crypto

package
v0.0.0-...-23230b0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 19, 2019 License: MIT Imports: 11 Imported by: 0

Documentation

Overview

Package crypto implements generic crypto utility functions.

Package crypto is a generated protocol buffer package.

It is generated from these files: 

crypto/crypto.proto

It has these top-level messages: 

UserKey
ScryptConfig
CryptoEnvelope

Index

Constants

This section is empty.

Variables

View Source 
var CipherAlgo_name = map[int32]string{
	0: "AES256CTR",
}
View Source 
var CipherAlgo_value = map[string]int32{
	"AES256CTR": 0,
}
View Source 
var KeyAlgo_name = map[int32]string{
	0: "SCRYPT",
}
View Source 
var KeyAlgo_value = map[string]int32{
	"SCRYPT": 0,
}

Functions

func Decrypt 

func Decrypt(env *CryptoEnvelope, userKey Key, fn DecryptFn,
	hashFn func() hash.Hash) ([]byte, error)

Decrypt is a helper that uses function fn to decrypt env.Data.

It verifies env.HMAC with an HMAC based on the hash from hashFn and userKey.HMAC. It then uses userKey.Encryption and function fn to decrypt the cipher key and with it the command data.

func DecryptAESCTR 

func DecryptAESCTR(key, iv, ciphertext []byte) ([]byte, error)

DecryptAESCTR decrypts ciphertext using the AES-CTR stream cipher with key and initialization vector iv and returns plaintext.

func EncryptAESCTR 

func EncryptAESCTR(key, plaintext []byte) (iv, ciphertext []byte, err error)

EncryptAESCTR encrypts plaintext using the AES-CTR stream cipher.

The key length determines whether AES-128, 192 or 256 is used (see aes.NewCipher).

Returns the 16-byte initialization vector and ciphertext.

func Sign 

func Sign(signer hash.Hash, data ...[]byte) ([]byte, error)

Sign writes all given data to signer and returns the final checksum.

Types

type CipherAlgo 

type CipherAlgo int32

Supported encryption algorithms. 

const (
	CipherAlgo_AES256CTR CipherAlgo = 0
)

func (CipherAlgo) EnumDescriptor 

func (CipherAlgo) EnumDescriptor() ([]byte, []int)

func (CipherAlgo) String 

func (x CipherAlgo) String() string

type CryptoEnvelope 

type CryptoEnvelope struct {
	Hmac      []byte     `protobuf:"bytes,1,opt,name=hmac,proto3" json:"hmac,omitempty"`
	Iv        []byte     `protobuf:"bytes,2,opt,name=iv,proto3" json:"iv,omitempty"`
	Key       []byte     `protobuf:"bytes,3,opt,name=key,proto3" json:"key,omitempty"`
	Algorithm CipherAlgo `protobuf:"varint,4,opt,name=algorithm,enum=cmdsafe.CipherAlgo" json:"algorithm,omitempty"`
	UserKey   *UserKey   `protobuf:"bytes,5,opt,name=user_key,json=userKey" json:"user_key,omitempty"`
	Data      []byte     `protobuf:"bytes,6,opt,name=data,proto3" json:"data,omitempty"`
}

func Encrypt 

func Encrypt(plaintext []byte, userKey Key, fn EncryptFn,
	hashFn func() hash.Hash) (*CryptoEnvelope, error)

Encrypt is a helper that uses function fn to encrypt plaintext.

A random data encryption key is generated and itself encrypted with fn and userKey.Encryption. It is stored in the CryptoEnvelope.Key field with its initialisation vector prefixed.

All public data used in the encryption process is signed with an HMAC based on the hash from hashFn (e.g. sha256.New) and userKey.HMAC.

func (*CryptoEnvelope) Descriptor 

func (*CryptoEnvelope) Descriptor() ([]byte, []int)

func (*CryptoEnvelope) GetAlgorithm 

func (m *CryptoEnvelope) GetAlgorithm() CipherAlgo

func (*CryptoEnvelope) GetData 

func (m *CryptoEnvelope) GetData() []byte

func (*CryptoEnvelope) GetHmac 

func (m *CryptoEnvelope) GetHmac() []byte

func (*CryptoEnvelope) GetIv 

func (m *CryptoEnvelope) GetIv() []byte

func (*CryptoEnvelope) GetKey 

func (m *CryptoEnvelope) GetKey() []byte

func (*CryptoEnvelope) GetUserKey 

func (m *CryptoEnvelope) GetUserKey() *UserKey

func (*CryptoEnvelope) ProtoMessage 

func (*CryptoEnvelope) ProtoMessage()

func (*CryptoEnvelope) Reset 

func (m *CryptoEnvelope) Reset()

func (*CryptoEnvelope) String 

func (m *CryptoEnvelope) String() string

type DecryptFn 

type DecryptFn func(key, iv, ciphertext []byte) (plaintext []byte, err error)

