cloak v1.0.0-alpha.0 Cloak.Ciphers.AES.CTR View Source
A Cloak.Cipher
which encrypts values with the AES cipher in CTR (stream) mode.
Internally relies on Erlang’s :crypto.stream_encrypt/2
.
Link to this section Summary
Functions
Callback implementation for Cloak.Cipher.can_decrypt?2
. Determines if
a ciphertext can be decrypted with this cipher
Callback implementation for Cloak.Cipher.decrypt/2
. Decrypts a value
encrypted with AES in CTR mode
Callback implementation for Cloak.Cipher.encrypt
. Encrypts a value using
AES in CTR mode
Link to this section Functions
Callback implementation for Cloak.Cipher.can_decrypt?2
. Determines if
a ciphertext can be decrypted with this cipher.
Callback implementation for Cloak.Cipher.decrypt/2
. Decrypts a value
encrypted with AES in CTR mode.
Uses the key tag to find the correct key for decryption, and the IV included in the header to decrypt the body of the ciphertext.
Parameters
ciphertext
- Binary ciphertext generated byencrypt/2
.
Examples
iex> encrypt("Hello") |> decrypt
"Hello"
Callback implementation for Cloak.Cipher.encrypt
. Encrypts a value using
AES in CTR mode.
Generates a random IV for every encryption, and prepends the key tag and IV to the beginning of the ciphertext. The format can be diagrammed like this:
+-----------------------------------+----------------------+
| HEADER | BODY |
+-------------------+---------------+----------------------+
| Key Tag (n bytes) | IV (16 bytes) | Ciphertext (n bytes) |
+-------------------+---------------+----------------------+
| |__________________________________
| |
+---------------+-----------------+-------------------+
| Type (1 byte) | Length (1 byte) | Key Tag (n bytes) |
+---------------+-----------------+-------------------+
The Key Tag
component of the header breaks down into a Type
, Length
,
and Value
triplet for easy decoding.