures of cms. For de/encryption and signing/verfiying use to package cms.

Index

Constants

This section is empty.

Variables

View Source 
var (
	// ErrWrongType is returned by methods that make assumptions about types.
	// Helper methods are defined for accessing CHOICE and  ANY feilds. These
	// helper methods get the value of the field, assuming it is of a given type.
	// This error is returned if that assumption is wrong and the field has a
	// different type.
	ErrWrongType = errors.New("cms/protocol: wrong choice or any type")

	// ErrNoCertificate is returned when a requested certificate cannot be found.
	ErrNoCertificate = errors.New("no certificate found")

	// ErrNoKeyFound is returned when a requested certificate cannot be found.
	ErrNoKeyFound = errors.New("no key for decryption found")

	// ErrUnsupported is returned when an unsupported type or version
	// is encountered.
	ErrUnsupported = ASN1Error{"unsupported type or version"}

	// ErrTrailingData is returned when extra data is found after parsing an ASN.1
	// structure.
	ErrTrailingData = ASN1Error{"unexpected trailing data"}
)
View Source 
var ErrUnsupportedAlgorithm = errors.New("cms: cannot decrypt data: unsupported algorithm")

ErrUnsupportedAlgorithm is returned if the algorithm is unsupported.

Functions

func ANSIx963KDF 

func ANSIx963KDF(sharedSecret, sharedInfo []byte, keyLen int, hash crypto.Hash) (key []byte, err error)

ANSIx963KDF implents ANSI X9.63 key derivation function

func ECDHsharedSecret 

func ECDHsharedSecret(curve elliptic.Curve, priv []byte, pubX, pubY *big.Int) []byte

ECDHsharedSecret computes shared secret with ephemeral static ECDH

func IASstring 

func IASstring(cert *x509.Certificate) (iasString string, err error)

IASstring retuns the ias of the cert as hex encoded string.

func RawValue 

func RawValue(val interface{}, params ...string) (rv asn1.RawValue, err error)

RawValue marshals val and returns the asn1.RawValue

Types

type ASN1Error 

type ASN1Error struct {
	Message string
}

ASN1Error is an error from parsing ASN.1 structures.

func (ASN1Error) Error 

func (err ASN1Error) Error() string

Error implements the error interface.

type Attribute 

type Attribute struct {
	Type asn1.ObjectIdentifier

	// This should be a SET OF ANY, but Go's asn1 parser can't handle slices of
	// RawValues. Use value() to get an AnySet of the value.
	RawValue []asn1.RawValue `asn1:"set"`
}
Attribute ::= SEQUENCE {
  attrType OBJECT IDENTIFIER,
  attrValues SET OF AttributeValue }

AttributeValue ::= ANY

func NewAttribute 

func NewAttribute(attrType asn1.ObjectIdentifier, val interface{}) (attr Attribute, err error)

NewAttribute creates a single-value Attribute.

type Attributes 

type Attributes []Attribute

Attributes is a common Go type for SignedAttributes and UnsignedAttributes.

SignedAttributes ::= SET SIZE (1..MAX) OF Attribute

UnsignedAttributes ::= SET SIZE (1..MAX) OF Attribute

func (Attributes) GetOnlyAttributeValueBytes 

func (attrs Attributes) GetOnlyAttributeValueBytes(oid asn1.ObjectIdentifier) (rv asn1.RawValue, err error)

GetOnlyAttributeValueBytes gets an attribute value, returning an error if the attribute occurs multiple times or has multiple values.

func (Attributes) GetValues 

func (attrs Attributes) GetValues(oid asn1.ObjectIdentifier) ([][]asn1.RawValue, error)

GetValues retreives the attributes with the given OID. A nil value is returned if the OPTIONAL SET of Attributes is missing from the SignerInfo. An empty slice is returned if the specified attribute isn't in the set.

type AuthEnvelopedData 

type AuthEnvelopedData struct {
	Version        int
	OriginatorInfo asn1.RawValue   `asn1:"optional,tag:0"`
	RecipientInfos []RecipientInfo `asn1:"set,choice"`
	AECI           EncryptedContentInfo
	AauthAttrs     []Attribute `asn1:"set,optional,tag:1"`
	MAC            []byte
	UnAauthAttrs   []Attribute `asn1:"set,optional,tag:2"`
}
AuthEnvelopedData ::= SEQUENCE {
	version CMSVersion,
	originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
	recipientInfos RecipientInfos,
	authEncryptedContentInfo EncryptedContentInfo,

