crypto

package
v0.5.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 13, 2020 License: GPL-3.0 Imports: 20 Imported by: 0

Documentation

Index

Constants

View Source 
const MaxMetadataLength = 32766

Maximum length of the (encoded) metadata: 32KB - 2 bytes The first 2 bytes are used for the length This could be increased to up to 64KB - 2 bytes

Variables

View Source 
var ErrMetadataOnly = errors.New("output stream is nil, only metadata was returned")

This error is returned if we're just returning the metadata from the file

View Source 
var File_metadata_proto protoreflect.FileDescriptor

Functions

func DecryptFile 

func DecryptFile(ctx context.Context, out io.Writer, in io.Reader, masterKey []byte, metadataCb MetadataCbReturn) (uint16, int32, []byte, error)

DecryptFile decrypts a stream (in), streaming the result to out If the result stream is nil, it only returns the metadata and stops reading The function requires a masterKey, a 32-byte key for AES-256, which is used to un-wrap the unique key for the file The function optionally accepts a metadata callback. When the metadata is extracted from the file, the callback is invoked with the metadata. The callback is invoked before the function starts streaming data to the out stream The function returns the version and length of the header, the wrapped key, and an error if any

func DecryptPackages added in v0.5.0 

func DecryptPackages(ctx context.Context, out io.Writer, in io.Reader, headerVersion uint16, wrappedKey []byte, masterKey []byte, seqNum, offset uint32, length int64, metadataCb MetadataCbReturn) error

DecryptPackages decrypts one or more packages/chunks of encrypted data (64kb + 32 bytes), streaming the result to out The function requires a wrapped key and the master key It also requires a sequence number, that is the number of the first package/chunk we expect to decrypt The function optionally accepts a metadata callback. When the metadata is extracted from the file (only from package #0), the callback is invoked with the metadata. The callback is invoked before the function starts streaming data to the out stream

func EncryptFile 

func EncryptFile(out io.WriteCloser, in io.Reader, masterKey []byte, metadata *Metadata) error

EncryptFile encrypts a stream (in), streaming the result to out The function requires a masterKey, a 32-byte key for AES-256, which is used to wrap a key unique for this file The function optionally accepts a metadata argument that will be encrypted at the beginning of the file

func GetFileHeader added in v0.5.0 

func GetFileHeader(in io.Reader) (uint16, int32, []byte, io.Reader, error)

GetFileHeader returns the wrapped key from the file header read from the stream "in" It returns the version and length of the header, the wrapped key as well as a new stream that should be used as input stream

func KeyFromPassphrase 

func KeyFromPassphrase(passphrase string, salt []byte) (key []byte, confirmationHash []byte, err error)

KeyFromPassphrase returns the 32-byte key derived from a passphrase and a salt using Argon2id It also returns a "confirmation hash" that can be used to ensure the passphrase is correct

func NewKey 

func NewKey() ([]byte, error)

NewKey generates a new, 32-byte key (unwrapped), suitable for AES-256

func NewSalt 

func NewSalt() ([]byte, error)

NewSalt generates a new, 16-byte salt, useful for Argon2id

func RandomBytes added in v0.3.0 

func RandomBytes(len int) ([]byte, error)

RandomBytes returns a byte slice full with random bytes, of a given length This is useful to generate cryptographic keys, for example

func UnwrapKey 

func UnwrapKey(wrappingKey []byte, wrappedKey []byte) ([]byte, error)

UnwrapKey unwraps a key wrapped with a 32-byte key

func WrapKey 

func WrapKey(wrappingKey []byte, key []byte) ([]byte, error)

WrapKey wraps a 32-byte key with another 32-byte key

Types 

type Header struct {
	Version uint16 `json:"v"`
	Key     []byte `json:"k"`
}

Header is the file header

type Metadata 

type Metadata struct {
	Name        string `protobuf:"bytes,1,opt,name=name,json=n,proto3" json:"name,omitempty"`
	ContentType string `protobuf:"bytes,2,opt,name=content_type,json=ct,proto3" json:"content_type,omitempty"`
	Size        int64  `protobuf:"varint,3,opt,name=size,json=sz,proto3" json:"size,omitempty"`
	// contains filtered or unexported fields
}

Metadata message

func (*Metadata) Descriptor deprecated added in v0.5.0 

func (*Metadata) Descriptor() ([]byte, []int)

Deprecated: Use Metadata.ProtoReflect.Descriptor instead.

func (*Metadata) GetContentType added in v0.5.0 

func (x *Metadata) GetContentType() string

func (*Metadata) GetName added in v0.5.0 

func (x *Metadata) GetName() string

func (*Metadata) GetSize added in v0.5.0 

func (x *Metadata) GetSize() int64

func (*Metadata) ProtoMessage added in v0.5.0 

func (*Metadata) ProtoMessage()

func (*Metadata) ProtoReflect added in v0.5.0 

func (x *Metadata) ProtoReflect() protoreflect.Message

func (*Metadata) Reset added in v0.5.0 

func (x *Metadata) Reset()

func (*Metadata) String added in v0.5.0 

func (x *Metadata) String() string

type MetadataCb 

type MetadataCb func(metadata *Metadata, metadataSize int32)

MetadataCb is the callback for the function that receives the metadata object, as well as the length of the encoded metadata (including the size bytes)

type MetadataCbReturn added in v0.5.0 

type MetadataCbReturn func(metadata *Metadata, metadataSize int32) (ok bool)

MetadataCbReturn is like MetadataCb, but it supports a return value The callback should return true if everything went fine, or false to interrupt reading/decrypting the data after the metadata

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.