Documentation
¶
Index ¶
- Constants
- func NewSecretCipher(password []byte, salt []byte) (cipher.AEAD, *memguard.LockedBuffer, error)
- func SealSecret(aeadCipher cipher.AEAD, nonce []byte, secret *memguard.LockedBuffer) []byte
- func UnsealSecret(aeadCipher cipher.AEAD, nonce []byte, encryptedSecret []byte) (*memguard.LockedBuffer, error)
Constants ¶
View Source
const ( // SecretKeySizeInBytes specifies the length of the secret key in bytes. // This size is defined according to the Massa standard. SecretKeySizeInBytes = 32 // Pkdf2NbRound is the number of rounds for the PBKDF2 algorithm. // This number of rounds is defined according to the Massa standard. Pkdf2NbRound = 600_000 // SaltSizeInBytes is the size of the salt in bytes. SaltSizeInBytes = 16 // NonceSizeInBytes is the size of the nonce in bytes. NonceSizeInBytes = 12 )
Variables ¶
This section is empty.
Functions ¶
func NewSecretCipher ¶
NewSecretCipher initializes a new AEAD cipher using AES-GCM and PBKDF2 for key derivation. Note: The returned locked buffer containing the secret key is to be destroy as soon as possible.
func SealSecret ¶
SealSecret encrypts a given secret using the provided AEAD cipher and nonce.
func UnsealSecret ¶
func UnsealSecret(aeadCipher cipher.AEAD, nonce []byte, encryptedSecret []byte) (*memguard.LockedBuffer, error)
UnsealSecret decrypts an encrypted secret using the provided AEAD cipher and nonce. The decrypted secret is securely stored in a memguard locked buffer. Note: The returned locked buffer is to be destroy as soon as possible.
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.