Documentation ¶
Overview ¶
Package triplesec implements the TripleSec v3 encryption and authentication scheme.
For details on TripleSec, go to https://keybase.io/triplesec/
Index ¶
Constants ¶
const MacOutputLen = 64
MacOutputLen is used for calculation of Overhead
const SaltLen = 16
SaltLen determines the size of salt applied to hash functions
Variables ¶
var ( IVLen = 16 SalsaIVLen = 24 TotalIVLen = 2*IVLen + SalsaIVLen DkLen = 2*macKeyLen + 3*cipherKeyLen )
IVLen sets Initialization Vector length
var MagicBytes = [4]byte{0x1c, 0x94, 0xd7, 0xde}
MagicBytes are the four bytes prefixed to every TripleSec ciphertext, 1c 94 d7 de.
var Overhead = len(MagicBytes) + 4 + SaltLen + 2*MacOutputLen + TotalIVLen
Overhead is the amount of bytes added to a TripleSec ciphertext.
len(plaintext) + Overhead = len(ciphertext)
It consists of: magic bytes + version + salt + 2 * MACs + 3 * IVS.
var Version uint32 = 3
Version is written to encrypted items to support different implementation versions
Functions ¶
This section is empty.
Types ¶
type BadPassphraseError ¶
type BadPassphraseError struct{}
BadPassphraseError indicates an incorrect passphrase or failed MAC
func (BadPassphraseError) Error ¶
func (e BadPassphraseError) Error() string
type Cipher ¶
type Cipher struct {
// contains filtered or unexported fields
}
Cipher consists of passphrase, salt, and derived key
func (*Cipher) Decrypt ¶
Decrypt decrypts a TripleSec ciphertext using the Cipher passphrase. The dst buffer size must be at least len(src) - Overhead. dst and src can not overlap. src is left untouched.
Encrypt returns a error if the ciphertext is not recognized, if authentication fails or on memory failures.
func (*Cipher) Encrypt ¶
Encrypt encrypts and signs a plaintext message with TripleSec using a random salt and the Cipher passphrase. The dst buffer size must be at least len(src) + Overhead. dst and src can not overlap. src is left untouched.
Encrypt returns a error on memory or RNG failures.
type CorruptionError ¶
type CorruptionError struct {
// contains filtered or unexported fields
}
CorruptionError indicates that the encrypted item is corrupted
func (CorruptionError) Error ¶
func (e CorruptionError) Error() string
type VersionError ¶
type VersionError struct {
// contains filtered or unexported fields
}
VersionError indicates a version mismatch or unsuppported version
func (VersionError) Error ¶
func (e VersionError) Error() string