Documentation
¶
Index ¶
- Constants
- Variables
- func DecBlobReader(in io.Reader, key []byte) (io.Reader, error)
- func DecryptJSON(ciphertext string, key, nonce, salt []byte, val interface{}) (err error)
- func EncBlobWriter(in io.Writer, key []byte) (io.WriteCloser, error)
- func EncryptJSON(val interface{}, key, nonce, salt []byte) (ciphertext string, err error)
- func GetPassSTDIN(prompt string, passReader func() ([]byte, error)) (_ string, err error)
- func NewURLCompat(e *EnCrypto, opts *Opts) (u *url.URL, err error)
- type Algos
- type Crypto
- type DeCrypto
- type EnCrypto
- type Opts
Constants ¶
const ( // BaseCryptoURL is the base url to append query params to in compat mode BaseCryptoURL = "https://crypto.senetas.com/" // AlgosKey is the key used for the algos field in the url encoding of the crypto object AlgosKey = "algos" // VersionKey is the key used for the version field in the url encoding of the crypto object VersionKey = "version" // KeyKey is the key used for the (encrypted) data key in the url encoding of the crypto object KeyKey = "key" // NonceKey is the key used for the version field in the url encoding of the crypto object NonceKey = "nonce" // SaltKey is the key used for the version field in the url encoding of the crypto object SaltKey = "salt" // ItersKey is the key used for the version field in the url encoding of the crypto object ItersKey = "iters" )
Variables ¶
var StdinPassReader = func() ([]byte, error) { return terminal.ReadPassword(syscall.Stdin) }
StdinPassReader reads a password from stdin
Functions ¶
func DecBlobReader ¶
DecBlobReader returns an io.Reader that decrypts read data with the supplied key
func DecryptJSON ¶
DecryptJSON decrypts a string that is the base64 (URL) encoded ciphertext of a json object and assigns that object to val
func EncBlobWriter ¶
EncBlobWriter returns an io.WriteCloser that encrypts written data with the supplied key
func EncryptJSON ¶
EncryptJSON encrypts a JSON object and base64 (URL) encodes the ciphertext
func GetPassSTDIN ¶
GetPassSTDIN prompte the user for a passphrase
Types ¶
type Algos ¶
type Algos string
Algos represents the collection of algorithms used for encryption and authentication
const ( // None represents an identity encryption function None Algos = "NONE" // Pbkdf2Aes256Gcm represents aead with AES256-GCM with a key derived // from a passphrase using PBKDF2 Pbkdf2Aes256Gcm Algos = "PBKDF2-AES256-GCM" // Pbkdf2Iter is the number of iterations of PBKDF2 to run Pbkdf2Iter = 4e4 )
func ValidateAlgos ¶
ValidateAlgos converts a string to valid Algos if possible
type Crypto ¶
type Crypto struct {
Algos Algos `json:"algos"`
Nonce []byte `json:"nonce"`
Salt []byte `json:"salt"`
Iters int `json:"iters"`
Version int `json:"version"`
}
Crypto contains the common parts of EnCrypto and DeCrypto
type DeCrypto ¶
DeCrypto is a decrypted key with the algotithms used to encrypt it and the data
func DecryptKey ¶
DecryptKey is the inverse function of EncryptKey (up to error)
func NewDecrypto ¶
NewDecrypto create a new DeCrypto struct that holds decrupted key data
type EnCrypto ¶
EnCrypto is a encrypted key with the algotithms used to encrypt it and the data
func EncryptKey ¶
EncryptKey encrypts a plaintext key with a passphrase and salt
type Opts ¶
type Opts struct {
// whether the encryption data should be stored in a v2.2 compatible manifest or not
Compat bool
Version int
Algos Algos
Iter int
// contains filtered or unexported fields
}
Opts stores data necessary for encryption
func (*Opts) GetPassphrase ¶
GetPassphrase prompt the user to enter a passphrase to decrypt
func (*Opts) SetPassphrase ¶
SetPassphrase sets the passphrase
Source Files