Documentation ¶
Overview ¶
Package encrypted provides a simple, secure system for encrypting data symmetrically with a passphrase.
It uses scrypt derive a key from the passphrase and the NaCl secret box cipher for authenticated encryption.
Index ¶
- func Decrypt(ciphertext, passphrase []byte) ([]byte, error)
- func Encrypt(plaintext, passphrase []byte) ([]byte, error)
- func EncryptWithCustomKDFParameters(plaintext, passphrase []byte, kdfLevel KDFParameterStrength) ([]byte, error)
- func Marshal(v interface{}, passphrase []byte) ([]byte, error)
- func MarshalWithCustomKDFParameters(v interface{}, passphrase []byte, kdfLevel KDFParameterStrength) ([]byte, error)
- func Unmarshal(data []byte, v interface{}, passphrase []byte) error
- type KDFParameterStrength
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Decrypt ¶
Decrypt takes a JSON-encoded ciphertext object encrypted using Encrypt and tries to decrypt it using passphrase. If successful, it returns the plaintext.
func Encrypt ¶
Encrypt takes a passphrase and plaintext, and returns a JSON object containing ciphertext and the details necessary to decrypt it.
func EncryptWithCustomKDFParameters ¶
func EncryptWithCustomKDFParameters(plaintext, passphrase []byte, kdfLevel KDFParameterStrength) ([]byte, error)
EncryptWithCustomKDFParameters takes a passphrase, the plaintext and a KDF parameter level (Legacy, Standard, or OWASP), and returns a JSON object containing ciphertext and the details necessary to decrypt it.
func MarshalWithCustomKDFParameters ¶
func MarshalWithCustomKDFParameters(v interface{}, passphrase []byte, kdfLevel KDFParameterStrength) ([]byte, error)
MarshalWithCustomKDFParameters encrypts the JSON encoding of v using passphrase.
Types ¶
type KDFParameterStrength ¶
type KDFParameterStrength uint8
KDFParameterStrength defines the KDF parameter strength level to be used for encryption key derivation.
const ( // Legacy defines legacy scrypt parameters (N:2^15, r:8, p:1) Legacy KDFParameterStrength = iota + 1 // Standard defines standard scrypt parameters which is focusing 100ms of computation (N:2^16, r:8, p:1) Standard // OWASP defines OWASP recommended scrypt parameters (N:2^17, r:8, p:1) OWASP )