/ authAttrs [1] IMPLICIT AuthAttributes OPTIONAL, 

mac MessageAuthenticationCode,
unauthAttrs [2] IMPLICIT UnauthAttributes OPTIONAL }

https://tools.ietf.org/html/rfc5083##section-2.1

func NewAuthEnvelopedData 

func NewAuthEnvelopedData(eci *EncryptedContentInfo, reciInfos []RecipientInfo, mac []byte) AuthEnvelopedData

NewAuthEnvelopedData creates AuthEnvelopedData from an EncryptedContentInfo with mac and given RecipientInfos.

func (AuthEnvelopedData) ContentInfo 

func (ed AuthEnvelopedData) ContentInfo() (ContentInfo, error)

ContentInfo marshals AuthEnvelopedData and returns ContentInfo.

func (*AuthEnvelopedData) Decrypt 

func (ed *AuthEnvelopedData) Decrypt(keyPair []tls.Certificate) (plain []byte, err error)

Decrypt decrypts AuthEnvelopedData and returns the plaintext.

type CertificateChoices 

type CertificateChoices struct {
	Cert       x509.Certificate       `asn1:"optional"`
	V2AttrCert asn1.RawValue          `asn1:"optional,tag:2"`
	Other      OtherCertificateFormat `asn1:"optional,tag:3"`
}
CertificateChoices ::= CHOICE {
  certificate Certificate,
  extendedCertificate [0] IMPLICIT ExtendedCertificate, -- Obsolete
  v1AttrCert [1] IMPLICIT AttributeCertificateV1,       -- Obsolete
  v2AttrCert [2] IMPLICIT AttributeCertificateV2,
  other [3] IMPLICIT OtherCertificateFormat }

type ContentInfo 

type ContentInfo struct {
	ContentType asn1.ObjectIdentifier
	Content     asn1.RawValue `asn1:"explicit,tag:0"`
}
ContentInfo ::= SEQUENCE {
  contentType ContentType,
  content [0] EXPLICIT ANY DEFINED BY contentType }

ContentType ::= OBJECT IDENTIFIER

func ParseContentInfo 

func ParseContentInfo(der []byte) (ci ContentInfo, err error)

ParseContentInfo parses DER-encoded ASN.1 data and returns ContentInfo.

func (ContentInfo) AuthEnvelopedDataContent 

func (ci ContentInfo) AuthEnvelopedDataContent() (*AuthEnvelopedData, error)

AuthEnvelopedDataContent unmarshals ContentInfo and returns AuthEnvelopedData if content type is AuthEnvelopedData.

func (ContentInfo) Base64 

func (ci ContentInfo) Base64() ([]byte, error)

Base64 encodes the DER-encoded ASN.1 data in base64 for use in S/MIME.

func (ContentInfo) DER 

func (ci ContentInfo) DER() ([]byte, error)

DER returns the DER-encoded ASN.1 data.

func (ContentInfo) EnvelopedDataContent 

func (ci ContentInfo) EnvelopedDataContent() (*EnvelopedData, error)

EnvelopedDataContent returns EnvelopedData if ContentType is EnvelopedData.

func (ContentInfo) SignedDataContent 

func (ci ContentInfo) SignedDataContent() (*SignedData, error)

SignedDataContent returns SignedData if ContentType is SignedData.

type ECCCMSSharedInfo 

type ECCCMSSharedInfo struct {
	KeyInfo     pkix.AlgorithmIdentifier
	EntityUInfo []byte `asn1:"optional,explicit,tag:0"`
	SuppPubInfo []byte `asn1:"explicit,tag:2"`
}
ECCCMSSharedInfo ECC-CMS-SharedInfo ::= SEQUENCE {
	keyInfo         AlgorithmIdentifier,
	entityUInfo [0] EXPLICIT OCTET STRING OPTIONAL,
	suppPubInfo [2] EXPLICIT OCTET STRING  }

type EncapsulatedContentInfo 

type EncapsulatedContentInfo struct {
	EContentType asn1.ObjectIdentifier ``                               // ContentType ::= OBJECT IDENTIFIER
	EContent     []byte                `asn1:"optional,explicit,tag:0"` //
}
EncapsulatedContentInfo ::= SEQUENCE {
  eContentType ContentType,
  eContent [0] EXPLICIT OCTET STRING OPTIONAL }

func NewDataEncapsulatedContentInfo 

func NewDataEncapsulatedContentInfo(data []byte) (EncapsulatedContentInfo, error)

