aead

package
v1.7.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 10, 2022 License: Apache-2.0 Imports: 27 Imported by: 66

Documentation

Overview

Package aead provides implementations of the AEAD primitive.

AEAD encryption assures the confidentiality and authenticity of the data. This primitive is CPA secure.

Example 
package main

import (
	"encoding/base64"
	"fmt"
	"log"

	"github.com/google/tink/go/aead"
	"github.com/google/tink/go/keyset"
)

func main() {
	kh, err := keyset.NewHandle(aead.AES256GCMKeyTemplate())
	if err != nil {
		log.Fatal(err)
	}

	// TODO: save the keyset to a safe location. DO NOT hardcode it in source code.
	// Consider encrypting it with a remote key in Cloud KMS, AWS KMS or HashiCorp Vault.
	// See https://github.com/google/tink/blob/master/docs/GOLANG-HOWTO.md#storing-and-loading-existing-keysets.

	a, err := aead.New(kh)
	if err != nil {
		log.Fatal(err)
	}

	msg := []byte("this message needs to be encrypted")
	aad := []byte("this data needs to be authenticated, but not encrypted")
	ct, err := a.Encrypt(msg, aad)
	if err != nil {
		log.Fatal(err)
	}

	pt, err := a.Decrypt(ct, aad)
	if err != nil {
		log.Fatal(err)
	}

	fmt.Printf("Ciphertext: %s\n", base64.StdEncoding.EncodeToString(ct))
	fmt.Printf("Original  plaintext: %s\n", msg)
	fmt.Printf("Decrypted Plaintext: %s\n", pt)
}

Output:

Index

Examples

Constants

This section is empty.

Variables

This section is empty.

Functions

func AES128CTRHMACSHA256KeyTemplate 

func AES128CTRHMACSHA256KeyTemplate() *tinkpb.KeyTemplate

AES128CTRHMACSHA256KeyTemplate is a KeyTemplate that generates an AES-CTR-HMAC-AEAD key with the following parameters:

  • AES key size: 16 bytes
  • AES CTR IV size: 16 bytes
  • HMAC key size: 32 bytes
  • HMAC tag size: 16 bytes
  • HMAC hash function: SHA256

func AES128GCMKeyTemplate 

func AES128GCMKeyTemplate() *tinkpb.KeyTemplate

AES128GCMKeyTemplate is a KeyTemplate that generates an AES-GCM key with the following parameters:

  • Key size: 16 bytes
  • Output prefix type: TINK

func AES256CTRHMACSHA256KeyTemplate 

func AES256CTRHMACSHA256KeyTemplate() *tinkpb.KeyTemplate

AES256CTRHMACSHA256KeyTemplate is a KeyTemplate that generates an AES-CTR-HMAC-AEAD key with the following parameters:

  • AES key size: 32 bytes
  • AES CTR IV size: 16 bytes
  • HMAC key size: 32 bytes
  • HMAC tag size: 32 bytes
  • HMAC hash function: SHA256

func AES256GCMKeyTemplate 

func AES256GCMKeyTemplate() *tinkpb.KeyTemplate

AES256GCMKeyTemplate is a KeyTemplate that generates an AES-GCM key with the following parameters:

  • Key size: 32 bytes
  • Output prefix type: TINK

func AES256GCMNoPrefixKeyTemplate 

func AES256GCMNoPrefixKeyTemplate() *tinkpb.KeyTemplate

AES256GCMNoPrefixKeyTemplate is a KeyTemplate that generates an AES-GCM key with the following parameters:

  • Key size: 32 bytes
  • Output prefix type: RAW

func ChaCha20Poly1305KeyTemplate 

func ChaCha20Poly1305KeyTemplate() *tinkpb.KeyTemplate

ChaCha20Poly1305KeyTemplate is a KeyTemplate that generates a CHACHA20_POLY1305 key.

func KMSEnvelopeAEADKeyTemplate 

func KMSEnvelopeAEADKeyTemplate(uri string, dekT *tinkpb.KeyTemplate) *tinkpb.KeyTemplate

KMSEnvelopeAEADKeyTemplate is a KeyTemplate that generates a KMSEnvelopeAEAD key for a given KEK in remote KMS. Keys generated by this key template uses RAW output prefix to make them compatible with the remote KMS' encrypt/decrypt operations. Unlike other templates, when you generate new keys with this template, Tink does not generate new key material, but only creates a reference to the remote KEK.

func New 

func New(h *keyset.Handle) (tink.AEAD, error)

New returns an AEAD primitive from the given keyset handle.

func NewWithKeyManager deprecated 

func NewWithKeyManager(h *keyset.Handle, km registry.KeyManager) (tink.AEAD, error)

NewWithKeyManager returns an AEAD primitive from the given keyset handle and custom key manager.

Deprecated: Use New.

func XChaCha20Poly1305KeyTemplate 

func XChaCha20Poly1305KeyTemplate() *tinkpb.KeyTemplate

XChaCha20Poly1305KeyTemplate is a KeyTemplate that generates a XCHACHA20_POLY1305 key.

Types

type KMSEnvelopeAEAD 

type KMSEnvelopeAEAD struct {
	// contains filtered or unexported fields
}

KMSEnvelopeAEAD represents an instance of Envelope AEAD.

func NewKMSEnvelopeAEAD deprecated 

func NewKMSEnvelopeAEAD(kt tinkpb.KeyTemplate, remote tink.AEAD) *KMSEnvelopeAEAD

NewKMSEnvelopeAEAD creates an new instance of KMSEnvelopeAEAD.

Deprecated: Use NewKMSEnvelopeAEAD2 which takes a pointer to a KeyTemplate proto rather than a value.

func NewKMSEnvelopeAEAD2 added in v1.5.0 

func NewKMSEnvelopeAEAD2(kt *tinkpb.KeyTemplate, remote tink.AEAD) *KMSEnvelopeAEAD

NewKMSEnvelopeAEAD2 creates an new instance of KMSEnvelopeAEAD.

func (*KMSEnvelopeAEAD) Decrypt 

func (a *KMSEnvelopeAEAD) Decrypt(ct, aad []byte) ([]byte, error)

Decrypt implements the tink.AEAD interface for decryption.

func (*KMSEnvelopeAEAD) Encrypt 

func (a *KMSEnvelopeAEAD) Encrypt(pt, aad []byte) ([]byte, error)

Encrypt implements the tink.AEAD interface for encryption.

Source Files

View all Source files

Directories

Path Synopsis
Package subtle provides subtle implementations of the AEAD primitive.
 Package subtle provides subtle implementations of the AEAD primitive.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.