The sio package implements provable secure authenticated encryption for continuous byte streams.
It splits a data stream into L bytes long fragments and en/decrypts each fragment with an unique
key-nonce combination using an AEAD. For the last
fragment the construction prefixes the associated data with the 0x80 byte (instead of 0x00)
to prevent truncation attacks.
The sio package follows semantic versioning and hasn't reached a stable v1.0.0, yet. So
newer versions may cause major breaking API changes. However, we try to avoid such changes - if not really
needed.
import (
"github.com/secure-io/sio-go"
)
The sio package provides APIs for en/decrypting an io.Reader
or an io.Writer. First, you have to create a
Stream instance from a
cipher.AEAD and a buffer size.
(The buffer size determines the fragment size L). You may want to take a look at
this example.
Then you can use the Stream to encrypt resp. decrypt an io.Reader or io.Writer using
e.g. the EncryptReader
or DecryptWriter methods.
For a comprehensive overview of the API please take a look at godoc.org.