NewDataEncapsulatedContentInfo creates a new EncapsulatedContentInfo of type id-data.

func NewEncapsulatedContentInfo 

func NewEncapsulatedContentInfo(contentType asn1.ObjectIdentifier, content []byte) (EncapsulatedContentInfo, error)

NewEncapsulatedContentInfo creates a new EncapsulatedContentInfo.

func (EncapsulatedContentInfo) IsTypeData 

func (eci EncapsulatedContentInfo) IsTypeData() bool

IsTypeData checks if the EContentType is id-data.

type EncryptedContentInfo 

type EncryptedContentInfo struct {
	EContentType               asn1.ObjectIdentifier
	ContentEncryptionAlgorithm pkix.AlgorithmIdentifier
	EContent                   []byte `asn1:"optional,implicit,tag:0"`
}
EncryptedContentInfo ::= SEQUENCE {
	contentType ContentType,
	contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
	encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL }

func NewEncryptedContentInfo 

func NewEncryptedContentInfo(contentType asn1.ObjectIdentifier, contentEncryptionAlg asn1.ObjectIdentifier, content []byte) (eci EncryptedContentInfo, key, mac []byte, err error)

NewEncryptedContentInfo encrypts the conent with the contentEncryptionAlgorithm and retuns the EncryptedContentInfo, the key and the MAC.

type EnvelopedData 

type EnvelopedData struct {
	Version          int
	OriginatorInfo   asn1.RawValue        `asn1:"optional,tag:0"`
	RecipientInfos   []RecipientInfo      `asn1:"set,choice"`
	ECI              EncryptedContentInfo ``
	UnprotectedAttrs []Attribute          `asn1:"set,optional,tag:1"`
}
EnvelopedData ::= SEQUENCE {
	version CMSVersion,
	originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
	recipientInfos RecipientInfos,
	encryptedContentInfo EncryptedContentInfo,
	unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL }

func NewEnvelopedData 

func NewEnvelopedData(eci *EncryptedContentInfo, reciInfos []RecipientInfo) EnvelopedData

NewEnvelopedData creates a new EnvelopedData from the given data.

func (EnvelopedData) ContentInfo 

func (ed EnvelopedData) ContentInfo() (ContentInfo, error)

ContentInfo returns new ContentInfo with ContentType EnvelopedData.

func (*EnvelopedData) Decrypt 

func (ed *EnvelopedData) Decrypt(keyPairs []tls.Certificate) (plain []byte, err error)

Decrypt decrypts the EnvelopedData with the given keyPair and retuns the plaintext.

type IssuerAndSerialNumber 

type IssuerAndSerialNumber struct {
	Issuer       asn1.RawValue
	SerialNumber *big.Int
}
IssuerAndSerialNumber ::= SEQUENCE {
	issuer Name,
	serialNumber CertificateSerialNumber }

CertificateSerialNumber ::= INTEGER

func NewIssuerAndSerialNumber 

func NewIssuerAndSerialNumber(cert *x509.Certificate) (sid IssuerAndSerialNumber, err error)

NewIssuerAndSerialNumber creates a IssuerAndSerialNumber SID for the given cert.

func (*IssuerAndSerialNumber) Equal 

func (ias *IssuerAndSerialNumber) Equal(ias2 IssuerAndSerialNumber) bool

Equal returns true if ias and ias2 agree.

func (*IssuerAndSerialNumber) RawValue 

func (ias *IssuerAndSerialNumber) RawValue() (rv asn1.RawValue, err error)

RawValue returns the RawValue of the IssuerAndSerialNumber.

