crypto

package
v0.0.31 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 18, 2025 License: MIT Imports: 21 Imported by: 0

Documentation

Overview

Package crypto provides the cryptographic functions required within the SDK.

There are two kinds of decrypted data:

  • Metadata means any small string data, typically file metadata, but also e.g. directory names.
  • Data means file content.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DeriveKEKAndAuthFromPassword added in v0.0.5 

func DeriveKEKAndAuthFromPassword(password string, salt string) (*EncryptionKey, DerivedPassword, error)

DeriveKEKAndAuthFromPassword returns a KEK and a DerivedPassword derived from the user password

func DeriveMKAndAuthFromPassword added in v0.0.5 

func DeriveMKAndAuthFromPassword(password string, salt string) (*MasterKey, DerivedPassword, error)

DeriveMKAndAuthFromPassword returns a MasterKey and a DerivedPassword

func GenerateRandomBytes added in v0.0.5 

func GenerateRandomBytes(length int) []byte

GenerateRandomBytes generates a cryptographically secure random byte array

func GenerateRandomString 

func GenerateRandomString(length int) string

GenerateRandomString generates a cryptographically secure random string based on a selection of alphanumerical characters.

func PublicKeyFromString added in v0.0.18 

func PublicKeyFromString(pubKey string) (*rsa.PublicKey, error)

PublicKeyFromString returns a public key from a base64 encoded string

func RSAKeyPairFromStrings added in v0.0.5 

func RSAKeyPairFromStrings(privKey string, pubKey string) (*rsa.PrivateKey, *rsa.PublicKey, error)

RSAKeyPairFromStrings returns a private and public key pair from base64 encoded strings

func RunSHA512 added in v0.0.18 

func RunSHA512(b []byte) []byte

func V1Decrypt added in v0.0.20 

func V1Decrypt(data, key []byte) ([]byte, error)

V1Decrypt decrypts data using the V1 encryption scheme

func V1DeriveMasterKeyAndDerivedPass added in v0.0.22 

func V1DeriveMasterKeyAndDerivedPass(password string) (*MasterKey, DerivedPassword, error)

for backwards compatibility with V1 only

func V2Hash added in v0.0.18 

func V2Hash(data []byte) string

V2Hash hashes a string using the V2 algorithm this was used before HMACKey was introduced, and is still used in some places for v2 accounts

Types

type AllKeysFailedError 

type AllKeysFailedError struct {
	Errors []error // errors thrown in the process
}

AllKeysFailedError denotes that no key passed to [DecryptMetadataAllKeys] worked.

func (*AllKeysFailedError) Error 

func (e *AllKeysFailedError) Error() string

type AuthVersion added in v0.0.22 

type AuthVersion int

type DerivedPassword added in v0.0.5 

type DerivedPassword string

DerivedPassword is derived from the user password, and used to authenticate the user to the backend

func V1HashPassword added in v0.0.22 

func V1HashPassword(password string) DerivedPassword

for backwards compatibility with V1 only

type EncryptedString 

type EncryptedString string

EncryptedString denotes that a string is encrypted and can't be used meaningfully before being decrypted.

func NewEncryptedStringV2 added in v0.0.5 

func NewEncryptedStringV2(encrypted []byte, nonce [12]byte) EncryptedString

NewEncryptedStringV2 creates a new EncryptedString with the v2 format

func NewEncryptedStringV3 added in v0.0.5 

func NewEncryptedStringV3(encrypted []byte, nonce [12]byte) EncryptedString

NewEncryptedStringV3 creates a new EncryptedString with the v3 format

func PublicEncrypt added in v0.0.18 

func PublicEncrypt(publicKey *rsa.PublicKey, data string) (EncryptedString, error)

PublicEncrypt encrypts data using a public key

type EncryptionKey added in v0.0.5 

type EncryptionKey struct {
	Bytes  [32]byte
	Cipher cipher.AEAD
}

EncryptionKey is used to encrypt and decrypt data these keys are used as the v3 KEK, DEK and v2/v3 file Keys

func MakeEncryptionKeyFromBytes added in v0.0.5 

func MakeEncryptionKeyFromBytes(key [32]byte) (*EncryptionKey, error)

MakeEncryptionKeyFromBytes returns a new encryption key from a 32 byte array

func MakeEncryptionKeyFromStr added in v0.0.5 

func MakeEncryptionKeyFromStr(key string) (*EncryptionKey, error)

MakeEncryptionKeyFromStr returns a new encryption key from a 64 char hex encoded string

func MakeEncryptionKeyFromUnknownStr added in v0.0.5 

func MakeEncryptionKeyFromUnknownStr(key string) (*EncryptionKey, error)

MakeEncryptionKeyFromUnknownStr returns a new encryption key from either a 32 character string or a 64 character hex encoded string

func MakeNewFileKey added in v0.0.13 

func MakeNewFileKey(v FileEncryptionVersion) (*EncryptionKey, error)

