Documentation
¶
Overview ¶
Package hwnaclbox implements the NaCl box construction with hardware-backed private keys
This package provides alternative versions of the functions in golang.org/x/crypto/nacl/box which take an src.agwa.name/go-hwkey.ECDHer as the private key instead of a byte array. This lets you use hardware-backed private keys, such as the YubiKey (you'll need firmware 5.7.0 or higher).
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Open ¶
func Open(out, box []byte, nonce *[24]byte, peersPublicKey *[32]byte, privateKey hwkey.ECDHer) ([]byte, error)
Open authenticates and decrypts a box produced by golang.org/x/crypto/nacl/box.Seal and appends the message to out, which must not overlap box. The output will be golang.org/x/crypto/nacl/box.Overhead bytes smaller than box.
func OpenAnonymous ¶
OpenAnonymous authenticates and decrypts a box produced by golang.org/x/crypto/nacl/box.SealAnonymous and appends the message to out, which must not overlap box. The output will be golang.org/x/crypto/nacl/box.AnonymousOverhead bytes smaller than box.
func Precompute ¶
Precompute calculates the shared key between peersPublicKey and privateKey and writes it to sharedKey. The shared key can be used with golang.org/x/crypto/nacl/box.OpenAfterPrecomputation to speed up processing when using the same pair of keys repeatedly.
Types ¶
This section is empty.
Source Files