CreateAcraBlock construct AcraBlock like tag_begin[4] + rest_sum_length[*] + kek_encryption_type[1] + kek_id[2] + data_encryption_type[1] + dek_length[2] + dek + encrypted_data.

CreateAcraBlockWithBackends create AcraBlock using specified encryption backends.

ExtractAcraBlockFromData return AcraBlock that stored at start of data and return size in bytes of parsed AcraBlockLength.

NewAcraBlockFromData expects that whole data is one AcraBlock, validate and return, otherwise error.

NewDataEncryptor return new DataEncryptor that uses AcraBlock to encrypt data which may be used by other encryptors.

NewEmptyAcraBlock create empty block for desired length and filled TagBegin.

NewStandaloneDataEncryptor return new DataEncryptor that uses AcraBlock to encrypt data as separate OnColumn processor and checks passed setting that it configured only for transparent AcraBlock encryption.

ProcessAcraBlocks find AcraBlocks in inBuffer, call processor on every recognized AcraStruct and replace it with result into outBuffer until end of data from inBuffer or any error result On error it returns inBuffer as is.

Set of constants with sizes of each part of AcraBlock.

Set of known backends for data encryption in AcraBlock.

AcraBlock length parts constants.

Set of constants with sizes of each part of AcraBlock.

AcraBlock length parts constants.

Set of constants with sizes of each part of AcraBlock.

AcraBlock length parts constants.

Set of known backends for key encryption.

AcraBlock length parts constants.

Set of constants with sizes of each part of AcraBlock.

AcraBlock length parts constants.

Set of constants with sizes of each part of AcraBlock.

AcraBlock length parts constants.

Set of constants with sizes of each part of AcraBlock.

SymmetricDataEncryptionKeyLength size for each new random symmetric key for new AcraBlock.

Set of constants with sizes of each part of AcraBlock.

ErrDataEncryptionKeyGeneration used when can't generate random key with crypto.Rand.

ErrInvalidAcraBlock defines invalid AcraBlock error.

DataEncryptor that uses AcraBlocks for encryption.

SecureCellSymmetricBackend implement SymmetricBackend with SecureCell backend.

Sha256KeyIDGenerator generate ID for key using sha256 hash function for key value and context.

KeyIDGenerator abstract logic to generate ID for symmetric key which will be placed in AcraBlock.

Processor interface used as callback for recognized AcraStructs and should return data instead AcraStruct.

SymmetricBackend interface abstract backend for key and data encryption.

AcraBlock array of several parts: TagBegin[4] + LengthOfRestData[4] + KeyEncryptionKeyType[1] + KeyEncryptionKeyID[2] + DataEncryptionType[1] + DataEncryptionKeyLength[2] + EncryptedDataEncryptionKey[*] + EncryptedData[*].

DataEncryptionBackendType used as storage for known backends to encrypt data in AcraBlock.

KeyEncryptionBackendType used as storage for known backends to encrypt symmetric keys in AcraBLock.