Documentation
¶
Index ¶
Constants ¶
const ( // ScryptN: scrypt N paramenter. 1<<20 is the recommended value for file encryption, it takes about 3 seconds in 2.9 GHz Intel core i7. ScryptN = 1 << 20 // ScryptR: scrypt r paramenter. Cache line size have not significantly increased since 2009, 8 should still be optimal for r. ScryptR = 8 // ScryptP: scrypt p paramenter. The parallel difficulty, 1 is still optimal. ScryptP = 1 // ScryptKeyLen: The length of returned byte slice that can be used as cryptographic key. ScryptKeyLen = 32 )
Default scrypt paramenters
Variables ¶
var DefaultScryptChacha20poly1305 = ScryptChacha20poly1305{ N: ScryptN, R: ScryptR, P: ScryptP, KeyLen: ScryptKeyLen, }
DefaultScryptChacha20poly1305 default ScryptChacha20poly1305 encryptor
var DefaultSha256Xor = Sha256Xor{}
DefaultSha256Xor default sha256xor encryptor
Functions ¶
This section is empty.
Types ¶
type ScryptChacha20poly1305 ¶
ScryptChacha20poly1305 provides methods for encryption/decryption with scrypt and chacha20poly1305
func (ScryptChacha20poly1305) Decrypt ¶
func (s ScryptChacha20poly1305) Decrypt(data, password []byte) ([]byte, error)
Decrypt decrypts the data with password 1. Base64 decodes the data 2. Reads the first [metaLengthSize] bytes data to get the metadata length, and reads out the metadata. 3. Scrypt derives key from password and paramenters in metadata 4. Chacha20poly1305 geneates AEAD 5. AEAD decrypts ciphertext with nonce in metadata and [length][metadata] as additional data.
func (ScryptChacha20poly1305) Encrypt ¶
func (s ScryptChacha20poly1305) Encrypt(data, password []byte) ([]byte, error)
Encrypt encrypts data with password, 1. Scrypt derives the key from password 2. Chacha20poly1305 generates AEAD from the derived key 4. Puts scrypt paramenters, salt and nonce into metadata, json serialize it and get the serialized metadata length 5. AEAD.Seal encrypts the data, and use [length][metadata] as additional data 6. Final format: base64([[length][metadata]][ciphertext]), length is 2 bytes.
type Sha256Xor ¶
type Sha256Xor struct{}
Sha256Xor provides methods to do encryption and decryption
func (Sha256Xor) Encrypt ¶
Encrypt encrypts the data with password
1> Add 32 bits length prefix to indicate the length of data. <length(4 bytes)><data> 2> Pad the length + data to 32 bytes with nulls at end 2> SHA256(<length(4 bytes)><data><padding>) and prefix the hash. <hash(32 bytes)><length(4 bytes)><data><padding> 3> Split the whole data(hash+length+data+padding) into 256 bits(32 bytes) blocks 4> Each block is encrypted by XORing the unencrypted block with SHA256(SHA256(password), SHA256(index, SHA256(nonce))
- index is 0 for the first block of 32 bytes, 1 for the second block of 32 bytes, 2 for third block
5> Prefix nonce and SHA256 the nonce with blocks to get checksum, and prefix the checksum 6> Finally, the data format is: base64(<checksum(32 bytes)><nonce(32 bytes)><block0.Hex(), block1.Hex()...>)
Source Files