https://github.com/karpeleslab/cryptutil

https://github.com/karpeleslab/cryptutil

Last synced: 11 months ago
JSON representation

• Host: GitHub
• URL: https://github.com/karpeleslab/cryptutil
• Owner: KarpelesLab
• License: mit
• Created: 2024-07-08T08:51:27.000Z (almost 2 years ago)
• Default Branch: master
• Last Pushed: 2024-09-29T07:16:15.000Z (over 1 year ago)
• Last Synced: 2025-07-01T00:08:56.763Z (12 months ago)
• Language: Go
• Size: 80.1 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
[![GoDoc](https://godoc.org/github.com/KarpelesLab/cryptutil?status.svg)](https://godoc.org/github.com/KarpelesLab/cryptutil)

# cryptutil

Some tools for handling common crypto tasks not found in the go standard library

## ECDH Message encryption

Sometimes you want to send a message. Sometimes you want it encrypted. Sending an encrypted message to a ECDSA key can be painful and come with all sorts of difficulties.

This library aims to provide a simple encryption/decryption scheme that just takes a plaintext and a key and returns an encrypted string.

The decryption function accepts any kind of ECDH handler, allowing the actual private key to be stored into a TPM or a HSM.

## Bottle

Bottles are containers for arbitrary data (json, cbor, anything) that can be used to add any number of signatures, encryption layers etc to the underlying message, while

keeping recovery of the original message fairly easy.

```go

// Create a new bottle with a message inside

bottle := cryptutil.NewBottle([]byte("s.o.s. to the world"))

// encrypt for Alice OR Bob (either will be able to open the bottle)

bottle.Encrypt(rand.Reader, bob.Public(), alice.Public())

bottle.BottleUp() // bottle in a bottle, so that the signature includes the encryption

bottle.Sign(rand.Reader, alice) // sign from Alice

// Bob is opening the bottle

opener, err := cryptutil.NewOpener(bob)

res, info, err := opener.Open(bottle)

// first, check err to see if opening the bottle was successful

// Then you can inspect info to see which signatures were verified, and how many

// layers of encryption were decrypted

```

## ID Card

ID Cards can be used by entities with a signing key to provide alternate encryption keys.