Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Unwrap ¶
func Unwrap(w *WrappedSecret, privKey *ecdsa.PrivateKey) ([]byte, error)
Unwrap decrypts a WrappedSecret instance.
Types ¶
type WrappedSecret ¶
type WrappedSecret struct {
//EncryptedData is the cypher text
EncryptedData []byte
//Tag is the AES GCM tag
Tag []byte
//EphermalPublicKey is the public key from the ephemeral keypair used to encrypt the data.
EphemeralPublicKey *ecdsa.PublicKey
}
WrappedSecret represents data encrypted using ecies, specifically with the kSecKeyAlgorithmECIESEncryptionCofactorVariableIVX963SHA256AESGCM algorithm supported on apple platforms. See https://darthnull.org/secure-enclave-ecies/ for more info.
func Wrap ¶
func Wrap(data []byte, target *ecdsa.PublicKey) (*WrappedSecret, error)
Wrap encrypts data using the kSecKeyAlgorithmECIESEncryptionCofactorVariableIVX963SHA256AESGCM algorithm supported on apple platforms. See https://darthnull.org/secure-enclave-ecies/ for more info. This algorithm:
- Generates a random ephemeral ECDH keypair
- Computes the shared secret between the ephemeral private key and the target public key using ECDH
- Uses the ANSI X9.63 Key Derivation algorithm to derive a 32 byte key from the shared secret, using the X9.63 public key format of the ephemeral public key as the shared info.
- Uses the first 16 bytes of the derived key as the AES-GCM key, and the last 16 bytes as the AES-GCM IV (nonce)
- Encrypts the data using AES-GCM.
Note: Because the IV is derived from the ephemeral public key and the ecdh shared secret, we don't need to store it as one normally would when doing AES-GCM encryption.
Only the P256 curve and SHA256 hash are supported.
Source Files