package subtle

import "github.com/google/tink/go/streamingaead/subtle"

Package subtle provides subtle implementations of the Streaming AEAD primitive.

Index

Constants

const (
	// AESCTRHMACNonceSizeInBytes is the size of the nonces used as IVs for CTR.
	AESCTRHMACNonceSizeInBytes = 16

	// AESCTRHMACNoncePrefixSizeInBytes is the size of the nonce prefix.
	AESCTRHMACNoncePrefixSizeInBytes = 7

	// AESCTRHMACKeySizeInBytes is the size of the HMAC key.
	AESCTRHMACKeySizeInBytes = 32
)
const (
	// AESGCMHKDFNonceSizeInBytes is the size of the nonces used for GCM.
	AESGCMHKDFNonceSizeInBytes = 12

	// AESGCMHKDFNoncePrefixSizeInBytes is the size of the randomly generated
	// nonce prefix.
	AESGCMHKDFNoncePrefixSizeInBytes = 7

	// AESGCMHKDFTagSizeInBytes is the size of the tags of each ciphertext
	// segment.
	AESGCMHKDFTagSizeInBytes = 16
)

Types

type AESCTRHMAC

type AESCTRHMAC struct {
	MainKey []byte
	// contains filtered or unexported fields
}

AESCTRHMAC implements streaming AEAD encryption using AES-CTR and HMAC.

Each ciphertext uses new AES-CTR and HMAC keys. These keys are derived using HKDF and are derived from the key derivation key, a randomly chosen salt of the same size as the key and a nonce prefix.

func NewAESCTRHMAC

func NewAESCTRHMAC(
	mainKey []byte,
	hkdfAlg string,
	keySizeInBytes int,
	tagAlg string,
	tagSizeInBytes int,
	ciphertextSegmentSize int,
	firstSegmentOffset int,
) (*AESCTRHMAC, error)

NewAESCTRHMAC initializes an AESCTRHMAC primitive with a key derivation key and encryption parameters.

mainKey is input keying material used to derive sub keys.

hkdfAlg is a MAC algorithm name, e.g., HmacSha256, used for the HKDF key derivation.

keySizeInBytes is the key size of the sub keys.

tagAlg is the MAC algorithm name, e.g. HmacSha256, used for generating per segment tags.

tagSizeInBytes is the size of the per segment tags.

ciphertextSegmentSize is the size of ciphertext segments.

firstSegmentOffset is the offset of the first ciphertext segment.

func (*AESCTRHMAC) HeaderLength

func (a *AESCTRHMAC) HeaderLength() int

HeaderLength returns the length of the encryption header.

func (*AESCTRHMAC) NewDecryptingReader

func (a *AESCTRHMAC) NewDecryptingReader(r io.Reader, aad []byte) (io.Reader, error)

NewDecryptingReader returns a wrapper around underlying io.Reader, such that any read-operation via the wrapper results in AEAD-decryption of the underlying ciphertext, using aad as associated authenticated data.

func (*AESCTRHMAC) NewEncryptingWriter

func (a *AESCTRHMAC) NewEncryptingWriter(w io.Writer, aad []byte) (io.WriteCloser, error)

NewEncryptingWriter returns a wrapper around underlying io.Writer, such that any write-operation via the wrapper results in AEAD-encryption of the written data, using aad as associated authenticated data. The associated data is not included in the ciphertext and has to be passed in as parameter for decryption.

type AESGCMHKDF

type AESGCMHKDF struct {
	MainKey []byte
	// contains filtered or unexported fields
}

AESGCMHKDF implements streaming AEAD encryption using AES-GCM.

Each ciphertext uses a new AES-GCM key. These keys are derived using HKDF and are derived from the key derivation key, a randomly chosen salt of the same size as the key and a nonce prefix.

func NewAESGCMHKDF

func NewAESGCMHKDF(
	mainKey []byte,
	hkdfAlg string,
	keySizeInBytes int,
	ciphertextSegmentSize int,
	firstSegmentOffset int,
) (*AESGCMHKDF, error)

NewAESGCMHKDF initializes a streaming primitive with a key derivation key and encryption parameters.

mainKey is an input keying material used to derive sub keys.

hkdfAlg is a MAC algorithm name, e.g., HmacSha256, used for the HKDF key derivation.

keySizeInBytes argument is a key size of the sub keys.

ciphertextSegmentSize argument is the size of ciphertext segments.

firstSegmentOffset argument is the offset of the first ciphertext segment.

func (*AESGCMHKDF) HeaderLength

func (a *AESGCMHKDF) HeaderLength() int

HeaderLength returns the length of the encryption header.

func (*AESGCMHKDF) NewDecryptingReader

func (a *AESGCMHKDF) NewDecryptingReader(r io.Reader, aad []byte) (io.Reader, error)

NewDecryptingReader returns a wrapper around underlying io.Reader, such that any read-operation via the wrapper results in AEAD-decryption of the underlying ciphertext, using aad as associated authenticated data.

func (*AESGCMHKDF) NewEncryptingWriter

func (a *AESGCMHKDF) NewEncryptingWriter(w io.Writer, aad []byte) (io.WriteCloser, error)

NewEncryptingWriter returns a wrapper around underlying io.Writer, such that any write-operation via the wrapper results in AEAD-encryption of the written data, using aad as associated authenticated data. The associated data is not included in the ciphertext and has to be passed in as parameter for decryption.

Source Files

aes_ctr_hmac.go aes_gcm_hkdf.go subtle.go

Directories

PathSynopsis
streamingaead/subtle/noncebasedPackage noncebased provides a reusable streaming AEAD framework.
Version
v1.7.0 (latest)
Published
Aug 10, 2022
Platform
linux/amd64
Imports
10 packages
Last checked
3 months ago

Tools for package owners.