Documentation
¶
Index ¶
Constants ¶
const PBKDF2Iterations = 100000
PBKDF2Iterations is the default number of iterations for PBKDF2, 100k iterations. Nist recommends at least 10k, 1Passsword uses 100k.
const PBKDF2SaltSize = 16
PBKDF2SaltSize is the default size of the salt for PBKDF2, 128-bit salt.
Variables ¶
This section is empty.
Functions ¶
func DecryptPEMBlock ¶
DecryptPEMBlock takes a password encrypted PEM block and the password used to encrypt it and returns a slice of decrypted DER encoded bytes.
If the PEM blocks has the Proc-Type header set to "4,ENCRYPTED" it uses x509.DecryptPEMBlock to decrypt the block. If not it tries to decrypt the block using AES-128-CBC, AES-192-CBC, AES-256-CBC using the key derived using PBKDF2 over the given password.
func DecryptPKCS8PrivateKey ¶
DecryptPKCS8PrivateKey takes a password encrypted private key using the PKCS#8 encoding and returns the decrypted data in PKCS#8 form.
It supports AES-128-CBC, AES-192-CBC, AES-256-CBC encrypted data using the key derived with PBKDF2 over the given password.
func EncryptPKCS8PrivateKey ¶
func EncryptPKCS8PrivateKey(rand io.Reader, data, password []byte, alg x509.PEMCipher) (*pem.Block, error)
EncryptPKCS8PrivateKey returns a PEM block holding the given PKCS#8 encroded private key, encrypted with the specified algorithm and a PBKDF2 derived key from the given password.
Types ¶
This section is empty.
Source Files