Documentation
¶
Index ¶
- Constants
- Variables
- func DecryptFile(pass []byte, fileIn, fileOut string) error
- func EncryptFile(pass []byte, cp CostParams, fileIn, fileOut string) error
- func NewDec(pass []byte, r io.ReadSeeker) (io.ReadCloser, error)
- func NewEnc(pass []byte, cp CostParams, w io.Writer) (io.WriteCloser, error)
- type CostParams
- type CryptoHeader
Constants ¶
const ( Version uint16 = 1 FileExt = "lkd" //exported lengths LenHeader = lenHeader LenSig = lenSig )
Variables ¶
var ( // Cost profiles CostNormal = CostParams{ Time: defCostTime, Memory: defCostMem, Threads: defCostThread, } CostSlow = CostParams{ Time: defCostTime * 2, Memory: defCostMem, Threads: defCostThread + (defCostThread / 2), } CostFast = CostParams{ Time: defCostTime / 2, Memory: defCostMem, Threads: defCostThread, } )
var ( ErrTooSmall = errors.New("the provided io.ReadSeeker is too small to be an encrypted file") ErrSigMismatch = errors.New("the signature did not match the encypted data") //ErrBadSalt = errors.New("could not read salts from file") ErrVerMismatch = errors.New("invalid file version, version must be 1") )
var (
ErrBadPass = errors.New("password cannot be zero bytes")
)
Functions ¶
func DecryptFile ¶
DecryptFile will decrypt fileIn and store the plaintext result at fileOut
func EncryptFile ¶
func EncryptFile(pass []byte, cp CostParams, fileIn, fileOut string) error
EncryptFile will encrypt fileIn and store the encrypted result at fileOut
func NewDec ¶
func NewDec(pass []byte, r io.ReadSeeker) (io.ReadCloser, error)
NewDec returns an io.ReadCloser that will decrypt r. If the provided password is incorrect, an ErrSigMismatch will be returned. ErrSigMismatch may also indicate the encrypted file was tampered with, as there is no way to know if the key was wrong or the file is compromised.
The returned io.ReadCloser, must be closed once it is no longer needed, in order to clear the derived key from protected memory.
func NewEnc ¶
func NewEnc(pass []byte, cp CostParams, w io.Writer) (io.WriteCloser, error)
NewEnc takes a password, key derivation cost parameters, and an io.Writer and returns an io.WriteCloser that encrypts the data written to it.
Close must be called on the returned io.WriteCloser when finished writing and before the underlying io.Writer is closed, otherwise the WriteCloser will not know when to write the hmac-sha512 signature of the encrypted data
Types ¶
type CostParams ¶
type CryptoHeader ¶
type CryptoHeader struct {
Ver uint16
VerArgon uint16
Salt []byte
IV []byte
CostParams CostParams
}
a printable representation of a cryptoHeader
func ExtractCryptoHeader ¶
func ExtractCryptoHeader(b []byte) CryptoHeader
func (CryptoHeader) String ¶
func (ch CryptoHeader) String() string
Source Files