Documentation
¶
Overview ¶
Package secret contains utilities for encrypting and decrypting data with secret keys; it is aimed primarily at password-based encryption. Encryption keys are typically derived from Scrypt (using 32768, 8, and 4 as the parameters) to obtain a key suitable for use with NaCl's secretbox (XSalsa20 and Poly1305).
This is the legacy version.
Index ¶
- Constants
- func Decrypt(key *[KeySize]byte, in []byte) ([]byte, bool)
- func DecryptFile(filename string, passphrase []byte) (data []byte, err error)
- func DeriveKey(passphrase []byte, salt []byte) *[KeySize]byte
- func Encrypt(key *[KeySize]byte, in []byte) ([]byte, bool)
- func EncryptFile(filename string, passphrase, encoded []byte) (err error)
- func GenerateKey() *[KeySize]byte
Constants ¶
const ( KeySize = 32 SaltSize = 32 )
KeySize contains the size (in bytes) of a NaCl secretbox key.
Variables ¶
This section is empty.
Functions ¶
func Decrypt ¶
Decrypt extracts the nonce from the ciphertext, and attempts to decrypt with NaCl's secretbox.
func DecryptFile ¶
DecryptFile recovers a secured blob from a file, returning a byte slice for parsing by the caller.
func DeriveKey ¶
DeriveKey applies Scrypt with very strong parameters to generate an encryption key from a passphrase and salt.
func Encrypt ¶
Encrypt generates a random nonce and encrypts the input using NaCl's secretbox package. The nonce is prepended to the ciphertext.
func EncryptFile ¶
EncryptFile securely stores the encoded blob under the filename.
func GenerateKey ¶
GenerateKey returns a randomly generated secretbox key. Typically, you should use DeriveKey to get a key from a passphrase instead. Returns nil on failure.
Types ¶
This section is empty.
Source Files