cccsp is the CloudChain Cryptographic Service Provider that offers the implementation of cryptographic standards and algorithms.
cccsp provides the following services:
- Encrypt - Encryption operation
- Decrypt - Decryption operation
- Sign - Signature operation
- Verify - Verification operation
- Hash - Hash calculation
cccsp supports a variety of encryption and signature algorithms, including AES, RSA, and ECDSA. Support multiple hash clusters, including sha1, sha256, sha384, sha512, sha3_256, sha3_384, sha3_512.
With a correctly configured Go toolchain:
go get -u github.com/rkcloudchain/cccspFirst of all, you need to instantiate a KeyStore object. Currently we provide two types of KeyStore: memory-based and file system based.
ks, _ := provider.NewFileKeyStore("/path/to/store") // or ks := NewMemoryKeyStore()Next, let's creating a cccsp instance.
csp, _ := provider.New(ks)Now you can generate a new key
key, _ := csp.KeyGenerate("ECDSA256", false)You can sign with the generated key
ptext := []byte("bla bla bla")
sigma, err := csp.Sign(key, ptext, nil)Or verify that the signature is correct
valid, err := csp.Verify(key, sigma, ptext, nil)The cccsp interface defines the following methods:
// CCCSP is the cloudchain cryptographic service provider that offers
// the implementation of cryptographic standards and algorithms
type CCCSP interface {
// KeyGenerate generates a key.
KeyGenerate(algorithm string, ephemeral bool) (Key, error)
// KeyImport imports a key from its raw representation.
KeyImport(raw interface{}, algorithm string, ephemeral bool) (Key, error)
// GetKey returns the key this CSP associates to
GetKey(id []byte) (Key, error)
// Hash hashes messages using specified hash family.
Hash(msg []byte, family string) ([]byte, error)
// GetHash returns and instance of hash.Hash with hash algorithm
GetHash(algo string) (hash.Hash, error)
// Sign signs digest using key k.
Sign(k Key, digest []byte, opts crypto.SignerOpts) ([]byte, error)
// Verify verifies signature against key k and digest.
Verify(k Key, signature, digest []byte, opts crypto.SignerOpts) (bool, error)
// Encrypt encrypts plaintext using key k.
Encrypt(k Key, plaintext []byte, opts EncrypterOpts) ([]byte, error)
// Decrypt decrypts ciphertext using key k.
Decrypt(k Key, ciphertext []byte, opts DecrypterOpts) ([]byte, error)
}In addition to signing and verification, you can also perform encryption, decryption, and hash calculations.
cccsp is under the Apache 2.0 license. See the LICENSE file for details.