encryption

package
v0.0.0-...-8128911 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 1, 2026 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrInvalidVaultKeyOrCorrupted = errors.New("Failed to unlock vault. The password may be incorrect or the vault file may be corrupted.")
	ErrVaultNotFound              = errors.New("vault not found")
)

Functions

func CreateAndUpdateVault 

func CreateAndUpdateVault(fileDEK []byte, fileID uuid.UUID, Verbose bool) error

Create vault if it doesn't exist, updates it and also generate user relevant errors

func DecryptAndHashStreaming 

func DecryptAndHashStreaming(src io.Reader, dst io.Writer, dek []byte) ([]byte, error)

-Decrypts streaming -Always computes SHA-256 of plaintext -Optionally writes plaintext (if dst != nil) Returns computed hash bytes

func DecryptVault 

func DecryptVault(encData []byte, vaultMasterKey []byte) ([]byte, error)

Decrypt vault data

func DeleteVault 

func DeleteVault() error

Delete vault

func DeriveDEK 

func DeriveDEK(passphrase string, salt []byte) []byte

func DeriveVaultMasterKey 

func DeriveVaultMasterKey(password string) ([]byte, error)

Derive Vault Master Key

func EncryptAndStoreVault 

func EncryptAndStoreVault(vaultData Vault, vaultMasterKey []byte) error

Stores the encrypted vault data in the users home directory ~/.hashdrop/vault.enc

func EncryptFileStreaming 

func EncryptFileStreaming(src io.Reader, dst io.Writer, dek []byte) error

Encrypt file in chunks. [ nonce ][ 4-byte length ][ ciphertext+tag ]

func EncryptVault 

func EncryptVault(vaultBytes []byte, vaultMasterKey []byte) ([]byte, error)

Encrypt vault data using AES-GCM standard returns [nonce][ciphertext+tag]

func GenerateDEKfromPassphrase 

func GenerateDEKfromPassphrase(passphrase string) (key []byte, salt []byte, err error)

Generate DEK from passphrase for no-vault users

func GenerateRandomDEK 

func GenerateRandomDEK() ([]byte, error)

Generate random DEK for vault users

func GenerateVaultMasterKey 

func GenerateVaultMasterKey(password string) (key []byte, err error)

Generate Vault Master Key from password string

func ObtainFileEncryptionKey 

func ObtainFileEncryptionKey(noVault, verbose bool) (fileDEK []byte, fileSalt []byte, err error)

Create Data Encryption Key for vault user and no-vault users and also generate user relevant errors

func StoreVaultMetadata 

func StoreVaultMetadata(metadata VaultKeyMetadata) error

Store the meta data in the users home directory ~/.hashdrop/vault_meta.json

func VaultExists 

func VaultExists() (bool, error)

Check if vault exists

Types

type ArgonParams 

type ArgonParams struct {
	Time    uint32 `json:"time"`
	Memory  uint32 `json:"memory"`
	Threads uint8  `json:"threads"`
	KeyLen  uint32 `json:"key_len"`
}

type Vault 

type Vault struct {
	Version int               `json:"version"`
	Entries map[string]string `json:"entries"`
}

Vault struct to store users Data encryption keys

func LoadVault 

func LoadVault(vaultMasterKey []byte) (Vault, error)

Load vault

type VaultKeyMetadata 

type VaultKeyMetadata struct {
	Version int         `json:"version"`
	Argon   ArgonParams `json:"argon"`
	Salt    []byte      `json:"vault_salt"`
}

Vault key meta data

func LoadVaultMetadata 

func LoadVaultMetadata() (VaultKeyMetadata, error)

Load vault metadata

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.