sbox

package module
v1.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 9, 2021 License: ISC Imports: 8 Imported by: 10

README

sbox

Build Status ISC License GoDoc Go Report Card

Sbox Overview

Sbox takes random data and encrypts it into a portable binary blob. The binary blob has a header that encodes the random 24 byte nonce and it provides a single 32 bit user settable field that can function as a tag to identify or version data.

License

sbox is licensed under the copyfree ISC License.

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (

	// ErrInvalidHeader is returned when the header is too short.
	ErrInvalidHeader = errors.New("invalid sbox header")

	// ErrInvalidMagic is returned is the header does not start with magic
	// prefix.
	ErrInvalidMagic = errors.New("invalid magic")

	// ErrCouldNotDecrypt is returned when the secret box decryption fails.
	ErrCouldNotDecrypt = errors.New("could not decrypt")

	// ErrInvalidNonce is returned when a user provided nonce is of an
	// invalid size. A user provided nonce must be 0 < N <= 24.
	ErrInvalidNonce = errors.New("invalid nonce size")
)

Functions

func Decrypt 

func Decrypt(key *[32]byte, packed []byte) ([]byte, uint32, error)

Decrypt decrypts the packed blob using provided key. It unpacks the sbox header and returns the version and unencrypted data if successful.

func Encrypt 

func Encrypt(version uint32, key *[32]byte, data []byte) ([]byte, error)

Encrypt encrypts data with the provided key and generates a random nonce. Note that it is the callers responsibility to ensure that a nonce is NEVER reused with the same key. It prefixes the encrypted blob with an sbox header which encodes the provided version. The user provided version can be used as a hint to identify or version the packed blob. Version is not inspected or used by Encrypt and Decrypt.

func EncryptN added in v1.1.0 

func EncryptN(version uint32, key *[32]byte, nonce [24]byte, data []byte) ([]byte, error)

EncryptN encrypts data with the provided key and nonce. Note that it is the callers responsibility to ensure that a nonce is NEVER reused with the same key. It prefixes the encrypted blob with an sbox header which encodes the provided version. The user provided version can be used as a hint to identify or version the packed blob. Version is not inspected or used by Encrypt and Decrypt.

func NewKey 

func NewKey() (*[32]byte, error)

NewKey generates a new secret key for a NACL secret box. This key must not be disclosed.

Types

type Nonce added in v1.1.0 

type Nonce struct {
	sync.Mutex
	// contains filtered or unexported fields
}

Nonce represents a valid nonce and counter that can be used as an input to EncryptN. Note that the caller is responsible for ensuring that a nonce is never reused with the same key.

func NewNonce added in v1.1.0 

func NewNonce() *Nonce

NewNonce returns a nonce that is set to 0.

func NewNonceFromBytes added in v1.1.0 

func NewNonceFromBytes(n []byte) (*Nonce, error)

NewNonceFromBytes returns a nonce that is set to n.

func (*Nonce) Current added in v1.1.0 

func (n *Nonce) Current() [24]byte

Current returns the current nonce value. This functions must be called without the mutex held.

func (*Nonce) Next added in v1.1.0 

func (n *Nonce) Next() [24]byte

Next returns the current nonce plus one value. This functions must be called without the mutex held.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.