secret

package
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 24, 2025 License: MIT Imports: 3 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ErrDestroyed = errors.New("secret: material destroyed")

ErrDestroyed is returned when operations are attempted on a wiped object.

View Source 
var ErrNonceExhausted = errors.New("secret: nonce space exhausted")

ErrNonceExhausted signals that a counter has produced every possible value.

Functions

func CloneBytes 

func CloneBytes(b []byte) []byte

CloneBytes returns a deep copy of b. It is a convenience helper for callers needing to duplicate sensitive material before mutating it.

func WipeBytes 

func WipeBytes(b []byte)

WipeBytes overwrites the content of b with zeros and keeps it alive for the duration of the call to reduce the likelihood of compiler optimisations removing the zeroisation.

Types

type Counter96 

type Counter96 struct {
	// contains filtered or unexported fields
}

Counter96 manages 96-bit (12-byte) nonces using a monotonically increasing counter encoded as big-endian bytes.

func NewCounter96 

func NewCounter96(initial []byte) (*Counter96, error)

NewCounter96 constructs a Counter96 initialised to initial.

func (*Counter96) Destroy 

func (c *Counter96) Destroy()

Destroy zeroes the counter state and marks it as exhausted.

func (*Counter96) Next 

func (c *Counter96) Next() ([]byte, error)

Next returns the current nonce value and advances the internal counter.

func (*Counter96) Peek 

func (c *Counter96) Peek() ([]byte, error)

Peek returns a copy of the next nonce without advancing the counter.

type Counter192 

type Counter192 struct {
	// contains filtered or unexported fields
}

Counter192 manages 192-bit (24-byte) nonces.

func NewCounter192 

func NewCounter192(initial []byte) (*Counter192, error)

NewCounter192 constructs a Counter192 initialised to initial.

func (*Counter192) Destroy 

func (c *Counter192) Destroy()

Destroy zeroes the counter state and marks it as exhausted.

func (*Counter192) Next 

func (c *Counter192) Next() ([]byte, error)

Next returns the current nonce value and advances the counter.

func (*Counter192) Peek 

func (c *Counter192) Peek() ([]byte, error)

Peek returns the next nonce without incrementing the counter.

type Nonce 

type Nonce struct {
	// contains filtered or unexported fields
}

Nonce represents nonce or IV material tied to a specific length.

func NewNonce 

func NewNonce(size int) *Nonce

NewNonce returns a zeroed nonce buffer of the requested size.

func NonceFrom 

func NonceFrom(src []byte) *Nonce

NonceFrom copies src into a new Nonce instance.

func (*Nonce) Bytes 

func (n *Nonce) Bytes() ([]byte, error)

Bytes returns a copy of the nonce value.

func (*Nonce) Destroy 

func (n *Nonce) Destroy()

Destroy zeros the nonce and marks it as destroyed.

func (*Nonce) Len 

func (n *Nonce) Len() int

Len reports the length of the nonce in bytes.

func (*Nonce) Use 

func (n *Nonce) Use(fn func([]byte) error) error

Use exposes the nonce to fn. The slice must not escape the callback.

type SymmetricKey 

type SymmetricKey struct {
	// contains filtered or unexported fields
}

SymmetricKey represents key material that is automatically wiped when Destroy is invoked. It provides controlled access to the underlying bytes and ensures best-effort zeroization.

func NewSymmetricKey 

func NewSymmetricKey(size int) *SymmetricKey

NewSymmetricKey returns a zeroed symmetric key of the requested size.

func SymmetricKeyFrom 

func SymmetricKeyFrom(src []byte) *SymmetricKey

SymmetricKeyFrom copies src into a new SymmetricKey instance.

func (*SymmetricKey) Bytes 

func (k *SymmetricKey) Bytes() ([]byte, error)

Bytes returns a copy of the key material.

func (*SymmetricKey) Destroy 

func (k *SymmetricKey) Destroy()

Destroy zeros the key material and marks the key as destroyed.

func (*SymmetricKey) Len 

func (k *SymmetricKey) Len() int

Len reports the size of the key material in bytes.

func (*SymmetricKey) Use 

func (k *SymmetricKey) Use(fn func([]byte) error) error

Use exposes the key material to fn while ensuring it remains reachable for the duration of the call. The provided slice must not escape the callback.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.