secretbox

package

v0.0.0-...-462374e Latest Latest Go to latest Published: Nov 15, 2023 License: Unlicense Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Package secretbox implements a layer above NaCL's secretbox to encrypt and decrypt files.

This section is empty.

This section is empty.

func Open(cryptFile, plainFile string) error

Open decrypts the file cryptFile with a passphrase read from stdin and stores the result in plainFile (which must not exist):

1. Load cryptFile as BUF.

2. Split BUF into SALT|NONCE|ENC, where SALT is 32-byte, NONCE is 24-byte, and ENC is the remainder.

3. Derive 32-byte KEY (for secretbox) from passphrase with Argon2id using SALT (with time=1, memory=64MB, and threads=4).

4. Decrypt ENC to MSG with NaCL's secretbox.Open using NONCE and KEY.

5. Save MSG to plainFile.

func Seal(plainFile, cryptFile string) error

Seal encrypts the file plainFile with a passphrase read from stdin and stores the result in cryptFile (which must not exist):

1. Load plainFile as MSG.

2. Generate 32-byte SALT (for Argon2id) and 24-byte NONCE (for secretbox).

3. Derive 32-byte KEY (for secretbox) from passphrase with Argon2id using SALT (with time=1, memory=64MB, and threads=4).

4. Encrypt MSG to ENC with NaCL's secretbox.Seal using NONCE and KEY.

5. Save SALT|NONCE|ENC to cryptFile.

This section is empty.