Documentation
¶
Index ¶
Constants ¶
const ( AEADAlgorithmAES256GCM AEADAlgorithm = "aes-256-gcm" AEADAlgorithmXChaCha20Poly1305 AEADAlgorithm = "xchacha20-poly1305" AEADKeySize = 32 DefaultAEADMaxPayloadSize = 64 * 1024 )
Variables ¶
var DefaultSalt = "crypto"
Functions ¶
Types ¶
type AEADAlgorithm ¶ added in v0.7.0
type AEADAlgorithm string
type AEADStreamOptions ¶ added in v0.7.0
type AEADStreamOptions struct {
Algorithm AEADAlgorithm
Key []byte
MaxPayloadSize int
}
AEADStreamOptions configures the framed AEAD stream reader and writer. Key must be a raw 32-byte AEAD key. Callers are responsible for deriving it from application secrets before constructing the stream.
The AEAD stream authenticates each frame and its order, but it does not authenticate end-of-stream. A clean EOF on a frame boundary is treated as normal stream termination. Protocols that need object/file truncation detection must authenticate a total length or final record at a higher layer.
For AES-256-GCM, this package enforces a per-stream limit of 2^32 frames. This is a local limit only; callers that reuse a key across multiple streams or directions must enforce the global per-key limit themselves or derive independent keys.
type AEADStreamReader ¶ added in v0.7.0
type AEADStreamReader struct {
// contains filtered or unexported fields
}
AEADStreamReader decrypts the framed AEAD stream produced by AEADStreamWriter.
It authenticates each frame and its order using the stream nonce, frame header, and incrementing frame nonce. Truncation inside a frame is returned as an error from the underlying reader, but EOF at a frame boundary is treated as normal stream termination and does not authenticate end-of-stream. AEADStreamReader is not safe for concurrent use by multiple goroutines.
func NewAEADStreamReader ¶ added in v0.7.0
func NewAEADStreamReader(r io.Reader, opts AEADStreamOptions) (*AEADStreamReader, error)
NewAEADStreamReader returns an io.Reader that decrypts framed AEAD records. It validates frame authentication and ordering, but EOF at a frame boundary is returned as a normal EOF; see AEADStreamOptions for end-of-stream behavior.
type AEADStreamWriter ¶ added in v0.7.0
type AEADStreamWriter struct {
// contains filtered or unexported fields
}
AEADStreamWriter encrypts plaintext into a framed AEAD stream.
The wire format is:
stream nonce || repeated frame
Each frame is:
uint32 ciphertext length || AEAD ciphertext and tag
The stream nonce is sent in cleartext and seeds the first frame nonce. Each subsequent frame increments that nonce by one. Each frame authenticates the stream nonce and frame length header as AAD, which binds frame order to the stream. AEADStreamWriter is not safe for concurrent use by multiple goroutines. Once Write returns an error, the writer remembers it and returns the same error from subsequent Write calls.
func NewAEADStreamWriter ¶ added in v0.7.0
func NewAEADStreamWriter(w io.Writer, opts AEADStreamOptions) (*AEADStreamWriter, error)
NewAEADStreamWriter returns an io.Writer that encrypts bytes into framed AEAD records. It is intended for connection-oriented streams. Close/final-record semantics are not part of this writer; see AEADStreamOptions for end-of-stream behavior.
type Reader ¶
type Reader struct {
// contains filtered or unexported fields
}
Reader is an io.Reader that can read encrypted bytes. Now it only supports aes-128-cfb.
Source Files