func DeriveECDHES(alg string, apuData, apvData []byte, priv *ecdsa.PrivateKey, pub *ecdsa.PublicKey, size int) []byte
DeriveECDHES derives a shared encryption key using ECDH/ConcatKDF as described in JWE/JWA. It is an error to call this function with a private/public key that are not on the same curve. Callers must ensure that the keys are valid before calling this function. Output size may be at most 1<<16 bytes (64 KiB).
func KeyUnwrap(block cipher.Block, ciphertext []byte) ([]byte, error)
KeyUnwrap implements NIST key unwrapping; it unwraps a content encryption key (cek) with the given block cipher.
func KeyWrap(block cipher.Block, cek []byte) ([]byte, error)
KeyWrap implements NIST key wrapping; it wraps a content encryption key (cek) with the given block cipher.
func NewCBCHMAC(key []byte, newBlockCipher func([]byte) (cipher.Block, error)) (cipher.AEAD, error)
NewCBCHMAC instantiates a new AEAD based on CBC+HMAC.
func NewConcatKDF(hash crypto.Hash, z, algID, ptyUInfo, ptyVInfo, supPubInfo, supPrivInfo []byte) io.Reader
NewConcatKDF builds a KDF reader based on the given inputs.