cms

package
v0.0.0-...-24ce8d2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 8, 2025 License: MIT Imports: 19 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// GOSTWrappedCEKSize is the size of wrapped CEK in GOST key unwrap.
	GOSTWrappedCEKSize = 44
	// GOSTCEKSize is the GOST Content Encryption Key size in bytes.
	GOSTCEKSize = 32
	// GOSTIVSize is the GOST Initialization Vector size in bytes.
	GOSTIVSize = 8
	// GOSTBlockSize is the GOST block size in bytes.
	GOSTBlockSize = 8

	// DSTUPB257CompressedKeySize is the compressed public key size for DSTU_PB_257: X (32 bytes) + parity (1 byte).
	DSTUPB257CompressedKeySize = 33
	// DSTUPB257FieldSize is the field element size in bytes for DSTU_PB_257.
	DSTUPB257FieldSize = 32
	// DSTUPB257UncompressedSize is the uncompressed key size: X (32 bytes) + Y (32 bytes).
	DSTUPB257UncompressedSize = 64

	// AESKeySize is the AES-256 key size.
	AESKeySize = 32
	// AESBlockSize is the AES block size (16 bytes).
	AESBlockSize = aes.BlockSize

	// MinUKMSize is the minimum size for UKM (User Keying Material) in DSTU ECDH.
	MinUKMSize = 32
)

Cryptographic sizes and constants for CMS operations.

View Source 
const (
	ASN1TagInteger     = 2
	ASN1TagBitString   = 3
	ASN1TagOctetString = 4
	ASN1TagObjectID    = 6
	ASN1TagSequence    = 16
	ASN1TagSet         = 17
	ASN1TagContextTag0 = 0
	ASN1TagContextTag1 = 1
	ASN1TagContextTag2 = 2
)

ASN.1 tag numbers used in CMS.

Variables

View Source 
var Debug = os.Getenv("CMS_DEBUG") != "" //nolint:gochecknoglobals // Debug flag from environment

Debug controls whether to output debug information during CMS operations.

Functions

func AddTimestampToken 

func AddTimestampToken(cmsData []byte, timestampToken []byte) ([]byte, error)

AddTimestampToken adds a timestamp token as an unsigned attribute to CMS SignedData. This creates a CAdES-T (CMS Advanced Electronic Signature with Time) signature.

func BuildSignedAttributes 

func BuildSignedAttributes(digest []byte, certDER []byte, contentTimestamp []byte) ([]byte, error)

BuildSignedAttributes creates a DER encoding of signed attributes set with content-type, message-digest, signing-time, SigningCertificateV2 (if certDER provided), and content timestamp (if contentTimestamp provided).

func BuildSignedData 

func BuildSignedData(
	content []byte,
	embedContent bool,
	signedAttrsDER []byte,
	signature []byte,
	digestAlg AlgorithmIdentifier,
	sigAlg AlgorithmIdentifier,
	certsDER [][]byte,
) ([]byte, error)

BuildSignedData builds a CMS SignedData structure with full control over content embedding and certificate chain. signature must be calculated over the DER of SignedAttributes (the SET tagged form), per CMS spec.

func Decrypt 

func Decrypt(ciphertext []byte, privateKey crypto.PrivateKey, senderPubKey crypto.PublicKey) ([]byte, error)

Decrypt decrypts CMS EnvelopedData ciphertext using the provided private key. Supports both AES-256-CBC (RSA-OAEP) and GOST 28147-89 CFB (DSTU ECDH) encryption.