type KeyAgreeRecipientIdentifier 

type KeyAgreeRecipientIdentifier struct {
	IAS    IssuerAndSerialNumber  `asn1:"optional"`
	RKeyID RecipientKeyIdentifier `asn1:"optional,tag:0"`
}
KeyAgreeRecipientIdentifier ::= CHOICE {
	issuerAndSerialNumber IssuerAndSerialNumber,
	rKeyId [0] IMPLICIT RecipientKeyIdentifier }

type KeyAgreeRecipientInfo 

type KeyAgreeRecipientInfo struct {
	Version                int
	Originator             OriginatorIdentifierOrKey `asn1:"explicit,choice,tag:0"`
	UKM                    []byte                    `asn1:"explicit,optional,tag:1"`
	KeyEncryptionAlgorithm pkix.AlgorithmIdentifier  ``
	RecipientEncryptedKeys []RecipientEncryptedKey   `asn1:"sequence"` //RecipientEncryptedKeys ::= SEQUENCE OF RecipientEncryptedKey
}
KeyAgreeRecipientInfo ::= SEQUENCE {
	version CMSVersion,  -- always set to 3
	originator [0] EXPLICIT OriginatorIdentifierOrKey,
	ukm [1] EXPLICIT UserKeyingMaterial OPTIONAL,
	keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
	recipientEncryptedKeys RecipientEncryptedKeys }

type KeyTransRecipientInfo 

type KeyTransRecipientInfo struct {
	Version                int
	Rid                    RecipientIdentifier `asn1:"choice"`
	KeyEncryptionAlgorithm pkix.AlgorithmIdentifier
	EncryptedKey           []byte
}
KeyTransRecipientInfo ::= SEQUENCE {
	version CMSVersion,  -- always set to 0 or 2
	rid RecipientIdentifier,
	keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
	encryptedKey EncryptedKey }

type OriginatorIdentifierOrKey 

type OriginatorIdentifierOrKey struct {
	IAS           IssuerAndSerialNumber `asn1:"optional"`
	SKI           []byte                `asn1:"optional,tag:0"`
	OriginatorKey OriginatorPublicKey   `asn1:"optional,tag:1"`
}
OriginatorIdentifierOrKey ::= CHOICE {
	issuerAndSerialNumber IssuerAndSerialNumber,
	subjectKeyIdentifier [0] SubjectKeyIdentifier,
	originatorKey [1] OriginatorPublicKey }

type OriginatorPublicKey 

type OriginatorPublicKey struct {
	Algorithm pkix.AlgorithmIdentifier
	PublicKey asn1.BitString
}
OriginatorPublicKey ::= SEQUENCE {
	algorithm AlgorithmIdentifier,
	publicKey BIT STRING

type OtherCertificateFormat 

type OtherCertificateFormat struct {
	OtherCertFormat asn1.ObjectIdentifier
	OtherCert       asn1.RawValue
}
OtherCertificateFormat ::= SEQUENCE {
  otherCertFormat OBJECT IDENTIFIER,
  otherCert ANY DEFINED BY otherCertFormat }

type OtherKeyAttribute 

type OtherKeyAttribute struct {
	KeyAttrID asn1.ObjectIdentifier
	KeyAttr   asn1.RawValue `asn1:"optional"`
}
OtherKeyAttribute ::= SEQUENCE {
	keyAttrId OBJECT IDENTIFIER,
	keyAttr ANY DEFINED BY keyAttrId OPTIONAL }

type OtherRevocationInfoFormat 

type OtherRevocationInfoFormat struct {
	OtherRevInfoFormat asn1.ObjectIdentifier
	OtherRevInfo       asn1.RawValue
}
OtherRevocationInfoFormat ::= SEQUENCE {
  otherRevInfoFormat OBJECT IDENTIFIER,
  otherRevInfo ANY DEFINED BY otherRevInfoFormat }

type RSAESOAEPparams 

type RSAESOAEPparams struct {
	HashFunc    pkix.AlgorithmIdentifier `asn1:"optional,explicit,tag:0"`
	MaskGenFunc pkix.AlgorithmIdentifier `asn1:"optional,explicit,tag:1"`
	PSourceFunc pkix.AlgorithmIdentifier `asn1:"optional,explicit,tag:2"`
}
RSAESOAEPparams  ::=  SEQUENCE  {
	hashFunc    [0] AlgorithmIdentifier DEFAULT sha1Identifier,
	maskGenFunc [1] AlgorithmIdentifier DEFAULT mgf1SHA1Identifier,
	pSourceFunc [2] AlgorithmIdentifier DEFAULT
						pSpecifiedEmptyIdentifier  }

