crypto

package
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 3, 2025 License: MIT Imports: 23 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DecryptFile 

func DecryptFile(password, salt string, keySize int, inputPath, outputPath string) error

DecryptFile decrypts a file that was encrypted with EncryptFile

func DeriveKey 

func DeriveKey(opts KDFOptions) ([]byte, error)

DeriveKey derives a key using the specified algorithm and parameters

func EncryptFile 

func EncryptFile(password, salt string, keySize int, inputPath, outputPath string) error

EncryptFile encrypts a file using AES encryption with CBC mode The key is derived using scrypt from the password and salt The IV is randomly generated and prepended to the encrypted data

func GenerateHMAC 

func GenerateHMAC(algorithm, key, encoding, filePath string) (string, error)

GenerateHMAC generates an HMAC for the given input using the specified algorithm, key, and encoding

func GenerateHash 

func GenerateHash(algorithm, encoding, filePath string) (string, error)

func GeneratePRNG 

func GeneratePRNG(t string, size int, encoding string, min, max int64) (string, error)

func GenerateRandomSalt 

func GenerateRandomSalt(length int) ([]byte, error)

GenerateRandomSalt generates a random salt of specified length

func GetPBKDF2Presets 

func GetPBKDF2Presets() map[string]int

GetPBKDF2Presets returns common PBKDF2 iteration presets

func GetScryptPresets 

func GetScryptPresets() map[string]ScryptOptions

GetScryptPresets returns common scrypt parameter presets

func SaveKeyPairToFiles 

func SaveKeyPairToFiles(keyPair *KeyPair, outDir string, format KeyFormat) error

SaveKeyPairToFiles saves the key pair to files in the specified directory

func SignData 

func SignData(data []byte, opts SignOptions) ([]byte, error)

SignData signs data using RSA private key

func SignFile 

func SignFile(opts SignOptions) ([]byte, error)

SignFile signs a file using RSA private key

func SignFromReader 

func SignFromReader(reader io.Reader, opts SignOptions) ([]byte, error)

SignFromReader signs data from an io.Reader

func ValidateScryptParameters 

func ValidateScryptParameters(N, r, p int) error

ValidateScryptParameters validates scrypt parameters for safety

func VerifyData 

func VerifyData(data, signature []byte, opts VerifyOptions) error

VerifyData verifies a signature against data using RSA public key

func VerifyFile 

func VerifyFile(opts VerifyOptions) error

VerifyFile verifies a signature against a file using RSA public key

func VerifyFromReader 

func VerifyFromReader(reader io.Reader, signature []byte, opts VerifyOptions) error

VerifyFromReader verifies a signature against data from an io.Reader

Types

type DiffieHellmanParams 

type DiffieHellmanParams struct {
	Prime                  string
	PrimeEncoding          string
	Generator              string
	GeneratorEncoding      string
	PrivateKey             string
	PrivateKeyEncoding     string
	OtherPublicKey         string
	OtherPublicKeyEncoding string
}

DiffieHellmanParams represents parameters for computing shared secret

type DiffieHellmanResult 

type DiffieHellmanResult struct {
	Prime      string `json:"prime"`
	Generator  string `json:"generator"`
	PublicKey  string `json:"publicKey"`
	PrivateKey string `json:"privateKey"`       // Should be kept secret
	Secret     string `json:"secret,omitempty"` // Only present when computing shared secret
}

DiffieHellmanResult represents the result of Diffie-Hellman operations

func ComputeDiffieHellmanSecret 

func ComputeDiffieHellmanSecret(params DiffieHellmanParams, encoding string) (*DiffieHellmanResult, error)

ComputeDiffieHellmanSecret computes the shared secret using the other party's public key

func GenerateDiffieHellmanKeys 

func GenerateDiffieHellmanKeys(encoding string) (*DiffieHellmanResult, error)

GenerateDiffieHellmanKeys generates new Diffie-Hellman key pair using modp14 group

type KDFAlgorithm 

type KDFAlgorithm string

KDFAlgorithm represents the key derivation function algorithm 

const (
	Scrypt       KDFAlgorithm = "scrypt"
	PBKDF2SHA1   KDFAlgorithm = "pbkdf2-sha1"
	PBKDF2SHA256 KDFAlgorithm = "pbkdf2-sha256"
	PBKDF2SHA512 KDFAlgorithm = "pbkdf2-sha512"
)

type KDFOptions 

type KDFOptions struct {
	Algorithm KDFAlgorithm
	Password  string
	Salt      string
	KeyLen    int
	Encoding  string
	// Scrypt specific
	N int // CPU/memory cost (default: 32768)
	R int // Block size (default: 8)
	P int // Parallelization (default: 1)
	// PBKDF2 specific
	Iterations int    // Number of iterations (default: 100000)
	HashFunc   string // Hash function for PBKDF2 (default: sha256)
}

KDFOptions contains the options for key derivation

type KeyFormat 

type KeyFormat string

KeyFormat represents the output format for keys 

const (
	PEM KeyFormat = "pem"
	DER KeyFormat = "der"
)

type KeyPair 

type KeyPair struct {
	PublicKey  []byte
	PrivateKey []byte
}

KeyPair represents a generated key pair

func GenerateKeyPair 

func GenerateKeyPair(opts KeyPairOptions) (*KeyPair, error)

GenerateKeyPair generates a new RSA key pair with the specified options

type KeyPairOptions 

type KeyPairOptions struct {
	Type          KeyPairType
	ModulusLength int // 2048, 3072, or 4096
	Passphrase    string
	Format        KeyFormat
	AESKeySize    int // 128, 192, or 256 for AES encryption of private key
}

KeyPairOptions contains the options for key pair generation

type KeyPairType 

type KeyPairType string

KeyPairType represents the type of key pair to generate 

const (
	RSA    KeyPairType = "rsa"
	RSAPSS KeyPairType = "rsa-pss"
)

type PBKDF2Options 

type PBKDF2Options struct {
	Password   string
	Salt       string
	KeyLen     int    // Output key length in bytes
	Iterations int    // Number of iterations
	HashFunc   string // Hash function: sha1, sha256, sha512
	Encoding   string
}

PBKDF2Options contains the options for PBKDF2 key derivation

type ScryptOptions 

type ScryptOptions struct {
	Password string
	Salt     string
	KeyLen   int // Output key length in bytes
	N        int // CPU/memory cost parameter (must be power of 2)
	R        int // Block size parameter
	P        int // Parallelization parameter
	Encoding string
}

ScryptOptions contains the options for scrypt key derivation

type SignOptions 

type SignOptions struct {
	Algorithm      SignatureAlgorithm
	InputFile      string
	PrivateKeyFile string
	Passphrase     string
	Encoding       string
}

SignOptions contains the options for signing

type SignatureAlgorithm 

type SignatureAlgorithm string

SignatureAlgorithm represents the signing algorithm 

const (
	RSASHA256 SignatureAlgorithm = "RSA-SHA256"
	RSASHA512 SignatureAlgorithm = "RSA-SHA512"
	RSAPSS256 SignatureAlgorithm = "RSA-PSS-SHA256"
	RSAPSS512 SignatureAlgorithm = "RSA-PSS-SHA512"
)

type VerifyOptions 

type VerifyOptions struct {
	Algorithm     SignatureAlgorithm
	InputFile     string
	PublicKeyFile string
	SignatureFile string
	Encoding      string
}

VerifyOptions contains the options for verification

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.