DecryptFn is a generic cipher function as expected by Decrypt.

type EncryptFn 

type EncryptFn func(key, plaintext []byte) (iv, ciphertext []byte, err error)

EncryptFn is a generic cipher function as expected by Encrypt.

type Key 

type Key []byte

Key is a cryptographic key suitable for encryption.

func NewScryptKey 

func NewScryptKey(password, salt []byte, N, r, p int) (Key, error)

NewScryptKey derives two related 32-byte keys (see Encryption and HMAC) from password and returns them as a 64-byte Key.

See golang.org/x/crypto/scrypt Key for details on the cost parameters N, r, p.

func (Key) Encryption 

func (k Key) Encryption() []byte

Encryption returns the first half of k, which is meant to be used with an encryption algorithm such as AES-256.

func (Key) HMAC 

func (k Key) HMAC() []byte

HMAC returns the second half of k, which is meant to be used with an HMAC algorithm to secure the integrity of the encrypted data.

func (Key) Hash 

func (k Key) Hash() []byte

Hash returns an SHA-256 hash of k.

type KeyAlgo 

type KeyAlgo int32

Supported key derivation algorithms. 

const (
	KeyAlgo_SCRYPT KeyAlgo = 0
)

func (KeyAlgo) EnumDescriptor 

func (KeyAlgo) EnumDescriptor() ([]byte, []int)

func (KeyAlgo) String 

func (x KeyAlgo) String() string

type ScryptConfig 

type ScryptConfig struct {
	Salt []byte `protobuf:"bytes,1,opt,name=salt,proto3" json:"salt,omitempty"`
	N    int64  `protobuf:"varint,2,opt,name=n" json:"n,omitempty"`
	R    int32  `protobuf:"varint,3,opt,name=r" json:"r,omitempty"`
	P    int32  `protobuf:"varint,4,opt,name=p" json:"p,omitempty"`
}

func (*ScryptConfig) Descriptor 

func (*ScryptConfig) Descriptor() ([]byte, []int)

func (*ScryptConfig) GetN 

func (m *ScryptConfig) GetN() int64

func (*ScryptConfig) GetP 

func (m *ScryptConfig) GetP() int32

func (*ScryptConfig) GetR 

func (m *ScryptConfig) GetR() int32

func (*ScryptConfig) GetSalt 

func (m *ScryptConfig) GetSalt() []byte

func (*ScryptConfig) ProtoMessage 

func (*ScryptConfig) ProtoMessage()

func (*ScryptConfig) Reset 

func (m *ScryptConfig) Reset()

func (*ScryptConfig) String 

func (m *ScryptConfig) String() string

type UserKey 

type UserKey struct {
	Hash      []byte        `protobuf:"bytes,1,opt,name=hash,proto3" json:"hash,omitempty"`
	Algorithm KeyAlgo       `protobuf:"varint,2,opt,name=algorithm,enum=cmdsafe.KeyAlgo" json:"algorithm,omitempty"`
	Scrypt    *ScryptConfig `protobuf:"bytes,3,opt,name=scrypt" json:"scrypt,omitempty"`
}

The password key derivation configuration.

func (*UserKey) Descriptor 

func (*UserKey) Descriptor() ([]byte, []int)

func (*UserKey) GetAlgorithm 

func (m *UserKey) GetAlgorithm() KeyAlgo

func (*UserKey) GetHash 

func (m *UserKey) GetHash() []byte

func (*UserKey) GetScrypt 

func (m *UserKey) GetScrypt() *ScryptConfig

func (*UserKey) ProtoMessage 

func (*UserKey) ProtoMessage()

func (*UserKey) Reset 

func (m *UserKey) Reset()

func (*UserKey) String 

func (m *UserKey) String() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.
JackTT - Gopher 🇻🇳