type RecipientEncryptedKey 

type RecipientEncryptedKey struct {
	RID          KeyAgreeRecipientIdentifier `asn1:"choice"`
	EncryptedKey []byte
}
RecipientEncryptedKey ::= SEQUENCE {
	rid KeyAgreeRecipientIdentifier,
	encryptedKey EncryptedKey }

type RecipientIdentifier 

type RecipientIdentifier struct {
	IAS IssuerAndSerialNumber `asn1:"optional"`
	SKI []byte                `asn1:"optional,tag:0"`
}
RecipientIdentifier ::= CHOICE {
	issuerAndSerialNumber IssuerAndSerialNumber,
	subjectKeyIdentifier [0] SubjectKeyIdentifier }

type RecipientInfo 

type RecipientInfo struct {
	KTRI  KeyTransRecipientInfo `asn1:"optional"`
	KARI  KeyAgreeRecipientInfo `asn1:"optional,tag:1"` //KeyAgreeRecipientInfo
	KEKRI asn1.RawValue         `asn1:"optional,tag:2"`
	PWRI  asn1.RawValue         `asn1:"optional,tag:3"`
	ORI   asn1.RawValue         `asn1:"optional,tag:4"`
}
RecipientInfo ::= CHOICE {
	ktri KeyTransRecipientInfo,
	kari [1] KeyAgreeRecipientInfo,
	kekri [2] KEKRecipientInfo,
	pwri [3] PasswordRecipientInfo,
	ori [4] OtherRecipientInfo }

func NewRecipientInfo 

func NewRecipientInfo(recipient *x509.Certificate, key []byte) (info RecipientInfo, err error)

NewRecipientInfo creates RecipientInfo for giben recipient and key.

type RecipientKeyIdentifier 

type RecipientKeyIdentifier struct {
	SubjectKeyIdentifier []byte            //SubjectKeyIdentifier ::= OCTET STRING
	Date                 time.Time         `asn1:"optional"`
	Other                OtherKeyAttribute `asn1:"optional"`
}
RecipientKeyIdentifier ::= SEQUENCE {
	subjectKeyIdentifier SubjectKeyIdentifier,
	date GeneralizedTime OPTIONAL,
	other OtherKeyAttribute OPTIONAL }

type RevocationInfoChoice 

type RevocationInfoChoice struct {
	Crl   pkix.CertificateList      `asn1:"optional"`
	Other OtherRevocationInfoFormat `asn1:"optional,tag:1"`
}
RevocationInfoChoice ::= CHOICE {
  crl CertificateList,
  other [1] IMPLICIT OtherRevocationInfoFormat }

type SignedData 

type SignedData struct {
	Version          int                        ``                          // CMSVersion ::= INTEGER { v0(0), v1(1), v2(2), v3(3), v4(4), v5(5) }
	DigestAlgorithms []pkix.AlgorithmIdentifier `asn1:"set"`                //DigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier //DigestAlgorithmIdentifier ::= AlgorithmIdentifier
	EncapContentInfo EncapsulatedContentInfo    ``                          //
	Certificates     []asn1.RawValue            `asn1:"optional,set,tag:0"` // CertificateSet ::= SET OF CertificateChoices
	CRLs             []RevocationInfoChoice     `asn1:"optional,set,tag:1"` // RevocationInfoChoices ::= SET OF RevocationInfoChoice
	SignerInfos      []SignerInfo               `asn1:"set"`                // SignerInfos ::= SET OF SignerInfo
}
SignedData ::= SEQUENCE {
  version CMSVersion,
  digestAlgorithms DigestAlgorithmIdentifiers,
  encapContentInfo EncapsulatedContentInfo,
  certificates [0] IMPLICIT CertificateSet OPTIONAL,
  crls [1] IMPLICIT RevocationInfoChoices OPTIONAL,
  signerInfos SignerInfos }

func NewSignedData 

func NewSignedData(eci EncapsulatedContentInfo) (*SignedData, error)

NewSignedData creates a new SignedData.

