Documentation ¶
Index ¶
- Constants
- Variables
- func DecFromTemp(tmpFile string, pass []byte, saveto string, salt string)
- func Decrypt(in io.Reader, out io.Writer, keyAes, keyHmac []byte) (err error)
- func EncToTemp(filepath string, pass []byte) string
- func Encrypt(in io.Reader, out io.Writer, keyAes, keyHmac []byte) (err error)
- func GenSalt() []byte
- type StreamDecrypter
- type StreamEncrypter
- type StreamMeta
Constants ¶
const BUFFER_SIZE int = 16 * 1024
const IV_SIZE int = 16
const V1 byte = 0x1
Variables ¶
var ErrInvalidHMAC = errors.New("Invalid HMAC")
ErrInvalidHMAC for authentication failure
var (
ScryptParams = scrypt.Params{N: 65536, R: 1, P: 2, SaltLen: 16, DKLen: 32}
)
Functions ¶
func DecFromTemp ¶ added in v0.0.4
DecFromTemp decrypt from temp file
func Decrypt ¶ added in v0.0.4
Decrypt the stream and verify HMAC using the given AES-CTR and SHA512-HMAC key Do not trust the out io.Writer contents until the funtion returns the result of validating the ending HMAC hash.
Types ¶
type StreamDecrypter ¶
type StreamDecrypter struct { Source io.Reader Block cipher.Block Stream cipher.Stream Mac hash.Hash Meta StreamMeta }
StreamDecrypter is a decrypter for a stream of data with authentication
func NewStreamDecrypter ¶
func NewStreamDecrypter(key []byte, meta StreamMeta, cipherText io.Reader) (*StreamDecrypter, error)
NewStreamDecrypter creates a new stream decrypter
func (*StreamDecrypter) Authenticate ¶
func (s *StreamDecrypter) Authenticate() error
Authenticate verifys that the hash of the stream is correct. This should only be called after processing is finished
type StreamEncrypter ¶
type StreamEncrypter struct { Source io.Reader Block cipher.Block Stream cipher.Stream Mac hash.Hash IV []byte }
StreamEncrypter is an encrypter for a stream of data with authentication
func NewStreamEncrypter ¶
func NewStreamEncrypter(key []byte, plainText io.Reader) (*StreamEncrypter, error)
NewStreamEncrypter creates a new stream encrypter
func (*StreamEncrypter) Meta ¶
func (s *StreamEncrypter) Meta() StreamMeta
Meta returns the encrypted stream metadata for use in decrypting. This should only be called after the stream is finished
type StreamMeta ¶
type StreamMeta struct { // IV is the initial value for the crypto function IV []byte // Hash is the sha256 hmac of the stream Hash []byte }
StreamMeta is metadata about an encrypted stream