aesgcm

Documentation

Index

• Variables
• type AESGCM
  • func NewAESGCM(random io.Reader) AESGCM
  • func (this AESGCM) GenerateKey() []byte
  • func (this AESGCM) Open(key, ciphertext, nonce, additionalData []byte) (plaintext []byte, err error)
  • func (this AESGCM) Seal(key, data, additionalData []byte) ([]byte, []byte, error)

Variables

var (
	ErrInvalidNonce         = errors.New("crypto/cipher: incorrect nonce length given to GCM")
	ErrMessageTooLarge      = errors.New("crypto/cipher: message too large for GCM")
	ErrInvalidBufferOverlap = errors.New("crypto/cipher: invalid buffer overlap")
)

Types

type AESGCM

type AESGCM struct {
	// contains filtered or unexported fields
}

func NewAESGCM

func NewAESGCM(random io.Reader) AESGCM

AES CGM encrypter / decrypter. Accepts a logger and optional source of entropy, such as the TPM or an HSM. A randomly generated nonce, not exceeding 96 bits, is automatically generated to add nonce misuse-resistance.

In addition, this code wraps the panic that the Golang runtime throws when a nonce is incorrect, a message is too large, or a buffer overlap is detected, and returns a recoverable error instead of allowing it to crash servers. https://pkg.go.dev/crypto/cipher https://datatracker.ietf.org/doc/html/rfc8452

func (AESGCM) GenerateKey

func (this AESGCM) GenerateKey() []byte

Generates and returns an AES-256 32 byte key encoded to hexidecimal

func (AESGCM) Open

func (this AESGCM) Open(key, ciphertext, nonce, additionalData []byte) (plaintext []byte, err error)

Seal encrypts and authenticates plaintext, authenticates the additional data and

func (AESGCM) Seal

func (this AESGCM) Seal(key, data, additionalData []byte) ([]byte, []byte, error)

Seal the provided plain-test and "additional data" data with the specified encryption key, using AES256 in GCM mode, which provides authenticated encryption. Returns the ciphertext and a nonce, used as the Initialization Vector for the AES counter mode.