func (*SignedData) AddCertificate 

func (sd *SignedData) AddCertificate(cert []byte) error

AddCertificate adds a *x509.Certificate.

func (*SignedData) AddSignerInfo 

func (sd *SignedData) AddSignerInfo(keypPair tls.Certificate, attrs []Attribute) (err error)

AddSignerInfo adds a SignerInfo to the SignedData.

func (*SignedData) ClearCertificates 

func (sd *SignedData) ClearCertificates()

ClearCertificates removes all certificates.

func (*SignedData) ContentInfo 

func (sd *SignedData) ContentInfo() (ContentInfo, error)

ContentInfo returns the SignedData wrapped in a ContentInfo packet.

func (*SignedData) Verify 

func (sd *SignedData) Verify(Opts x509.VerifyOptions, detached []byte) (chains [][][]*x509.Certificate, err error)

Verify checks the signature

func (*SignedData) X509Certificates 

func (sd *SignedData) X509Certificates() (map[string]*x509.Certificate, error)

X509Certificates gets the certificates, assuming that they're X.509 encoded.

type SignerIdentifier 

type SignerIdentifier struct {
	IAS IssuerAndSerialNumber `asn1:"optional"`
	SKI []byte                `asn1:"optional,tag:0"`
}
SignerIdentifier ::= CHOICE {
	issuerAndSerialNumber IssuerAndSerialNumber,
	subjectKeyIdentifier [0] SubjectKeyIdentifier }

type SignerInfo 

type SignerInfo struct {
	Version            int                      ``                          // CMSVersion ::= INTEGER    { v0(0), v1(1), v2(2), v3(3), v4(4), v5(5) }
	SID                SignerIdentifier         `asn1:"choice"`             //
	DigestAlgorithm    pkix.AlgorithmIdentifier ``                          // DigestAlgorithmIdentifier ::= AlgorithmIdentifier
	SignedAttrs        []Attribute              `asn1:"set,optional,tag:0"` // SignedAttributes ::= SET SIZE (1..MAX) OF Attribute
	SignatureAlgorithm pkix.AlgorithmIdentifier ``                          // SignatureAlgorithmIdentifier ::= AlgorithmIdentifier
	Signature          []byte                   ``                          // SignatureValue ::= OCTET STRING
	UnsignedAttrs      []Attribute              `asn1:"set,optional,tag:1"` // UnsignedAttributes ::= SET SIZE (1..MAX) OF Attribute
}
SignerInfo ::= SEQUENCE {
  version CMSVersion,
  sid SignerIdentifier,
  digestAlgorithm DigestAlgorithmIdentifier,
  signedAttrs [0] IMPLICIT SignedAttributes OPTIONAL,
  signatureAlgorithm SignatureAlgorithmIdentifier,
  signature SignatureValue,
  unsignedAttrs [1] IMPLICIT UnsignedAttributes OPTIONAL }

func (SignerInfo) FindCertificate 

func (si SignerInfo) FindCertificate(certs []*x509.Certificate) (*x509.Certificate, error)

FindCertificate finds this SignerInfo's certificate in a slice of certificates.

func (SignerInfo) GetContentTypeAttribute 

func (si SignerInfo) GetContentTypeAttribute() (asn1.ObjectIdentifier, error)

GetContentTypeAttribute gets the signed ContentType attribute from the SignerInfo.

func (SignerInfo) GetMessageDigestAttribute 

func (si SignerInfo) GetMessageDigestAttribute() ([]byte, error)

GetMessageDigestAttribute gets the signed MessageDigest attribute from the SignerInfo.

func (SignerInfo) GetSigningTimeAttribute 

func (si SignerInfo) GetSigningTimeAttribute() (time.Time, error)

GetSigningTimeAttribute gets the signed SigningTime attribute from the SignerInfo.

func (SignerInfo) Hash 

func (si SignerInfo) Hash() (crypto.Hash, error)

Hash gets the crypto.Hash associated with this SignerInfo's DigestAlgorithm. 0 is returned for unrecognized algorithms.

func (SignerInfo) X509SignatureAlgorithm 

func (si SignerInfo) X509SignatureAlgorithm() (sigAlg x509.SignatureAlgorithm, err error)

X509SignatureAlgorithm gets the x509.SignatureAlgorithm that should be used for verifying this SignerInfo's signature.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.