Skip to content

dkimcrypt provides convenient functions for en- or decrypting, as well as signing and verifying data using a combination of local private key files and public keys present in DKIM DNS TXT records

License

Notifications You must be signed in to change notification settings

adamhassel/dkimcrypt

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

35 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

dkimcrypt

import "gitlab.one.com/go/dkimcrypt"

Package dkimcrypt provides convenient functions for en- or decrypting, as well as signing and verifying data using a combination of local private key files and public keys present in DKIM DNS TXT records

crypt_decrypt.go privkey.go pubkey.go sign_verify.go

func Decrypt(selector, privkeypath string, in, key, mac []byte) (out []byte, err error)

Decrypt will decrypt the data in 'in' and return it in 'out', given the path to a PEM-encoded private key file, an RSA-encrypted key, a message authentication code hash, and a selector, which must be the same used for encryption

func DecryptSingle(selector, privkeypath string, in []byte) (out []byte, err error)

DecryptSingle is a wrapper around Decrypt, which will decrypt a byte slice encrypted by EncryptSingle

func Encrypt(selector, domain string, in []byte) (out, key, mac []byte, err error)

Encrypt will AES-encrypt the data given in 'in', and return the encrypted version in 'out', as well as a key, which is RSA-encrypted using the public key it finds in the DKIM-like TXT record at [selector]._domainkey.[domain], and a message authentication code hash. Use the same selector in 'Decrypt'

func EncryptSingle(selector, domain string, in []byte) (out []byte, err error)

EncryptSingle is a wrapper around Encrypt, which will encrypt a byte slice and return a single byte slice representing a key, a verification hash and the ecrypted data, useful for sending over a network. Decrypt using DecryptSingle

func GetPrivateKey(filename string) (*rsa.PrivateKey, error)

GetPrivateKey loads a private key from the given filename and returns it.

func GetPublicKey(selector, domain string) (*rsa.PublicKey, error)

GetPublicKey will look up a public key for a domain with selector, and return it. If no key is found, an error is returned.

func Sign(message []byte, privkeypath string) (out []byte, err error)

Sign will return the signature of the message in 'message' using the private key in the file at 'privkeypath'.

func Verify(message, signature []byte, selector, domain string) (err error)

Verify a signature given the signature, the message it signed and the selector and domain that signed it. If err is nil, then the signature is good.


Generated by godoc2md

About

dkimcrypt provides convenient functions for en- or decrypting, as well as signing and verifying data using a combination of local private key files and public keys present in DKIM DNS TXT records

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Go 100.0%