cryptohelper

package module

v0.0.0-...-12e987d Latest Latest Go to latest Published: Apr 20, 2015 License: MIT Imports: 4 Imported by: 2

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/ibmendoza/cryptohelper

Links

Open Source Insights

README ¶

cryptohelper

Cryptohelper provides very simple-to-use wrappers around NaCl's secretbox package. This package only provides convenience functions, but does not try to actually do any of the crypto... that is best left to the experts!

Please read the GoDoc for the full documentation.

Documentation ¶

Overview ¶

Package cryptohelper provides very simple-to-use wrappers around NaCl's secretbox package. This package only provides convenience functions, but does not try to actually do any of the crypto... that is best left to the experts!

The Go implementations of NaCl and secretbox are documented here: https://godoc.org/golang.org/x/crypto/nacl/secretbox

This package basically does the following:

Implements a 256-bit random key generator using Go's rand library.
Wraps the secretbox Open/Seal routines with functions that read and write base64-encoded data
When encrypting, randomly generates a 24-bit nonce and prepends it to the ciphertext, which altogether is encoded in the b64 buffer.
When decrypting split the enbedded nonce from the ciphertext.

This page claims there's a negligible collision risk when randomly generating nonces: http://nacl.cr.yp.to/secretbox.html

Index ¶

func RandomKey() (string, error)
func SecretboxDecrypt(ciphertext string, key string) (string, error)
func SecretboxEncrypt(plaintext string, key string) (string, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func RandomKey ¶

func RandomKey() (string, error)

RandomKey generates 32 random bytes suitable for use as a key to NaCl's secretbox crypto library. The key is returned b64-encoded.

func SecretboxDecrypt ¶

func SecretboxDecrypt(ciphertext string, key string) (string, error)

SecretboxDecrypt accepts a b64-encoded buffer consisting of a random 24-bit nonce followed by the ciphertext, and a b64-encoded 32-byte buffer containing the encryption key. The function will use NaCl's secretbox implementation to decrypt the ciphertext with the embedded nonce. The plaintext is returned in the absence of errors.

NaCl includes an HMAC within the ciphertext- if the ciphertext is tampered with, the HMAC authentication fails, and this function will return an error informing you of that.

func SecretboxEncrypt ¶

func SecretboxEncrypt(plaintext string, key string) (string, error)

SecretboxEncrypt returns a b64-encoded buffer consisting of a random 24-bit nonce followed by the ciphertext encrypted with the given key using NaCl's secretbox implementation. The given key must be a b64-encoded 32-byte buffer.

Types ¶

This section is empty.

Source Files ¶

View all Source files

cryptohelper.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL