boxer

package module
v0.0.0-...-92a0e89 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 15, 2016 License: CC0-1.0 Imports: 5 Imported by: 0

README

boxer

A reader and writer per https://www.imperialviolet.org/2014/06/27/streamingencryption.html

Documentation

Overview

Package boxer is a streaming encryption implementation, based on Adam Langley's article: https://www.imperialviolet.org/2014/06/27/streamingencryption.html

In short, nacl/secretbox is used to seal a file in chunks, with each chunk being prefixed with its length. The nonce is incrementally marked so chunks are guaranteed to be in order. The encrypted blob is prepended with a header containing a version ID, the maximum chunk size, and flags. The flags are currently unused, but may be used in future versions.

Index

Constants

View Source 
const (
	// DefaultChunkSize is the default maximum chunk size for reading and
	// writing.
	DefaultChunkSize = 65536

	// Overhead is the number of bytes of overhead when boxing a message.
	Overhead = secretbox.Overhead
)

Variables

View Source 
var (
	ErrAlreadyClosed = errors.New("encryptor: already closed")
	ErrInvalidData   = errors.New("decryptor: encrypted message is invalid")
	ErrChunkSize     = errors.New("boxer: invalid chunk size")
)

Functions

This section is empty.

Types

type Decryptor 

type Decryptor struct {
	// contains filtered or unexported fields
}

Decryptor is an io.ReadCloser that reads encrypted data written by an Encryptor.

func NewDecryptor 

func NewDecryptor(r io.Reader, nonce *[16]byte, key *[32]byte) (*Decryptor, error)

NewDecryptor returns a new Decryptor. Nonce and key should be identical to the values originally passed to NewEncryptor.

Neither nonce or key are modified.

func (*Decryptor) Close 

func (d *Decryptor) Close() error

Close closes the Decryptor but does not close the underlying io.Reader.

func (*Decryptor) Read 

func (d *Decryptor) Read(p []byte) (n int, err error)

Read implements io.Reader.

type Encryptor 

type Encryptor struct {
	// contains filtered or unexported fields
}

Encryptor is an io.WriteCloser. Writes to an Encryptor are encrypted and written to w.

func NewEncryptor 

func NewEncryptor(w io.Writer, nonce *[16]byte, key *[32]byte) *Encryptor

NewEncryptor creates an Encryptor with the default chunk size.

func NewEncryptorSize 

func NewEncryptorSize(w io.Writer, nonce *[16]byte, key *[32]byte, size int) (*Encryptor, error)

NewEncryptor returns a new Encryptor. Writes to the returned Encryptor are encrypted and written to w. The size parameter dictates the maximum chunk size. It should be a positive integer in the range [0, 1 << 32 - 1]. Writes will always be chunk size + Overhead.

All writes will not be flushed until Close is called. Not closing an Encryptor will rsult in an invalid stream.

Neither nonce or key are modified.

func (*Encryptor) Close 

func (e *Encryptor) Close() (err error)

Close closes the Encryptor, flushing any unwritten data to the underlying io.Writer but does not close the underlying io.Writer.

func (*Encryptor) Write 

func (e *Encryptor) Write(p []byte) (n int, err error)

Writer writes an encrypted form of p to the underlying io.Writer. The compressed bytes are not necessarily flushed until the Encryptor is closed.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.