For AES: pass *rsa.PrivateKey as privateKey, senderPubKey can be nil For GOST: pass *dstu.PrivateKey as privateKey, optionally pass *dstu.PublicKey as senderPubKey

Returns the decrypted plaintext.

func Encrypt 

func Encrypt(plaintext []byte, recipientCerts []*x509.Certificate) ([]byte, error)

Encrypt encrypts plaintext data for multiple recipients using CMS EnvelopedData with AES-256-CBC. Returns the ASN.1 DER-encoded EnvelopedData.

func EncryptGOST 

func EncryptGOST(plaintext []byte, senderPriv *dstu.PrivateKey, recipientCert *x509.Certificate) ([]byte, error)

EncryptGOST encrypts plaintext data for a DSTU recipient using GOST 28147-89 CFB. Creates CMS EnvelopedData with KeyAgreeRecipientInfo (ECDH key agreement).

func ExtractDSTUPublicKeyFromCert 

func ExtractDSTUPublicKeyFromCert(certData []byte, curve elliptic.Curve) (*dstu.PublicKey, error)

ExtractDSTUPublicKeyFromCert extracts a DSTU public key from an X.509 certificate. The curve parameter should match the recipient's private key curve.

func IsGOSTEncryption 

func IsGOSTEncryption(cmsData []byte) (bool, error)

IsGOSTEncryption checks if the CMS data uses GOST encryption.

Types

type AlgorithmIdentifier 

type AlgorithmIdentifier struct {
	Algorithm  asn1.ObjectIdentifier
	Parameters asn1.RawValue `asn1:"optional"`
}

AlgorithmIdentifier ::= SEQUENCE { algorithm OBJECT IDENTIFIER, parameters ANY DEFINED BY algorithm OPTIONAL }.

type Attribute 

type Attribute struct {
	AttrType asn1.ObjectIdentifier
	AttrVals asn1.RawValue `asn1:"set"`
}

Attribute as used in SignedAttributes.

type ContentInfo 

type ContentInfo struct {
	ContentType asn1.ObjectIdentifier
	Content     asn1.RawValue `asn1:"explicit,tag:0,optional"`
}

ContentInfo represents the ASN.1 structure of CMS ContentInfo.

type EncapContentInfo 

type EncapContentInfo struct {
	ContentType asn1.ObjectIdentifier
	Content     asn1.RawValue `asn1:"tag:0,explicit,optional"`
}

type EncryptedContentInfo 

type EncryptedContentInfo struct {
	ContentType                asn1.ObjectIdentifier
	ContentEncryptionAlgorithm AlgorithmIdentifier
	EncryptedContent           asn1.RawValue `asn1:"tag:0,optional"`
}

EncryptedContentInfo represents the ASN.1 structure for CMS EncryptedContentInfo Per RFC 5652: encryptedContent is [0] IMPLICIT OCTET STRING OPTIONAL.

type EnvelopedAttribute 

type EnvelopedAttribute struct {
	Type   asn1.ObjectIdentifier
	Values []asn1.RawValue `asn1:"set"`
}

EnvelopedAttribute represents an attribute type and value in EnvelopedData.

type EnvelopedData 

type EnvelopedData struct {
	Version              int             `asn1:"default:0"`
	OriginatorInfo       asn1.RawValue   `asn1:"optional,tag:0"`
	RecipientInfos       []RecipientInfo `asn1:"set"`
	EncryptedContentInfo EncryptedContentInfo
	UnprotectedAttrs     []EnvelopedAttribute `asn1:"optional,tag:1"`
}

EnvelopedData represents the ASN.1 structure of CMS EnvelopedData.

type IssuerAndSerialNumber 

type IssuerAndSerialNumber struct {
	Issuer       asn1.RawValue
	SerialNumber asn1.RawValue
}

IssuerAndSerialNumber represents the ASN.1 structure for CMS IssuerAndSerialNumber.

type KeyAgreeRecipientIdentifier 

type KeyAgreeRecipientIdentifier struct {
	IssuerAndSerialNumber *IssuerAndSerialNumber  `asn1:"optional,tag:0"`
	RKeyID                *RecipientKeyIdentifier `asn1:"optional,tag:1"`
}

KeyAgreeRecipientIdentifier identifies a recipient in key agreement.

type KeyAgreeRecipientInfo 

type KeyAgreeRecipientInfo struct {
	Version                int
	Originator             asn1.RawValue
	UKM                    asn1.RawValue `asn1:"optional"`
	KeyEncryptionAlgorithm asn1.RawValue
	RecipientEncryptedKeys asn1.RawValue
}