MakeNewFileKey returns a new encryption key

func NewEncryptionKey added in v0.0.5 

func NewEncryptionKey() (*EncryptionKey, error)

NewEncryptionKey generates a new encryption key using a random 32 byte array

func (*EncryptionKey) DecryptData added in v0.0.5 

func (key *EncryptionKey) DecryptData(data []byte) ([]byte, error)

DecryptData decrypts file data using the encryption key returns the decrypted data, assumes that the nonce is the first 12 bytes

func (*EncryptionKey) DecryptMeta added in v0.0.5 

func (key *EncryptionKey) DecryptMeta(metadata EncryptedString) (string, error)

DecryptMeta should be avoided, and Filen.DecryptMeta should be used instead

func (*EncryptionKey) EncryptData added in v0.0.5 

func (key *EncryptionKey) EncryptData(data []byte) []byte

EncryptData encrypts file data using the encryption key generates a nonce and prepends it to the data

func (*EncryptionKey) EncryptMeta added in v0.0.5 

func (key *EncryptionKey) EncryptMeta(metadata string) EncryptedString

EncryptMeta should be avoided, and Filen.EncryptMeta should be used instead

func (*EncryptionKey) ToString added in v0.0.5 

func (key *EncryptionKey) ToString() string

ToString returns a 64 char hex encoded string representation of the encryption key

func (*EncryptionKey) ToStringWithVersion added in v0.0.22 

func (key *EncryptionKey) ToStringWithVersion(v FileEncryptionVersion) string

type FileEncryptionVersion added in v0.0.22 

type FileEncryptionVersion int

type HMACKey added in v0.0.15 

type HMACKey [32]byte

HMACKey is a 256 bit key used as a generic hashing key any time we want a hash of a string

func MakeHMACKey added in v0.0.15 

func MakeHMACKey(privateKey *rsa.PrivateKey) HMACKey

MakeHMACKey derives a 256 bit key from a private key this is to allow a single key to derivable from both V2 and V3 accounts

func (HMACKey) Hash added in v0.0.15 

func (h HMACKey) Hash(data []byte) string

Hash hashes a string using the key

type MasterKey added in v0.0.5 

type MasterKey struct {
	Bytes        []byte
	DerivedBytes [32]byte
	// contains filtered or unexported fields
}

MasterKey is a key used to encrypt and decrypt metadata in the v1 and v2 encryption schemes

func NewMasterKey added in v0.0.5 

func NewMasterKey(key []byte) (*MasterKey, error)

NewMasterKey creates a new MasterKey from a byte slice

func (*MasterKey) DecryptMeta added in v0.0.5 

func (m *MasterKey) DecryptMeta(metadata EncryptedString) (string, error)

DecryptMeta should be avoided, and Filen.DecryptMeta should be used instead

func (*MasterKey) DecryptMetaV2 added in v0.0.5 

func (m *MasterKey) DecryptMetaV2(metadata EncryptedString) (string, error)

DecryptMetaV2 should be avoided, and Filen.DecryptMeta should be used instead

func (*MasterKey) EncryptMeta added in v0.0.5 

func (m *MasterKey) EncryptMeta(metadata string) EncryptedString

EncryptMeta should be avoided, and Filen.EncryptMeta should be used instead

type MasterKeys added in v0.0.5 

type MasterKeys []MasterKey

MasterKeys is a slice of MasterKey, this is used by the V1 and V2 encryption schemes

func NewMasterKeys added in v0.0.5 

func NewMasterKeys(encryptionKey MasterKey, stringKeys string) (MasterKeys, error)

NewMasterKeys creates a new MasterKeys slice

func (*MasterKeys) DecryptMeta added in v0.0.5 

func (ms *MasterKeys) DecryptMeta(encrypted EncryptedString) (string, error)

DecryptMeta should be avoided, and Filen.DecryptMeta should be used instead, but this is necessary for RSA Keypair decryption

func (*MasterKeys) DecryptMetaV1 added in v0.0.5 

func (ms *MasterKeys) DecryptMetaV1(metadata EncryptedString) (string, error)

DecryptMetaV1 should be avoided, and Filen.DecryptMeta should be used instead

func (*MasterKeys) DecryptMetaV2 added in v0.0.5 

func (ms *MasterKeys) DecryptMetaV2(metadata EncryptedString) (string, error)

DecryptMetaV2 should be avoided, and Filen.DecryptMeta should be used instead

func (*MasterKeys) EncryptMeta added in v0.0.5 

func (ms *MasterKeys) EncryptMeta(metadata string) EncryptedString

EncryptMeta should be avoided, and Filen.EncryptMeta should be used instead

type MetaCrypter added in v0.0.14 

type MetaCrypter interface {
	EncryptMeta(metadata string) EncryptedString
	DecryptMeta(encrypted EncryptedString) (string, error)
}

type MetadataEncryptionVersion added in v0.0.22 

type MetadataEncryptionVersion int

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.