Documentation ¶
Overview ¶
Package secretbox implements a layer above NaCL's secretbox to encrypt and decrypt files.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Open ¶
Open decrypts the file cryptFile with a passphrase read from stdin and stores the result in plainFile (which must not exist):
1. Load cryptFile as BUF.
2. Split BUF into SALT|NONCE|ENC, where SALT is 32-byte, NONCE is 24-byte, and ENC is the remainder.
3. Derive 32-byte KEY (for secretbox) from passphrase with Argon2id using SALT (with time=1, memory=64MB, and threads=4).
4. Decrypt ENC to MSG with NaCL's secretbox.Open using NONCE and KEY.
5. Save MSG to plainFile.
func Seal ¶
Seal encrypts the file plainFile with a passphrase read from stdin and stores the result in cryptFile (which must not exist):
1. Load plainFile as MSG.
2. Generate 32-byte SALT (for Argon2id) and 24-byte NONCE (for secretbox).
3. Derive 32-byte KEY (for secretbox) from passphrase with Argon2id using SALT (with time=1, memory=64MB, and threads=4).
4. Encrypt MSG to ENC with NaCL's secretbox.Seal using NONCE and KEY.
5. Save SALT|NONCE|ENC to cryptFile.
Types ¶
This section is empty.