signencrypt

package
v1.0.29 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 7, 2017 License: BSD-3-Clause, BSD-3-Clause Imports: 8 Imported by: 0

Documentation

Index

Constants

View Source
const DefaultPlaintextChunkLength = 1 << 20
View Source
const NonceSize = 16
View Source
const SecretboxKeySize = 32
View Source
const SecretboxNonceSize = 24

Variables

This section is empty.

Functions

func GetSealedSize

func GetSealedSize(plaintextLen int) int

func NewDecodingReader

func NewDecodingReader(encKey SecretboxKey, verifyKey VerifyKey, signaturePrefix libkb.SignaturePrefix, nonce Nonce, innerReader io.Reader) io.Reader

func NewEncodingReader

func NewEncodingReader(encKey SecretboxKey, signKey SignKey, signaturePrefix libkb.SignaturePrefix, nonce Nonce, innerReader io.Reader) io.Reader

NewEncodingReader creates a new streaming encoder. The signaturePrefix argument must not contain the null container.

func NewError

func NewError(errorType ErrorType, message string, args ...interface{}) error

func OpenWhole

func OpenWhole(sealed []byte, encKey SecretboxKey, verifyKey VerifyKey, signaturePrefix libkb.SignaturePrefix, nonce Nonce) ([]byte, error)

func SealWhole

func SealWhole(plaintext []byte, encKey SecretboxKey, signKey SignKey, signaturePrefix libkb.SignaturePrefix, nonce Nonce) []byte

SealWhole seals all at once using the streaming encoding.

Types

type Decoder

type Decoder struct {
	// contains filtered or unexported fields
}

func NewDecoder

func NewDecoder(encKey SecretboxKey, verifyKey VerifyKey, signaturePrefix libkb.SignaturePrefix, nonce Nonce) *Decoder

func (*Decoder) ChangePlaintextChunkLenForTesting

func (d *Decoder) ChangePlaintextChunkLenForTesting(plaintextChunkLen int)

func (*Decoder) Finish

func (d *Decoder) Finish() ([]byte, error)

Finish decodes any remaining bytes as a short (or empty) packet. This produces the final bytes of the plaintext, and implicitly checks for truncation. This should only be called once, and after that you can't use this decoder again.

func (*Decoder) Write

func (d *Decoder) Write(ciphertext []byte) ([]byte, error)

Write ciphertext bytes into the decoder. If any packets are ready to open, open them and either return their plaintext bytes as output or any error that comes up. Callers must call Finish() when they're done, to decode the final short packet and check for truncation. If Write ever returns an error, subsequent calls to Write will always return the same error.

type Encoder

type Encoder struct {
	// contains filtered or unexported fields
}

func NewEncoder

func NewEncoder(encKey SecretboxKey, signKey SignKey, signaturePrefix libkb.SignaturePrefix, nonce Nonce) *Encoder

func (*Encoder) ChangePlaintextChunkLenForTesting

func (e *Encoder) ChangePlaintextChunkLenForTesting(plaintextChunkLen int)

func (*Encoder) Finish

func (e *Encoder) Finish() []byte

Finish writes out any remaining buffered input bytes (possibly zero bytes) as a short chunk. This should only be called once, and after that you can't use this encoder again.

func (*Encoder) Write

func (e *Encoder) Write(plaintext []byte) []byte

Write plaintext bytes into the encoder. If any output bytes are ready, return them. Callers must call Finish() when they're done, so that any remaining input bytes can be written out as a short (or empty) chunk. Otherwise you will both lose data and cause truncation errors on decoding.

type Error

type Error struct {
	Type    ErrorType
	Message string
}

func (Error) Error

func (e Error) Error() string

type ErrorType

type ErrorType int
const (
	BadSecretbox ErrorType = iota
	ShortSignature
	BadSignature
)

type Nonce

type Nonce *[NonceSize]byte

type SecretboxKey

type SecretboxKey *[SecretboxKeySize]byte

type SecretboxNonce

type SecretboxNonce *[SecretboxNonceSize]byte

type SignKey

type SignKey *[ed25519.PrivateKeySize]byte

type VerifyKey

type VerifyKey *[ed25519.PublicKeySize]byte

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL