Documentation
¶
Overview ¶
Package cryptutil provides AES-256-GCM symmetric encryption and decryption with PBKDF2 key derivation. It supports functional options for iteration count and base64 output encoding.
Index ¶
- Constants
- func Decrypt(data []byte, password string, opts ...Option) ([]byte, error)
- func DeriveKey(password string, salt []byte, iterations, keySize int) []byte
- func Encrypt(plaintext []byte, password string, opts ...Option) ([]byte, error)
- func GenerateKey(size int) (string, error)
- type Option
- type Options
Constants ¶
const ( SaltSize = 16 KeySize = 32 // AES-256 NonceSize = 12 // GCM nonce size DefaultIter = 100000 )
Variables ¶
This section is empty.
Functions ¶
func Decrypt ¶
Decrypt decrypts data encrypted by Encrypt using AES-256-GCM with PBKDF2 key derivation. Input should be salt + nonce + ciphertext (raw bytes), or base64-encoded if WithBase64 is set.
func Encrypt ¶
Encrypt encrypts plaintext using AES-256-GCM with PBKDF2 key derivation. Returns salt + nonce + ciphertext as raw bytes, or base64-encoded if WithBase64 is set.
func GenerateKey ¶
GenerateKey generates a random encryption key of the specified size and returns it base64-encoded.
Types ¶
type Option ¶
type Option func(*Options)
Option is a functional option for encryption/decryption
func WithIterations ¶
WithIterations sets the PBKDF2 iteration count
Source Files