simplecrypto

package
v0.0.0-...-3b91d86 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 21, 2019 License: MIT Imports: 8 Imported by: 0

Documentation

Overview

Package simplecrypto implements a simplified interface for encryption and decryption using AES encryption in CFB mode.

It is implemented using examples given in crypto/cipher and crypto/hmac.

Index

Constants

This section is empty.

Variables

View Source 
var (
	// ErrCiphertextTooShort is returned when the provided ciphertext is too
	// short to contain a valid IV.
	ErrCiphertextTooShort = errors.New("simplecrypto: ciphertext too short")

	// ErrHMACDoesNotMatch is returned when the provided HMAC does not match.
	ErrHMACDoesNotMatch = errors.New("simplecrypto: HMAC does not match ciphertext")
)

Functions

func CheckAndDecrypt 

func CheckAndDecrypt(key, ciphertext, hmac []byte) (payload []byte, err error)

CheckAndDecrypt checks the HMAC of the chiphertext, and decrypts it if the HMAC matches.

func CheckMAC 

func CheckMAC(key, message, messageMAC []byte) bool

CheckMAC reports whether messageMAC is a valid HMAC tag for message.

This implementation is given in the documentation for crypto/hmac.

func DecodeJSON 

func DecodeJSON(key, data []byte) ([]byte, error)

DecodeJSON decodes a serialized JSON message (data) using a key, and returns the decrypted payload. If the decoded cyphertext does not match the decoded HMAC, then an error is returned.

func DecodeJSONReader 

func DecodeJSONReader(key []byte, r io.Reader) ([]byte, error)

DecodeJSONReader performs the same task as DecodeJSON, but reads from a Reader.

func Decrypt 

func Decrypt(key, ciphertext []byte) (payload []byte, err error)

Decrypt decrypts a ciphertext using the given key. It returns a byte slice of the encrypted payload.

This function assumes the ciphertext is in the format generated by the Encrypt function, i.e. the IV followed by the encrypted payload.

Note: Ciphertexts must be authenticated as well as encrypted in order to be secure. Be sure to check the ciphertext's HMAC before decrypting it. This library provides shorthand for checking the HMAC of a ciphertext.

func EncodeJSON 

func EncodeJSON(key, payload []byte) ([]byte, error)

EncodeJSON encrypts a payload using a key, then encodes it as a JSON object, which includes the ciphertext and its HMAC.

func EncodeJSONWriter 

func EncodeJSONWriter(key, payload []byte, w io.Writer) error

EncodeJSONWriter performs the same task as EncodeJSON, but writes to a Writer.

func Encrypt 

func Encrypt(key, payload []byte) (ciphertext []byte, err error)

Encrypt encrypts a payload using the given key. It returns a byte slice with the IV as the first aes.BlockSize bytes, followed by the encrypted payload.

Note: Ciphertexts must be authenticated as well as encrypted in order to be secure. Be sure to calculate the ciphertext's HMAC to send with it. This library provides shorthand for calculating the HMAC of a ciphertext.

func EncryptAndHMAC 

func EncryptAndHMAC(key, payload []byte) (ciphertext, hmac []byte, err error)

EncryptAndHMAC encrypts the payload using Encrypt, then calculates the ciphertext's HMAC.

func HMAC 

func HMAC(key, message []byte) []byte

HMAC calculates the HMAC of the message using the given key using the SHA256 has function.

Types

type JSONMessage 

type JSONMessage struct {
	Ciphertext []byte `json:"ciphertext"`
	HMAC       []byte `json:"hmac"`
}

JSONMessage defines a serialization format for a ciphertext and its HMAC. The two fields are encoded by encoding/json as base64 strings.

This type is not intended to be used directly, but is exported to show the JSON format.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.