Documentation
¶
Index ¶
- Constants
- Variables
- type AESGCM
- type Argon2idDeriver
- func (d *Argon2idDeriver) DeriveKey(password, salt []byte) []byte
- func (d *Argon2idDeriver) GenerateSalt() ([]byte, error)
- func (d *Argon2idDeriver) GetKeyLength() uint32
- func (d *Argon2idDeriver) GetSaltLength() int
- func (d *Argon2idDeriver) Verify(password []byte, key []byte) bool
- func (d *Argon2idDeriver) VerifyWithSalt(password, salt, expectedKey []byte) bool
- type Cipher
- type KeyDerivationFunc
Constants ¶
const ( // KeySize is the required key size for AES-256 (32 bytes) KeySize = 32 // NonceSize is the standard nonce size for GCM (12 bytes) NonceSize = 12 )
const ( Argon2idMemory = 64 * 1024 // 64 MiB Argon2idIterations = 3 Argon2idParallelism = 1 Argon2idKeyLength = 32 // 256 bits for AES-256 Argon2idSaltLength = 16 // 128 bits )
Argon2id parameters following OWASP recommendations
Variables ¶
var ( ErrInvalidKeySize = errors.New("key must be 32 bytes for AES-256") ErrInvalidCiphertext = errors.New("ciphertext too short") )
Functions ¶
This section is empty.
Types ¶
type AESGCM ¶
type AESGCM struct{}
AESGCM implements the Cipher interface using AES-256-GCM. This provides both confidentiality and authenticity for encrypted data.
func (*AESGCM) Decrypt ¶
Decrypt decrypts ciphertext that was encrypted with AES-256-GCM. Expects the ciphertext to be in format: nonce || ciphertext (12-byte nonce prepended). Verifies the authentication tag during decryption - will fail if ciphertext was tampered.
func (*AESGCM) Encrypt ¶
Encrypt encrypts plaintext using AES-256-GCM with the provided key. The key must be exactly 32 bytes for AES-256. Returns nonce || ciphertext, where nonce is 12 bytes prepended to the ciphertext. A new random nonce is generated for each encryption to ensure uniqueness.
func (*AESGCM) GenerateNonce ¶
GenerateNonce generates a cryptographically secure random 12-byte nonce. This should be called for each encryption operation to ensure nonce uniqueness.
type Argon2idDeriver ¶
type Argon2idDeriver struct {
// contains filtered or unexported fields
}
Argon2idDeriver implements KeyDerivationFunc using Argon2id. Argon2id is the recommended algorithm for password hashing and key derivation, providing resistance against GPU and side-channel attacks.
func NewArgon2idDeriver ¶
func NewArgon2idDeriver() *Argon2idDeriver
NewArgon2idDeriver creates a new Argon2idDeriver with secure default parameters.
func (*Argon2idDeriver) DeriveKey ¶
func (d *Argon2idDeriver) DeriveKey(password, salt []byte) []byte
DeriveKey derives a cryptographic key from the given password and salt using Argon2id. The same password and salt will always produce the same key.
func (*Argon2idDeriver) GenerateSalt ¶
func (d *Argon2idDeriver) GenerateSalt() ([]byte, error)
GenerateSalt generates a cryptographically secure random salt. The salt is used to ensure unique keys even for the same password.
func (*Argon2idDeriver) GetKeyLength ¶
func (d *Argon2idDeriver) GetKeyLength() uint32
GetKeyLength returns the configured key length in bytes.
func (*Argon2idDeriver) GetSaltLength ¶
func (d *Argon2idDeriver) GetSaltLength() int
GetSaltLength returns the configured salt length in bytes.
func (*Argon2idDeriver) Verify ¶
func (d *Argon2idDeriver) Verify(password []byte, key []byte) bool
Verify performs constant-time comparison to prevent timing attacks.
func (*Argon2idDeriver) VerifyWithSalt ¶
func (d *Argon2idDeriver) VerifyWithSalt(password, salt, expectedKey []byte) bool
VerifyWithSalt derives a key from password+salt and compares it to the expected key. This is the proper way to verify a password when you have the stored salt.
Source Files