Documentation
¶
Index ¶
- func DecryptAESGCM(key, ciphertext, iv, tag []byte) ([]byte, error)
- func DecryptWithIdentities(data []byte, identities []age.Identity) ([]byte, error)
- func EncryptAESGCM(key, plaintext []byte) (ciphertext, iv, tag []byte, err error)
- func EncryptForRecipients(data []byte, recipients []age.Recipient) ([]byte, error)
- func GenerateAESKey() ([]byte, error)
- func GenerateAgeKeypair() (*age.X25519Identity, error)
- func IsFIDO2Recipient(pubKey string) bool
- func IsSSHKey(pubKey string) bool
- func IsYubiKeyRecipient(pubKey string) bool
- func ParseAgeIdentities(privKeys string) ([]age.Identity, error)
- func ParseAgeIdentity(privKey string) (age.Identity, error)
- func ParseAgeRecipient(pubKey string) (age.Recipient, error)
- func ParseFIDO2Recipient(pubKey string) (age.Recipient, error)
- func ParseIdentities(content string) ([]age.Identity, error)
- func ParseIdentitiesWithPassphrase(content, keyPath string, passphraseFunc PassphraseFunc) ([]age.Identity, error)
- func ParseIdentity(privKey string) (age.Identity, error)
- func ParseRecipient(pubKey string) (age.Recipient, error)
- type KeyType
- type PassphraseFunc
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DecryptAESGCM ¶
DecryptAESGCM decrypts ciphertext using AES-256-GCM
func DecryptWithIdentities ¶
DecryptWithIdentities decrypts age-encrypted data using provided identities
func EncryptAESGCM ¶
EncryptAESGCM encrypts plaintext using AES-256-GCM Returns ciphertext, iv, and tag separately
func EncryptForRecipients ¶
EncryptForRecipients encrypts data for multiple age recipients
func GenerateAESKey ¶
GenerateAESKey generates a random 256-bit AES key
func GenerateAgeKeypair ¶
func GenerateAgeKeypair() (*age.X25519Identity, error)
GenerateAgeKeypair generates a new age X25519 keypair
func IsFIDO2Recipient ¶ added in v1.5.0
IsFIDO2Recipient checks if a string is a FIDO2 recipient
func IsYubiKeyRecipient ¶ added in v1.5.0
IsYubiKeyRecipient returns true if the string is a YubiKey recipient
func ParseAgeIdentities ¶
ParseAgeIdentities parses multiple age private keys (newline-separated) into Identities Deprecated: Use ParseIdentities instead which supports both age and SSH keys
func ParseAgeIdentity ¶
ParseAgeIdentity parses an age private key string into an Identity Deprecated: Use ParseIdentity instead which supports both age and SSH keys
func ParseAgeRecipient ¶
ParseAgeRecipient parses an age public key string into a Recipient Deprecated: Use ParseRecipient instead which supports both age and SSH keys
func ParseFIDO2Recipient ¶ added in v1.5.0
ParseFIDO2Recipient parses a FIDO2 recipient string into an age.Recipient
func ParseIdentities ¶ added in v1.4.0
ParseIdentities parses private keys from file content into Identities. Supports both native age X25519 keys (newline-separated) and SSH private keys. For passphrase-protected SSH keys, use ParseIdentitiesWithPassphrase instead.
func ParseIdentitiesWithPassphrase ¶ added in v1.4.0
func ParseIdentitiesWithPassphrase(content, keyPath string, passphraseFunc PassphraseFunc) ([]age.Identity, error)
ParseIdentitiesWithPassphrase parses private keys with optional passphrase support. If the SSH key is passphrase-protected and passphraseFunc is provided, it will be called to get the passphrase. If passphraseFunc is nil, an error is returned for passphrase-protected keys.
func ParseIdentity ¶ added in v1.4.0
ParseIdentity parses a private key string into an Identity. Supports both native age X25519 keys and SSH keys (ed25519, RSA).
Types ¶
type KeyType ¶ added in v1.4.0
type KeyType string
KeyType represents the type of a public key
func DetectKeyType ¶ added in v1.4.0
DetectKeyType detects the type of a public key string
type PassphraseFunc ¶ added in v1.4.0
PassphraseFunc is a callback to get a passphrase for encrypted SSH keys. The keyPath parameter indicates which key file needs the passphrase.
Source Files