README
¶
BrimCrypt
Crypto Tools for Go
Package brimcrypt contains crypto-related code including an encrypted disk file implementation of io.Reader, Writer, Seeker, and Closer. The encryption used is AES-256 with each block signed using SHA-256.
Copyright See AUTHORS. All rights reserved.
Use of this source code is governed by a BSD-style
license that can be found in the LICENSE file.
Documentation
¶
Overview ¶
Package brimcrypt contains crypto-related code including an encrypted disk file implementation of io.Reader, Writer, Seeker, and Closer. The encryption used is AES-256 with each block signed using SHA-256.
Index ¶
Constants ¶
This section is empty.
Variables ¶
var KeyError = fmt.Errorf("invalid key")
KeyError indicates an invalid encryption key has been given.
var NoKeyAndNoPromptError = fmt.Errorf("no key and no prompt")
NoKeyAndNoPromptError indicates no key could be determined and interactively prompting the user for a key phrase was not enabled.
Functions ¶
func CacheKey ¶
CacheKey will cache based on the OS environment; x_KEY_FILE and x_KEY_INACTIVITY are used to determine where to cache and for how long. An error will be returned if caching does not occur for any reason, including deliberately disabled caching. If no error is returned, the caller should launch a key watcher for clearing the cache when appropriate.
func Key ¶
Key will return a 32 byte key from a key phrase, cache, or prompting the user. If any of the func args are "", that procedure will be skipped. In the OS environment, x_KEY x_KEY_FILE and x_KEY_INACTIVITY are used for the key phrase itself (not recommended), where to cache, and for how long.
func KeyWatch ¶
KeyWatch will loop forever watching for an expired key file to remove. The OS environment variables x_KEY_FILE and x_KEY_INACTIVITY indicate where the key is cached and for how long. The logTimeFormat, if not "", indicates verbose output of the activity.
func UncacheKey ¶
func UncacheKey(envPrefix string)
UncacheKey will immediately clear the cache location based on the x_KEY_FILE OS environment variable.
Types ¶
type CryptFile ¶
type CryptFile struct {
Path string
// contains filtered or unexported fields
}
func NewCryptFile ¶
NewCryptFile returns a new CryptFile for the path using the 32 byte encryption key given. The estimated size is used to pick an optimal encrypted block size, but may be 0 if unknown.
func (*CryptFile) WriteAsEmpty ¶
WriteAsEmpty will write one encrypted data block but set the size in the header to 0. This makes it so an observer cannot tell the difference between a small single block file and a zero-byte file. Sometimes knowing a file is zero-bytes gives away information, so empty files should always use WriteAsEmpty.
Source Files