KeyAgreeRecipientInfo represents KeyAgreeRecipientInfo from CMS Using RawValue for flexible parsing.

type KeyTransRecipientInfo 

type KeyTransRecipientInfo struct {
	Version                int `asn1:"default:0"`
	Rid                    IssuerAndSerialNumber
	KeyEncryptionAlgorithm AlgorithmIdentifier
	EncryptedKey           []byte
}

KeyTransRecipientInfo represents KeyTransRecipientInfo from CMS.

type OriginatorIdentifierOrKey 

type OriginatorIdentifierOrKey struct {
	IssuerAndSerialNumber *IssuerAndSerialNumber `asn1:"optional,tag:0,explicit"`
	SubjectKeyIdentifier  []byte                 `asn1:"optional,tag:1,explicit"`
	OriginatorKey         *OriginatorPublicKey   `asn1:"optional,tag:2,explicit"`
}

OriginatorIdentifierOrKey represents the originator in KeyAgreeRecipientInfo.

type OriginatorPublicKey 

type OriginatorPublicKey struct {
	Algorithm AlgorithmIdentifier
	PublicKey asn1.BitString
}

OriginatorPublicKey represents an originator public key.

type RSAESOAEPParams 

type RSAESOAEPParams struct {
	HashFunc    AlgorithmIdentifier
	MaskGenFunc AlgorithmIdentifier
	PSourceFunc AlgorithmIdentifier
}

type RecipientEncryptedKey 

type RecipientEncryptedKey struct {
	Rid          KeyAgreeRecipientIdentifier
	EncryptedKey []byte
}

RecipientEncryptedKey represents an encrypted key for a recipient.

type RecipientInfo 

type RecipientInfo asn1.RawValue

RecipientInfo represents the ASN.1 structure for CMS RecipientInfo 

RecipientInfo ::= CHOICE {
  ktri KeyTransRecipientInfo,
  kari [1] KeyAgreeRecipientInfo,
  kekri [2] KEKRecipientInfo,
  pwri [3] PasswordRecipientinfo,
  ori [4] OtherRecipientInfo }

type RecipientKeyIdentifier 

type RecipientKeyIdentifier struct {
	SubjectKeyIdentifier []byte
	Date                 asn1.RawValue `asn1:"optional"`
	Other                asn1.RawValue `asn1:"optional"`
}

RecipientKeyIdentifier identifies a recipient by key identifier.

type SignedData 

type SignedData struct {
	Version          int
	DigestAlgorithms []AlgorithmIdentifier `asn1:"set"`
	EncapContentInfo EncapContentInfo
	Certificates     asn1.RawValue `asn1:"optional,tag:0,implicit"`
	CRLs             asn1.RawValue `asn1:"optional,tag:1,implicit"`
	SignerInfos      []SignerInfo  `asn1:"set"`
}

func ParseSignedData 

func ParseSignedData(der []byte) (*SignedData, error)

ParseSignedData parses CMS SignedData from DER bytes.

type SignerInfo 

type SignerInfo struct {
	Version            int
	SID                IssuerAndSerialNumber
	DigestAlgorithm    AlgorithmIdentifier
	SignedAttrs        asn1.RawValue `asn1:"optional,tag:0,implicit"`
	SignatureAlgorithm AlgorithmIdentifier
	Signature          []byte
	UnsignedAttrs      asn1.RawValue `asn1:"optional,tag:1,implicit"`
}

type VerifyInfo 

type VerifyInfo struct {
	Content     []byte
	SignerCert  *x509.Certificate
	SigningTime time.Time
	Verified    bool
	VerifyError string
}

VerifyInfo contains verification result information.

func VerifySignedData 

func VerifySignedData(der []byte, caCerts []*x509.Certificate) (*VerifyInfo, error)

VerifySignedData verifies a CMS SignedData structure Returns the content and verification information.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.