envelopeenc

package
v0.0.0-...-de0f673 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 20, 2020 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Overview

Envelope encryption - envelope contains secret content encrypted with NaCl secretbox symmetric key, and that key is separately encrypted for each RSA public key recipient.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Envelope 

type Envelope struct {
	KeySlots         []envelopeKeySlot `json:"key_slots"`
	EncryptedContent []byte            `json:"content"` // nonce || secretbox_ciphertext
}

func Encrypt 

func Encrypt(plaintext []byte, keks []*rsa.PublicKey) (*Envelope, error)

func Unmarshal 

func Unmarshal(buf []byte) (*Envelope, error)

func (*Envelope) Decrypt 

func (e *Envelope) Decrypt(privKey *rsa.PrivateKey) ([]byte, error)

func (*Envelope) Marshal 

func (e *Envelope) Marshal() ([]byte, error)

Format:

uvarint version (always 1) uvarint length of EncryptedContent []byte EncryptedContent uvarint amount of key slots

for each key slot 

uvarint  length of KekId
string   KekId
uvarint  length of DekEncrypted
[]byte   DekEncrypted

NOTE: I would've gladly used Protobuf, but looks like you need a metric shit-ton of 

imported (even runtime) code to use it.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.