signencrypt

package
v0.0.0-...-18dbd64 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 18, 2024 License: BSD-3-Clause Imports: 13 Imported by: 54

Documentation

Index

Constants

View Source 
const DefaultPlaintextChunkLength int64 = 1 << 20
View Source 
const NonceSize = 16
View Source 
const SecretboxKeySize = 32
View Source 
const SecretboxNonceSize = 24

Variables

This section is empty.

Functions

func GetPlaintextSize 

func GetPlaintextSize(cipherLen int64) int64

func GetSealedSize 

func GetSealedSize(plaintextLen int64) int64

func NewDecodingReadSeeker 

func NewDecodingReadSeeker(ctx context.Context, g *globals.Context, source io.ReadSeeker, size int64,
	encKey SecretboxKey, verifyKey VerifyKey, signaturePrefix kbcrypto.SignaturePrefix, nonce Nonce,
	c *lru.Cache) io.ReadSeeker

func NewDecodingReader 

func NewDecodingReader(encKey SecretboxKey, verifyKey VerifyKey, signaturePrefix kbcrypto.SignaturePrefix, nonce Nonce, innerReader io.Reader) io.Reader

func NewEncodingReader 

func NewEncodingReader(encKey SecretboxKey, signKey SignKey, signaturePrefix kbcrypto.SignaturePrefix, nonce Nonce, innerReader io.Reader) io.Reader

NewEncodingReader creates a new streaming encoder. The signaturePrefix argument must not contain the null container.

func NewError 

func NewError(errorType ErrorType, message string, args ...interface{}) error

func OpenWhole 

func OpenWhole(sealed []byte, encKey SecretboxKey, verifyKey VerifyKey, signaturePrefix kbcrypto.SignaturePrefix, nonce Nonce) ([]byte, error)

func OpenWithAssociatedData 

func OpenWithAssociatedData(sealed []byte, associatedData interface{}, encKey SecretboxKey, verifyKey VerifyKey, signaturePrefix kbcrypto.SignaturePrefix, nonce Nonce) (ret []byte, err error)

func SealWhole 

func SealWhole(plaintext []byte, encKey SecretboxKey, signKey SignKey, signaturePrefix kbcrypto.SignaturePrefix, nonce Nonce) []byte

SealWhole seals all at once using the streaming encoding.

func SealWithAssociatedData 

func SealWithAssociatedData(msg []byte, associatedData interface{}, encKey SecretboxKey, signKey SignKey, signaturePrefix kbcrypto.SignaturePrefix, nonce Nonce) (ret []byte, err error)

SealWithAssociatedData is a wrapper around SealWhole which adds an associatedData object (see AEAD ciphers) which must be message-packable into bytes. This exact object is required to call OpenWithAssociatedData on the ciphertext.

Types

type AEADMessage 

type AEADMessage struct {
	Version       int               `codec:"v" json:"v"`
	AssocDataHash [sha512.Size]byte `codec:"a" json:"a"`
	Message       []byte            `codec:"m" json:"m"`
}

type Decoder 

type Decoder struct {
	// contains filtered or unexported fields
}

func NewDecoder 

func NewDecoder(encKey SecretboxKey, verifyKey VerifyKey, signaturePrefix kbcrypto.SignaturePrefix, nonce Nonce) *Decoder

func (*Decoder) ChangePlaintextChunkLenForTesting 

func (d *Decoder) ChangePlaintextChunkLenForTesting(plaintextChunkLen int64)

func (*Decoder) Finish 

func (d *Decoder) Finish() ([]byte, error)

Finish decodes any remaining bytes as a short (or empty) packet. This produces the final bytes of the plaintext, and implicitly checks for truncation. This should only be called once, and after that you can't use this decoder again.

func (*Decoder) Write 

func (d *Decoder) Write(ciphertext []byte) ([]byte, error)

Write ciphertext bytes into the decoder. If any packets are ready to open, open them and either return their plaintext bytes as output or any error that comes up. Callers must call Finish() when they're done, to decode the final short packet and check for truncation. If Write ever returns an error, subsequent calls to Write will always return the same error.

type Encoder 

type Encoder struct {
	// contains filtered or unexported fields
}

func NewEncoder 

func NewEncoder(encKey SecretboxKey, signKey SignKey, signaturePrefix kbcrypto.SignaturePrefix, nonce Nonce) *Encoder

func (*Encoder) ChangePlaintextChunkLenForTesting 

func (e *Encoder) ChangePlaintextChunkLenForTesting(plaintextChunkLen int64)

func (*Encoder) Finish 

func (e *Encoder) Finish() []byte

Finish writes out any remaining buffered input bytes (possibly zero bytes) as a short chunk. This should only be called once, and after that you can't use this encoder again.

func (*Encoder) Write 

func (e *Encoder) Write(plaintext []byte) []byte

Write plaintext bytes into the encoder. If any output bytes are ready, return them. Callers must call Finish() when they're done, so that any remaining input bytes can be written out as a short (or empty) chunk. Otherwise you will both lose data and cause truncation errors on decoding.

type Error 

type Error struct {
	Type    ErrorType
	Message string
}

func (Error) Error 

func (e Error) Error() string

type ErrorType 

type ErrorType int
const (
	BadSecretbox ErrorType = iota
	ShortSignature
	BadSignature
	AssociatedDataMismatch
)

type Nonce 

type Nonce *[NonceSize]byte

type SecretboxKey 

type SecretboxKey *[SecretboxKeySize]byte

type SecretboxNonce 

type SecretboxNonce *[SecretboxNonceSize]byte

type SignKey 

type SignKey *[ed25519.PrivateKeySize]byte

type VerifyKey 

type VerifyKey *[ed25519.PublicKeySize]byte

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.