README
¶
go-libsodium
why
libsodium should be easy.
how
a minimal cgo interface to the following libsodium constructs:
what
func Init()
func StreamKeygen() (key []byte, err error)
func StreamEncrypt(key []byte, plainText io.Reader, cipherText io.Writer) error
func StreamDecrypt(key []byte, cipherText io.Reader, plainText io.Writer) error
func StreamEncryptRecipients(publicKeys [][]byte, plainText io.Reader, cipherText io.Writer) error
func StreamDecryptRecipients(secretKey []byte, cipherText io.Reader, plainText io.Writer) error
func BoxKeypair() (publicKey, secretKey []byte, err error)
func BoxSealedEncrypt(plainText, recipientPublicKey []byte) (cipherText []byte, err error)
func BoxSealedDecrypt(cipherText, recipientSecretKey []byte) (plainText []byte, err error)
func BoxEasyEncrypt(plainText, recipientPublicKey, senderSecretKey []byte) (cipherText []byte, err error)
func BoxEasyDecrypt(cipherText, senderPublicKey, recipientSecretKey []byte) (plainText []byte, err error)
func SignKeypair() (publicKey, secretKey []byte, err error)
func Sign(plainText, signerSecretKey []byte) (signedText []byte, err error)
func SignVerify(signedText, plainText, signerPublicKey []byte) error
install
brew install go libsodium # homebrew
sudo pacman -S go libsodium # arch
sudo apk add go libsodium-dev # alpine
sudo apt-get install golang libsodium-dev # ubuntu/debian
go get github.com/nathants/go-libsodium
usage
package main
import (
"bytes"
"fmt"
"github.com/nathants/go-libsodium"
)
func Stream() {
libsodium.Init()
key, err := libsodium.StreamKeygen()
if err != nil {
panic(err)
}
value := []byte("hello world")
var cipher bytes.Buffer
err = libsodium.StreamEncrypt(key, bytes.NewReader(value), &cipher)
if err != nil {
panic(err)
}
var plain bytes.Buffer
err = libsodium.StreamDecrypt(key, bytes.NewReader(cipher.Bytes()), &plain)
if err != nil {
panic(err)
}
fmt.Println("stream", bytes.Equal(value, plain.Bytes()))
}
func StreamRecipients() {
libsodium.Init()
pk1, sk1, err := libsodium.BoxKeypair()
if err != nil {
panic(err)
}
pk2, sk2, err := libsodium.BoxKeypair()
if err != nil {
panic(err)
}
value := []byte("hello world")
var cipher bytes.Buffer
err = libsodium.StreamEncryptRecipients([][]byte{pk1, pk2}, bytes.NewReader(value), &cipher)
if err != nil {
panic(err)
}
var plain bytes.Buffer
err = libsodium.StreamDecryptRecipients(sk1, bytes.NewReader(cipher.Bytes()), &plain)
if err != nil {
panic(err)
}
fmt.Println("recipient1", bytes.Equal(value, plain.Bytes()))
plain.Reset()
err = libsodium.StreamDecryptRecipients(sk2, bytes.NewReader(cipher.Bytes()), &plain)
if err != nil {
panic(err)
}
fmt.Println("recipient2", bytes.Equal(value, plain.Bytes()))
}
func BoxSeal() {
libsodium.Init()
value := []byte("hello world")
pk, sk, err := libsodium.BoxKeypair()
if err != nil {
panic(err)
}
cipher, err := libsodium.BoxSealedEncrypt(value, pk)
if err != nil {
panic(err)
}
plain, err := libsodium.BoxSealedDecrypt(cipher, sk)
if err != nil {
panic(err)
}
fmt.Println("seal", bytes.Equal(value, plain))
}
func BoxEasy() {
value := []byte("hello world")
pk1, sk1, err := libsodium.BoxKeypair()
if err != nil {
panic(err)
}
pk2, sk2, err := libsodium.BoxKeypair()
if err != nil {
panic(err)
}
cipher, err := libsodium.BoxEasyEncrypt(value, pk2, sk1)
if err != nil {
panic(err)
}
plain, err := libsodium.BoxEasyDecrypt(cipher, pk1, sk2)
if err != nil {
panic(err)
}
fmt.Println("easy", bytes.Equal(value, plain))
}
func Sign() {
value := []byte("hello world")
pk, sk, err := libsodium.SignKeypair()
if err != nil {
panic(err)
}
signature, err := libsodium.Sign(value, sk)
if err != nil {
panic(err)
}
err = libsodium.SignVerify(signature, value, pk)
if err != nil {
panic(err)
}
fmt.Println("signature")
}
func main() {
Stream()
StreamRecipients()
BoxSeal()
BoxEasy()
Sign()
}
Documentation
¶
Index ¶
- Variables
- func BoxEasyDecrypt(cipherText, senderPublicKey, recipientSecretKey []byte) (plainText []byte, err error)
- func BoxEasyEncrypt(plainText, recipientPublicKey, senderSecretKey []byte) (cipherText []byte, err error)
- func BoxKeypair() (publicKey, secretKey []byte, err error)
- func BoxSealedDecrypt(cipherText, recipientSecretKey []byte) (plainText []byte, err error)
- func BoxSealedEncrypt(plainText, recipientPublicKey []byte) (cipherText []byte, err error)
- func Init()
- func Sign(plainText, signerSecretKey []byte) (signedText []byte, err error)
- func SignKeypair() (publicKey, secretKey []byte, err error)
- func SignVerify(signedText, plainText, signerPublicKey []byte) error
- func StreamDecrypt(key []byte, cipherText io.Reader, plainText io.Writer) error
- func StreamDecryptRecipients(secretKey []byte, cipherText io.Reader, plainText io.Writer) error
- func StreamEncrypt(key []byte, plainText io.Reader, cipherText io.Writer) error
- func StreamEncryptRecipients(publicKeys [][]byte, plainText io.Reader, cipherText io.Writer) error
- func StreamKeygen() (key []byte, err error)
Constants ¶
This section is empty.
Variables ¶
View Source
var (
StreamChunkSize = 1024 * 1024
)
Functions ¶
func BoxEasyDecrypt ¶
func BoxEasyEncrypt ¶
func BoxKeypair ¶
func BoxSealedDecrypt ¶
func BoxSealedEncrypt ¶
func SignKeypair ¶
func SignVerify ¶
func StreamDecrypt ¶
func StreamDecryptRecipients ¶
func StreamEncrypt ¶
func StreamEncryptRecipients ¶
func StreamKeygen ¶
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.