README
¶
Arcsek. Archive Secretly
A package for creating anecrypted archives using gzip compression. I thought it look cooler with a k at the end
The purpose of this package/library is to allow the creation of encrypted archives composed of many, probably large, files (like images or video). It takes care of not loading the whole files in memory since they can be very large and we might run out of memory.
Testing and large files
You can test this package as any other Go package/module by using go test. The tests are
configured to use every file in the testing-files/in directory. You can add large files
there and they will be taken into account.
Testing with limited memory
What I did to test if the package works with limited memory was to open 10 chrome tabs in a variety of
sites and then place a pair of 4k videos in testing-files/in which together are around 2 GB long, and I edited
the project on GoLand (based in IntelliJ) which itself uses some amount of memory. This way I made sure
the files are not been held in memory and it works for large amounts of data.
Known issues
The packages relies on temporal files instead of memory in order to not consume the whole ram when encrypting
large folders. The files are eventually deleted whe calling the Close() function. This might open the library
to side channel attacks when the archive is being created. Whoever, that does not affect the resulting archive
if it is transfered to another locatin (like a USB drive for instance)
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DecryptVault ¶
DecryptVault receives an io.Reader that contains an encrypted content and it's nonce at the start of it.
If the key is not 128, 192 or 256 bits long it will cause an error. If the data cannot be authenticated it will also return an error
Types ¶
type VaultReader ¶
type VaultReader struct {
*sio.EncReader
Nonce []byte
// contains filtered or unexported fields
}
VaultReader is amazing :D
but also implements io.Closer by deleting the underlying temporal clean file. It also stores the nonce if you need to use it later
It is important to close the vault in order to prevent the retrieval of the plain data from the temporal dir.
func NewVaultReader ¶
func NewVaultReader(files []string, key []byte) (*VaultReader, error)
NewVaultReader creates a new Vault reader by packaging the specified files and encrypted the archive with the specified key.
It will use AES 128, 192 or 256 depending on the length of the key. If a key of different length is provided, it will return an error.
It is important that you close this reader after you are done with it to delete any plain data that might be left
func (*VaultReader) Close ¶
func (v *VaultReader) Close() error
Close errases the underlying tempora file to prevent it's retrieval by an attacker and save disk space
Source Files