Documentation ¶
Index ¶
Constants ¶
const ( // ModeXTS is the AES-XTS mode ModeXTS = iota + 1 // ModeGCM is the AES-GCM mode ModeGCM // ModeCBC is the AES-CBC mode ModeCBC )
const ( // OperationEncrypt to let CryptBlock perform Encryption OperationEncrypt = iota + 1 // OperationDecrypt to let CryptBlock perform Encryption OperationDecrypt )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AEAD ¶
type AEAD interface { // NonceSize returns the size of the nonce that must be passed to Seal // and Open. NonceSize() int // Overhead returns the maximum difference between the lengths of a // plaintext and its ciphertext. Overhead() int // Seal encrypts and authenticates plaintext, authenticates the // additional data and appends the result to dst, returning the updated // slice. The nonce must be NonceSize() bytes long and unique for all // time, for a given key. // // The plaintext and dst may alias exactly or not at all. To reuse // plaintext's storage for the encrypted output, use plaintext[:0] as dst. Seal(dst, nonce, plaintext, additionalData []byte) []byte // Open decrypts and authenticates ciphertext, authenticates the // additional data and, if successful, appends the resulting plaintext // to dst, returning the updated slice. The nonce must be NonceSize() // bytes long and both it and the additional data must match the // value passed to Seal. // // The ciphertext and dst may alias exactly or not at all. To reuse // ciphertext's storage for the decrypted output, use ciphertext[:0] as dst. // // Even if the function fails, the contents of dst, up to its capacity, // may be overwritten. Open(dst, nonce, ciphertext, additionalData []byte) ([]byte, error) }
AEAD is a cipher mode providing authenticated encryption with associated data. For a description of the methodology, see
https://en.wikipedia.org/wiki/Authenticated_encryption
func NewGCM ¶
NewGCM returns the given 128-bit, block cipher wrapped in Galois Counter Mode with the standard nonce length.
In general, the GHASH operation performed by this implementation of GCM is not constant-time. An exception is when the underlying Block was created by aes.NewCipher on systems with hardware support for AES. See the crypto/aes package documentation for details.
type Block ¶
type Block interface { BlockSize() int SetIV(iv []byte) GCMAddAdditionalData(addData []byte) GCMGetAuthTag() []byte Encrypt(dst, src []byte, mode int) error Decrypt(dst, src []byte, mode int) error }
A Block represents an implementation of block cipher using a given key. It provides the capability to encrypt or decrypt individual blocks. The mode implementations extend that capability to streams of blocks.
type BlockMode ¶
type BlockMode interface { // BlockSize returns the mode's block size. BlockSize() int SetIV(iv []byte) Encrypt(dst, src []byte) error Decrypt(dst, src []byte) error CryptBlocks(dst, src []byte) error }
A BlockMode represents a block cipher running in a block-based mode (CBC, XTS etc).
func NewCBCDecrypter ¶
NewCBCDecrypter creates a AES-CBC decryption system
func NewCBCEncrypter ¶
NewCBCEncrypter creates a AES-CBC encryption system
func NewXTSEncryptor ¶
NewXTSEncryptor creates a AES-XTS system