Documentation ¶
Index ¶
- Constants
- Variables
- func Decrypt(data []byte, sig string, key []byte) ([]byte, error)
- func DecryptDirFiles(dir string, key []byte) error
- func DecryptFile(path string, key []byte) (string, error)
- func Encrypt(data []byte, key []byte) ([]byte, string, error)
- func EncryptDirFiles(dir string, key []byte) error
- func EncryptFile(path string, key []byte) (string, error)
Constants ¶
const SignatureSize = sha256.Size * 2 // hex encoded SHA-256
Variables ¶
var LogOutput io.Writer = os.Stdout
Common actions are printed to stdout. These can be silenced by setting LogOutput = ioutil.Discard
Functions ¶
func Decrypt ¶
Decrypt takes data and a key and outputs decrypted data and any possible errors The key can be any length or empty (not recommended). A SHA-512/256 key is generated from the supplied key ensuring the 32 byte AES-256 key length requirement is met. Once decrypted, the data is decompressed using gzip.
func DecryptDirFiles ¶
DecryptDirFiles takes a directory and a key, and searches recursively, for any files that are named a SHA-256 checksum to decrypt. It passes each file to DecryptFile, and removes the encrypted original. Any files that do not match the SHA-256 checksum are left as-is.
func DecryptFile ¶
DecryptFile ensures the file name (SHA-256 checksum of contents) matches the checksum of the contents and passes the file contents to Decrypt. It parses the decrypted tar payload and attempts to restore the file to its original form (name, contents, mode, mod time) It returns the original file path and error if occurred
func Encrypt ¶
Encrypt takes data and a key and outputs encrypted data, it's HMAC SHA-256 signature and any possible errors. The key can be any length or empty (not recommended). The data can be any length or empty. Scrypt for the 32 byte AES-256 key derivation. The data is compressed using gzip prior to encryption. Raw byte output will need to be hex/base64 encoded before it is printable.
func EncryptDirFiles ¶
EncryptDirFiles takes a directory and a key and searches, recursively, for any files to encrypt and passes it to EncryptFile, replacing the existing file with the new encrypted version. All directories, symlinks, named pipes, sockets, and devices are left as-is.
func EncryptFile ¶
EncryptFile writes a file's name, size, mode, mod time, and contents in tar format and passes it to Encrypt. A new file is created that is named the SHA-256 checksum of the encrypted output. It returns the new file path and error if occurred
Types ¶
This section is empty.