boxer: github.com/SermoDigital/boxer Index | Files

package boxer

import "github.com/SermoDigital/boxer"

Package boxer is a streaming encryption implementation, based on Adam Langley's article: https://www.imperialviolet.org/2014/06/27/streamingencryption.html

In short, nacl/secretbox is used to seal a file in chunks, with each chunk being prefixed with its length. The nonce is incrementally marked so chunks are guaranteed to be in order. The encrypted blob is prepended with a header containing a version ID, the maximum chunk size, and flags. The flags are currently unused, but may be used in future versions.

Index

Package Files

boxer.go

Constants

const (
    // DefaultChunkSize is the default maximum chunk size for reading and
    // writing.
    DefaultChunkSize = 65536

    // Overhead is the number of bytes of overhead when boxing a message.
    Overhead = secretbox.Overhead
)

Variables

var (
    ErrAlreadyClosed = errors.New("encryptor: already closed")
    ErrInvalidData   = errors.New("decryptor: encrypted message is invalid")
    ErrChunkSize     = errors.New("boxer: invalid chunk size")
)

type Decryptor Uses

type Decryptor struct {
    // contains filtered or unexported fields
}

Decryptor is an io.ReadCloser that reads encrypted data written by an Encryptor.

func NewDecryptor Uses

func NewDecryptor(r io.Reader, nonce *[16]byte, key *[32]byte) (*Decryptor, error)

NewDecryptor returns a new Decryptor. Nonce and key should be identical to the values originally passed to NewEncryptor.

Neither nonce or key are modified.

func (*Decryptor) Close Uses

func (d *Decryptor) Close() error

Close closes the Decryptor but does not close the underlying io.Reader.

func (*Decryptor) Read Uses

func (d *Decryptor) Read(p []byte) (n int, err error)

Read implements io.Reader.

type Encryptor Uses

type Encryptor struct {
    // contains filtered or unexported fields
}

Encryptor is an io.WriteCloser. Writes to an Encryptor are encrypted and written to w.

func NewEncryptor Uses

func NewEncryptor(w io.Writer, nonce *[16]byte, key *[32]byte) *Encryptor

NewEncryptor creates an Encryptor with the default chunk size.

func NewEncryptorSize Uses

func NewEncryptorSize(w io.Writer, nonce *[16]byte, key *[32]byte, size int) (*Encryptor, error)

NewEncryptor returns a new Encryptor. Writes to the returned Encryptor are encrypted and written to w. The size parameter dictates the maximum chunk size. It should be a positive integer in the range [0, 1 << 32 - 1]. Writes will always be chunk size + Overhead.

All writes will not be flushed until Close is called. Not closing an Encryptor will rsult in an invalid stream.

Neither nonce or key are modified.

func (*Encryptor) Close Uses

func (e *Encryptor) Close() (err error)

Close closes the Encryptor, flushing any unwritten data to the underlying io.Writer but does not close the underlying io.Writer.

func (*Encryptor) Write Uses

func (e *Encryptor) Write(p []byte) (n int, err error)

Writer writes an encrypted form of p to the underlying io.Writer. The compressed bytes are not necessarily flushed until the Encryptor is closed.

Package boxer imports 5 packages (graph). Updated 2016-08-15. Refresh now. Tools for package owners. This is an inactive package (no imports and no commits in at least two years).