stl

package module

v0.6.0 Latest Latest Go to latest Published: Jan 2, 2024 License: MIT Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

README ¶

STL

STL (pronounced "subtle") is a curated collection of cryptographic primitives written in Go to encrypt and decrypt data with optional compression.

Features

Password based public key generation.
Encrypt data with public key generated from a password.
Encrypt data with password or a generated private key.
Decrypt data with password or a a given private key (works on all combinations of encryption).
Supports stream cipher along with stream compression thereby keeping a low memory footprint. Makes it handy for encrypting large files or data streams.

Under the hood

STL uses the following cryptographic primitives and libraries to encrypt/decrypt and compress/decompress data:

Argon2id for password hashing.
Curve25519 for elliptic curve cryptography.
XChaCha20-Poly1305 for encryption and decryption.
Zlib for compression and decompression.

Install or Update

go get -u dev.shib.me/stl

Usage Example

package main

import (
	"encoding/base32"
	"fmt"

	"dev.shib.me/stl"
)

func main() {
	// Creating a new private key for password
	privKey, err := stl.NewPrivateKeyForPassword([]byte("stl_password"))
	if err != nil {
		panic(err)
	}

	// Deriving  public key from private key
	pubKey, err := privKey.PublicKey()
	if err != nil {
		panic(err)
	}
	fmt.Println("PublicKey:", base32.StdEncoding.WithPadding(base32.NoPadding).EncodeToString(pubKey.Bytes()))

	platinText := []byte("It's a subtle world!")

	// Encrypting plain text with public key
	cipherText, err := pubKey.Encrypt(platinText, true)
	if err != nil {
		panic(err)
	}
	fmt.Println("Encrypted:", base32.StdEncoding.WithPadding(base32.NoPadding).EncodeToString(cipherText))

	// Decrypting cipher text with private key
	plainText, err := privKey.Decrypt(cipherText)
	if err != nil {
		panic(err)
	}
	fmt.Println("Decrypted:", string(plainText))
}

The output of the above code looks something like this:

PublicKey: MS5JUG7ZVJLETJA7WE2XKFHRE4PP6LKYCTEF2FTNUJ5QEZJIGZPCAIABX7UMDM7DPZX6WNOXICBUBBPPKE
Encrypted: AQQCAAN75DA3HY36N7VTLV2AQNAIL32RBWA2GJY7JNFA7QNOBT4CFXFBZMKY36DGE6FBKPATB7EJTD5SCNXI6URGO4WERYXYHYTL4RCXLRMYBG4K4UDZ5HGE7APXUVZ4RNESUV3EWVDJBHUAT5F7U5BFNUMTXB72Q3AZBGZDN3KXBWLUX23Q
Decrypted: It's a subtle world!

Documentation ¶

Index ¶

Constants
func Hash(data []byte, length uint32) []byte
type PrivateKey
type PublicKey
- func ParsePublicKey(pubKeyBytes []byte) (*PublicKey, error)

Constants ¶

View Source

const (

	// PrivateKeyLength is the length of a private key.
	PrivateKeyLength = cipherKeyLength
	// PublicKeyLength is the length of a public key.
	PublicKeyLength = cipherKeyLength + kdfSpecLength
	// CipherTextMinLength is the minimum length of a ciphertext.
	CipherTextMinLength = symmcipher.CipherTextMinLength
)

Variables ¶

This section is empty.

Functions ¶

func Hash ¶

func Hash(data []byte, length uint32) []byte

Hash returns the argon2 hash of the given data.

Types ¶

type PrivateKey ¶

type PrivateKey struct {
	// contains filtered or unexported fields
}

func NewPrivateKey ¶

func NewPrivateKey() (*PrivateKey, error)

NewPrivateKey creates a new random private key.

func NewPrivateKeyForPassword ¶

func NewPrivateKeyForPassword(password []byte) (*PrivateKey, error)

NewPrivateKeyForPassword creates a new private key for the given password.

func NewPrivateKeyForPasswordAndSpec ¶

func NewPrivateKeyForPasswordAndSpec(password []byte, iterations, memory, threads uint8) (*PrivateKey, error)

NewPrivateKeyForPasswordAndSpec creates a new private key for the given password and kdf spec.

func ParsePrivateKey ¶

func ParsePrivateKey(key []byte) (*PrivateKey, error)

ParsePrivateKey parses the given bytes and returns a corresponding private key. the given bytes must be 32 bytes long.

func (*PrivateKey) Bytes ¶

func (privateKey *PrivateKey) Bytes() ([]byte, error)

Bytes returns the private key as bytes only if it is not password based.

func (*PrivateKey) Decrypt ¶

func (privateKey *PrivateKey) Decrypt(ciphertext []byte) (data []byte, err error)

Decrypt decrypts the given ciphertext and returns the decrypted data.

func (*PrivateKey) DecryptStream ¶

func (privateKey *PrivateKey) DecryptStream(dst io.Writer, src io.Reader) (err error)

DecryptStream decrypts src and writes to dst.

func (*PrivateKey) Encrypt ¶

func (privateKey *PrivateKey) Encrypt(data []byte, compression bool) (ciphertext []byte, err error)

Encrypt encrypts data with the private key treating it as a symmetric key.

func (*PrivateKey) EncryptStream ¶

func (privateKey *PrivateKey) EncryptStream(dst io.Writer, src io.Reader, compression bool) (err error)

EncryptStream encrypts src with the private key treating it as a symmetric key and writes to dst.

func (*PrivateKey) NewDecryptingReader ¶

func (privateKey *PrivateKey) NewDecryptingReader(src io.Reader) (io.ReadCloser, error)

func (*PrivateKey) NewEncryptingWriter ¶

func (privateKey *PrivateKey) NewEncryptingWriter(dst io.Writer, compression bool) (writer io.WriteCloser, err error)

func (*PrivateKey) PublicKey ¶

func (privateKey *PrivateKey) PublicKey() (*PublicKey, error)

PublicKey returns the public key corresponding to the private key.

type PublicKey ¶

type PublicKey struct {
	// contains filtered or unexported fields
}

func ParsePublicKey ¶

func ParsePublicKey(pubKeyBytes []byte) (*PublicKey, error)

ParsePublicKey parses the given bytes and returns a corresponding public key. the given bytes must be 51 bytes long.

func (*PublicKey) Bytes ¶

func (publicKey *PublicKey) Bytes() []byte

Bytes returns the public key as bytes.

func (*PublicKey) Encrypt ¶

func (publicKey *PublicKey) Encrypt(data []byte, compression bool) (ciphertext []byte, err error)

Encrypt encrypts data with the public key.

func (*PublicKey) EncryptStream ¶

func (publicKey *PublicKey) EncryptStream(dst io.Writer, src io.Reader, compression bool) (err error)

EncryptStream encrypts src with the public key and writes to dst.

func (*PublicKey) NewEncryptingWriter ¶

func (publicKey *PublicKey) NewEncryptingWriter(dst io.Writer, compression bool) (writer io.WriteCloser, err error)

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
internal
ecc
symmcipher

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL