Documentation
¶
Index ¶
- type Secret
- func (s *Secret) ParseString(v string) error
- func (s *Secret) ReadFrom(r io.Reader) (int64, error)
- func (s Secret) String() string
- func (s Secret) Unwrap(ciphertext []byte, associatedData []byte) ([]byte, error)
- func (s Secret) Wrap(plaintext, associatedData []byte) ([]byte, error)
- func (s Secret) WriteTo(w io.Writer) (int64, error)
- type Store
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Secret ¶
type Secret [32]byte
Secret is a 256 bit secret key. It can wrap and unwrap session or data keys.
func (*Secret) ParseString ¶
ParseString parses v and sets the secret key to the parsed value, on success.
ParseString will always be able to successfully parse a string produced by Secret.String().
func (*Secret) ReadFrom ¶
ReadFrom sets the secret to the value read from r, if it could successfully parse whatever data r returns. It returns the first error encountered during reading, if any, and the number of bytes read from r.
func (Secret) String ¶
String returns the string representation of the secret key.
It is guaranteed that the returned string is valid JSON.
func (Secret) Unwrap ¶
Unwrap decrypts and verifies the ciphertext, verifies the associated data and, if successful, returns the resuting plaintext. It returns an error if ciphertext is malformed or not authentic.
func (Secret) Wrap ¶
Wrap encrypts and authenticates the plaintext, authenticates the associatedData and returns the resulting ciphertext.
It should be used to encrypt a session or data key provided as plaintext.
If the executing CPU provides AES hardware support, Wrap derives keys using AES and encrypts plaintexts using AES-GCM. Otherwise, Wrap derives keys using HChaCha20 and encrypts plaintexts using ChaCha20-Poly1305.