secret

package

v0.0.0-...-d325f09 Latest Latest Go to latest Published: Feb 28, 2022 License: BSD-3-Clause, ISC Imports: 5 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kisom/cryptutils

Links

Open Source Insights

Documentation ¶

Overview ¶

Package secret contains utilities for encrypting and decrypting data with secret keys; it is aimed primarily at password-based encryption. Encryption keys are typically derived from Scrypt (using 32768, 8, and 4 as the parameters) to obtain a key suitable for use with NaCl's secretbox (XSalsa20 and Poly1305).

Index ¶

Constants
func Decrypt(key *[KeySize]byte, in []byte) ([]byte, bool)
func DecryptFile(filename string, passphrase []byte) (data []byte, err error)
func DeriveKey(passphrase []byte, salt []byte) *[KeySize]byte
func DeriveKeyStrength(passphrase []byte, salt []byte, m ScryptMode) *[KeySize]byte
func Encrypt(key *[KeySize]byte, in []byte) ([]byte, bool)
func EncryptFile(filename string, passphrase, encoded []byte) (err error)
func GenerateKey() *[KeySize]byte
type ScryptMode

Constants ¶

View Source

const (
	KeySize  = 32
	SaltSize = 32
)

KeySize contains the size (in bytes) of a NaCl secretbox key.

Variables ¶

This section is empty.

Functions ¶

func Decrypt ¶

func Decrypt(key *[KeySize]byte, in []byte) ([]byte, bool)

Decrypt extracts the nonce from the ciphertext, and attempts to decrypt with NaCl's secretbox.

func DecryptFile ¶

func DecryptFile(filename string, passphrase []byte) (data []byte, err error)

DecryptFile recovers a secured blob from a file, returning a byte slice for parsing by the caller.

func DeriveKey ¶

func DeriveKey(passphrase []byte, salt []byte) *[KeySize]byte

DeriveKey applies Scrypt with very strong parameters to generate an encryption key from a passphrase and salt.

func DeriveKeyStrength ¶

func DeriveKeyStrength(passphrase []byte, salt []byte, m ScryptMode) *[KeySize]byte

DeriveKeyStrength applies Scrypt using the given work parameters to generate an encryption key from a passphrase and salt.

func Encrypt ¶

func Encrypt(key *[KeySize]byte, in []byte) ([]byte, bool)

Encrypt generates a random nonce and encrypts the input using NaCl's secretbox package. The nonce is prepended to the ciphertext.

func EncryptFile ¶

func EncryptFile(filename string, passphrase, encoded []byte) (err error)

EncryptFile securely stores the encoded blob under the filename.

func GenerateKey ¶

func GenerateKey() *[KeySize]byte

GenerateKey returns a randomly generated secretbox key. Typically, you should use DeriveKey to get a key from a passphrase instead. Returns nil on failure.

Types ¶

type ScryptMode ¶

type ScryptMode int

ScryptMode represents the work factor to be used for passphrases.

const (
	// ScryptStandard mode uses N=2^20, r=8, p=2
	ScryptStandard ScryptMode = iota
	// ScryptInteractive mode uses N=2^14, r=8, p=1
	ScryptInteractive
)

Source Files ¶

View all Source files

crypto.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL