Documentation ¶
Index ¶
- Variables
- func NewReader(r io.Reader, k Key, extra ...[]byte) (io.Reader, error)
- func NewWriter(w io.Writer, k Key, extra ...[]byte) io.WriteCloser
- func RegisterCipher(name string, f KeyFactory)
- type CompositeKey
- func (c CompositeKey) Decrypt(text []byte, extra ...[]byte) ([]byte, error)
- func (c CompositeKey) DecryptMarshal(s string, target interface{}, extra ...[]byte) error
- func (c CompositeKey) DecryptUncap(text []byte, extra ...[]byte) (Key, []byte, error)
- func (c CompositeKey) Encrypt(text []byte, extra ...[]byte) ([]byte, error)
- func (c CompositeKey) EncryptMarshal(i interface{}, extra ...[]byte) (string, error)
- func (c CompositeKey) String() (string, error)
- func (c CompositeKey) Wait()
- type ErrorKey
- func (e ErrorKey) Decrypt(t []byte, extra ...[]byte) ([]byte, error)
- func (e ErrorKey) DecryptMarshal(s string, i interface{}, extra ...[]byte) error
- func (e ErrorKey) Encrypt(t []byte, extra ...[]byte) ([]byte, error)
- func (e ErrorKey) EncryptMarshal(i interface{}, extra ...[]byte) (string, error)
- func (e ErrorKey) String() (string, error)
- func (e ErrorKey) Wait()
- type Key
- type KeyFactory
Examples ¶
Constants ¶
This section is empty.
Variables ¶
var LogErrorFunc = log.Println
Functions ¶
func NewReader ¶
NewReader returns a new Reader which is able to decrypt the source io.Reader. It returns an error if the source io.Reader is unreadable with the provided Key and extras.
Example ¶
package main import ( "bytes" "io" "os" "github.com/ovh/symmecrypt" "github.com/ovh/symmecrypt/keyloader" ) func main() { k, err := keyloader.LoadKey("test") if err != nil { panic(err) } encryptedContent, err := k.Encrypt([]byte("secret content")) if err != nil { panic(err) } src := bytes.NewReader(encryptedContent) reader, err := symmecrypt.NewReader(src, k) if err != nil { panic(err) } _, err = io.Copy(os.Stdout, reader) if err != nil { panic(err) } }
Output:
func NewWriter ¶
NewWriter instantiates an io.WriteCloser to help you encrypt while you write in a standard io.Writer. Internally it stores in an internal buffer the content you want to encrypt. This internal is flushed, encrypted and write to the targeted io.Writer on Close().
Example ¶
package main import ( "os" "github.com/ovh/symmecrypt" "github.com/ovh/symmecrypt/keyloader" ) func main() { k, err := keyloader.LoadKey("test") if err != nil { panic(err) } w := symmecrypt.NewWriter(os.Stdout, k) _, err = w.Write([]byte("secret content")) if err != nil { panic(err) } err = w.Close() if err != nil { panic(err) } }
Output:
func RegisterCipher ¶
func RegisterCipher(name string, f KeyFactory)
RegisterCipher registers a custom cipher. Useful for backwards compatibility or very specific needs, otherwise the provided implementations are recommended.
Types ¶
type CompositeKey ¶
type CompositeKey []Key
CompositeKey provides a keyring mechanism: encrypt with first, decrypt with _any_
func (CompositeKey) Decrypt ¶
func (c CompositeKey) Decrypt(text []byte, extra ...[]byte) ([]byte, error)
Decrypt arbitrary data with _any_ key
func (CompositeKey) DecryptMarshal ¶
func (c CompositeKey) DecryptMarshal(s string, target interface{}, extra ...[]byte) error
DecryptMarshal decrypts an object with _any_ key
func (CompositeKey) DecryptUncap ¶ added in v0.5.0
DecryptUncap decrypts abitrary data with _any_ key, and returns the key that was used. Useful for batch processes which may want to repeat decrypt operations using the same key without going through the key ring logic each time.
func (CompositeKey) Encrypt ¶
func (c CompositeKey) Encrypt(text []byte, extra ...[]byte) ([]byte, error)
Encrypt arbitrary data with the first key (highest priority)
func (CompositeKey) EncryptMarshal ¶
func (c CompositeKey) EncryptMarshal(i interface{}, extra ...[]byte) (string, error)
EncryptMarshal encrypts an object with the first key (highest priority)
func (CompositeKey) String ¶
func (c CompositeKey) String() (string, error)
String is not implemented for composite keys
type ErrorKey ¶
type ErrorKey struct {
Error error
}
ErrorKey is a helper implementation that always returns an error
func (ErrorKey) DecryptMarshal ¶
DecryptMarshal returns the predefined error
func (ErrorKey) EncryptMarshal ¶
EncryptMarshal returns the predefined error
type Key ¶
type Key interface { Encrypt([]byte, ...[]byte) ([]byte, error) Decrypt([]byte, ...[]byte) ([]byte, error) EncryptMarshal(interface{}, ...[]byte) (string, error) DecryptMarshal(string, interface{}, ...[]byte) error Wait() String() (string, error) }
Key is an abstraction of a symmetric encryption key - Encrypt / Decrypt provide low-level data encryption, with extra data for MAC - EncryptMarshal / DecryptMarshal build on top of that, working with a JSON representation of an object - Wait blocks until the Key is ready to be used (noop for the default implementation, useful for keys that need to be activated somehow)
func NewRandomKey ¶
NewRandomKey instantiates a new random key with a given cipher.
type KeyFactory ¶
type KeyFactory interface { NewKey(string) (Key, error) NewRandomKey() (Key, error) NewSequenceKey(string) (Key, error) NewRandomSequenceKey() (Key, error) KeyLen() int }
A KeyFactory instantiates a Key
func GetKeyFactory ¶
func GetKeyFactory(name string) (KeyFactory, error)
GetKeyFactory retrieves the factory function from a cipher name