Documentation ¶
Overview ¶
Package ecies implements the functions required to encrypt and decrypt data using the Elliptic Curve Integrated Encryption Scheme with X9.63 Key Derivation, and specifically; Apple's implementation as part of the Security framework on iOS & macOS.
Index ¶
- func DecryptECIESX963AESGCM(algorithm hash.Hash, variableIV bool, key *ecdh.PrivateKey, ciphertext []byte, ...) ([]byte, error)
- func DeriveX963KDF(algorithm hash.Hash, length int, key []byte, shared []byte) ([]byte, error)
- func EncryptECIESX963AESGCM(algorithm hash.Hash, variableIV bool, key *ecdh.PublicKey, plaintext []byte, ...) ([]byte, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DecryptECIESX963AESGCM ¶
func DecryptECIESX963AESGCM(algorithm hash.Hash, variableIV bool, key *ecdh.PrivateKey, ciphertext []byte, additionalData []byte) ([]byte, error)
DecryptECIESX963AESGCM takes a ciphertext []byte slice along with the following parameters and decrypts it to plaintext. The ciphertext data can be created by SecKeyCreateEncryptedData() on Apple platforms.
- algorithm is the underlying hashing algorithm used by the KDF
- variableIV determines if additional bits from the KDF are used as a nonce/IV for AES-GCM
- key is the ecdh.PublicKey used to perform ECDH and determine the shared key
- additionalData is optional data used by AES-GCM to authenticate (it is not used in Apple's implementation)
If successful, it returns plaintext data as a []byte slice, or an error if it fails.
func DeriveX963KDF ¶
DeriveX963KDF derives a key using the ANSI-X9.63-KDF key derivation function outlined in RFC 8418 2.1. It returns a byte slice of chosen length, performing multiple rounds of the chosen hashing algorithm if required.
func EncryptECIESX963AESGCM ¶
func EncryptECIESX963AESGCM(algorithm hash.Hash, variableIV bool, key *ecdh.PublicKey, plaintext []byte, additionalData []byte) ([]byte, error)
EncryptECIESX963AESGCM takes a plaintext []byte slice along with the following parameters and encrypts it to ciphertext. The returned ciphertext data can be decrypted by SecKeyCreateDecryptedData() on Apple platforms.
- algorithm is the underlying hashing algorithm used by the KDF
- variableIV determines if additional bits from the KDF are used as a nonce/IV for AES-GCM
- key is the ecdh.PublicKey used to perform ECDH and determine the shared key
- additionalData is optional data used by AES-GCM to authenticate (it is not used in Apple's implementation)
If successful, it returns ciphertext data as a []byte slice, or an error if it fails.
Types ¶
This section is empty.