keyderivation

package
v2.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 16, 2024 License: Apache-2.0 Imports: 12 Imported by: 4

Documentation

Overview

Package keyderivation provides implementations of the keyset deriver primitive.

Example
package main

import (
	"fmt"
	"log"

	"github.com/tink-crypto/tink-go/v2/aead"
	"github.com/tink-crypto/tink-go/v2/keyderivation"
	"github.com/tink-crypto/tink-go/v2/keyset"
	"github.com/tink-crypto/tink-go/v2/prf"
)

func main() {
	template, err := keyderivation.CreatePRFBasedKeyTemplate(prf.HKDFSHA256PRFKeyTemplate(), aead.AES128GCMKeyTemplate())
	if err != nil {
		log.Fatal(err)
	}

	handle, err := keyset.NewHandle(template)
	if err != nil {
		log.Fatal(err)
	}

	deriver, err := keyderivation.New(handle)
	if err != nil {
		log.Fatal(err)
	}

	derivedHandle, err := deriver.DeriveKeyset([]byte("salt"))
	if err != nil {
		log.Fatal(err)
	}

	// Use the derived keyset.
	a, err := aead.New(derivedHandle)
	if err != nil {
		log.Fatal(err)
	}

	ciphertext, err := a.Encrypt([]byte("a secret message"), nil)
	if err != nil {
		log.Fatal(err)
	}

	plaintext, err := a.Decrypt(ciphertext, nil)
	if err != nil {
		log.Fatal(err)
	}

	fmt.Println(string(plaintext))
}
Output:

a secret message

Index

Examples

Constants

This section is empty.

Variables

This section is empty.

Functions

func CreatePRFBasedKeyTemplate

func CreatePRFBasedKeyTemplate(prfKeyTemplate, derivedKeyTemplate *tinkpb.KeyTemplate) (*tinkpb.KeyTemplate, error)

CreatePRFBasedKeyTemplate creates a PRF-Based Deriver key template with the specified PRF and derived key templates. If either the PRF or derived key templates are not supported by the registry, an error is returned.

Types

type KeysetDeriver

type KeysetDeriver interface {
	DeriveKeyset(salt []byte) (*keyset.Handle, error)
}

KeysetDeriver is the interface used to derive new keysets based on an additional input, the salt.

The salt is used to create the keyset using a pseudorandom function. Implementations must be indistinguishable from ideal KeysetDerivers, which, for every salt, generates a new random keyset and caches it.

func New

func New(handle *keyset.Handle) (KeysetDeriver, error)

New generates a new instance of the Keyset Deriver primitive.

Directories

Path Synopsis
internal
streamingprf
Package streamingprf provides implementations of streaming pseudorandom function families.
Package streamingprf provides implementations of streaming pseudorandom function families.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL