This package and Go module implements the functions required to encrypt and decrypt data using the Elliptic Curve Integrated Encryption Scheme with X9.63 Key Derivation, and specifically; Apple's implementation as part of Security.framework on iOS & macOS.
It was conceived to simplify the process of exchanging secure encrypted data cross-platform between a Go application and Apple devices. It has been designed to be capable of exchanging encrypted data using keys protected by the Secure Enclave on Apple platforms (with NIST P-256 elliptic curve keys) as well as other curves supported by ecdh.Curve (P-384, P-521, X25519).
This package includes an implementation of the X9.63-KDF Key Derivation Function used by Apple's framework to derive shared AES keys and an optional IV/nonce for GCM.
This package follows Apple's behaviour when it comes to AES key size selection. For <=256 bit EC keys, 16 bits of the derived key are used for AES, leading to AES-128 being used for the symmetric encryption. Where EC key sizes >256 bits are used (384, 521), 32 bits of the derived key are used for AES, resulting in AES-256 symmetric encryption.
Ciphertext is outputted and expected in the following format (to match that outputted and expected by SecKeyCreateEncryptedData and SecKeyCreateDecryptedData):
[ephemeral public key (raw bytes)] + [message ciphertext] + [AES-GCM authentication tag]
Example code showing how to encrypt and decrypt is available here.
A companion Swift Playground project exists here with instructions and examples of how to encrypt and decrypt data compatible with this package.
A series of unit tests are included to test the fundamentals as well as some concrete encrypt and decrypt operations. The test TestExternalDecryptSuccess includes test data encrypted by Security.framework on macOS with detailed examples as to configuration and algorithm choice.