cryptohelper

package module
v0.0.0-...-12e987d Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 20, 2015 License: MIT Imports: 4 Imported by: 2

README

cryptohelper

GoDoc

Cryptohelper provides very simple-to-use wrappers around NaCl's secretbox package. This package only provides convenience functions, but does not try to actually do any of the crypto... that is best left to the experts!

Please read the GoDoc for the full documentation.

Documentation

Overview

Package cryptohelper provides very simple-to-use wrappers around NaCl's secretbox package. This package only provides convenience functions, but does not try to actually do any of the crypto... that is best left to the experts!

The Go implementations of NaCl and secretbox are documented here: https://godoc.org/golang.org/x/crypto/nacl/secretbox

This package basically does the following:

  • Implements a 256-bit random key generator using Go's rand library.
  • Wraps the secretbox Open/Seal routines with functions that read and write base64-encoded data
  • When encrypting, randomly generates a 24-bit nonce and prepends it to the ciphertext, which altogether is encoded in the b64 buffer.
  • When decrypting split the enbedded nonce from the ciphertext.

This page claims there's a negligible collision risk when randomly generating nonces: http://nacl.cr.yp.to/secretbox.html

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func RandomKey

func RandomKey() (string, error)

RandomKey generates 32 random bytes suitable for use as a key to NaCl's secretbox crypto library. The key is returned b64-encoded.

func SecretboxDecrypt

func SecretboxDecrypt(ciphertext string, key string) (string, error)

SecretboxDecrypt accepts a b64-encoded buffer consisting of a random 24-bit nonce followed by the ciphertext, and a b64-encoded 32-byte buffer containing the encryption key. The function will use NaCl's secretbox implementation to decrypt the ciphertext with the embedded nonce. The plaintext is returned in the absence of errors.

NaCl includes an HMAC within the ciphertext- if the ciphertext is tampered with, the HMAC authentication fails, and this function will return an error informing you of that.

func SecretboxEncrypt

func SecretboxEncrypt(plaintext string, key string) (string, error)

SecretboxEncrypt returns a b64-encoded buffer consisting of a random 24-bit nonce followed by the ciphertext encrypted with the given key using NaCl's secretbox implementation. The given key must be a b64-encoded 32-byte buffer.

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL