Documentation ¶
Overview ¶
Package rfc8009 provides encryption and checksum methods as specified in RFC 8009
Index ¶
- func DecryptData(key, data []byte, e etype.EType) ([]byte, error)
- func DecryptMessage(key, ciphertext []byte, usage uint32, e etype.EType) ([]byte, error)
- func DeriveKey(protocolKey, label []byte, e etype.EType) []byte
- func DeriveRandom(protocolKey, usage []byte, e etype.EType) ([]byte, error)
- func EncryptData(key, data []byte, e etype.EType) ([]byte, []byte, error)
- func EncryptMessage(key, message []byte, usage uint32, e etype.EType) ([]byte, []byte, error)
- func GetIntegityHash(iv, c, key []byte, usage uint32, e etype.EType) ([]byte, error)
- func GetSaltP(salt, ename string) string
- func KDF_HMAC_SHA2(protocolKey, label, context []byte, kl int, e etype.EType) []byte
- func RandomToKey(b []byte) []byte
- func S2KparamsToItertions(s2kparams string) (int, error)
- func StringToKey(secret, salt, s2kparams string, e etype.EType) ([]byte, error)
- func StringToKeyIter(secret, salt string, iterations int, e etype.EType) ([]byte, error)
- func StringToPBKDF2(secret, salt string, iterations int, e etype.EType) []byte
- func VerifyIntegrity(key, ct []byte, usage uint32, etype etype.EType) bool
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DecryptData ¶
DecryptData decrypts the data provided using the methods specific to the etype provided as defined in RFC 8009.
func DecryptMessage ¶
DecryptMessage decrypts the message provided using the methods specific to the etype provided as defined in RFC 8009. The integrity of the message is also verified.
func DeriveKey ¶
DeriveKey derives a key from the protocol key based on the usage and the etype's specific methods.
https://tools.ietf.org/html/rfc8009#section-5
If the enctype is aes128-cts-hmac-sha256-128: Kc = KDF-HMAC-SHA2(base-key, usage | 0x99, 128) Ke = KDF-HMAC-SHA2(base-key, usage | 0xAA, 128) Ki = KDF-HMAC-SHA2(base-key, usage | 0x55, 128)
If the enctype is aes256-cts-hmac-sha384-192: Kc = KDF-HMAC-SHA2(base-key, usage | 0x99, 192) Ke = KDF-HMAC-SHA2(base-key, usage | 0xAA, 256) Ki = KDF-HMAC-SHA2(base-key, usage | 0x55, 192)
func DeriveRandom ¶
DeriveRandom for key derivation as defined in RFC 8009
func EncryptData ¶
EncryptData encrypts the data provided using methods specific to the etype provided as defined in RFC 8009.
func EncryptMessage ¶
EncryptMessage encrypts the message provided using the methods specific to the etype provided as defined in RFC 8009. The encrypted data is concatenated with its integrity hash to create an encrypted message.
func GetIntegityHash ¶
GetIntegityHash returns a keyed integrity hash of the bytes provided as defined in RFC 8009
func GetSaltP ¶
GetSaltP returns the salt value based on the etype name: https://tools.ietf.org/html/rfc8009#section-4
func KDF_HMAC_SHA2 ¶
KDF_HMAC_SHA2 key derivation: https://tools.ietf.org/html/rfc8009#section-3
func RandomToKey ¶
RandomToKey returns a key from the bytes provided according to the definition in RFC 8009.
func S2KparamsToItertions ¶
S2KparamsToItertions converts the string representation of iterations to an integer for RFC 8009.
func StringToKey ¶
StringToKey returns a key derived from the string provided according to the definition in RFC 8009.
func StringToKeyIter ¶
StringToKeyIter returns a key derived from the string provided according to the definition in RFC 8009.
func StringToPBKDF2 ¶
StringToPBKDF2 generates an encryption key from a pass phrase and salt string using the PBKDF2 function from PKCS #5 v2.0
Types ¶
This section is empty.