The highest tagged major version is v4.

encrypt

package

v2.1.0 Latest Latest Go to latest Published: Aug 18, 2022 License: MIT Imports: 25 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/Laisky/go-utils

Links

Open Source Insights

Documentation ¶

Overview ¶

Package encrypt contains some useful tools to deal with encryption/decryption

Index ¶

func AESEncryptFilesInDir(dir string, secret []byte, opts ...AESEncryptFilesInDirOption) (err error)
func AesDecrypt(secret []byte, encrypted []byte) ([]byte, error)
func AesEncrypt(secret []byte, cnt []byte) ([]byte, error)
func DecodeECDSAPrivateKey(pemEncoded []byte) (*ecdsa.PrivateKey, error)
func DecodeECDSAPublicKey(pemEncodedPub []byte) (*ecdsa.PublicKey, error)
func DecodeES256SignByBase64(sign string) (a, b *big.Int, err error)
func DecodeES256SignByHex(sign string) (a, b *big.Int, err error)
func DecodeRSAPrivateKey(pemEncoded []byte) (*rsa.PrivateKey, error)
func DecodeRSAPublicKey(pemEncodedPub []byte) (*rsa.PublicKey, error)
func EncodeECDSAPrivateKey(privateKey *ecdsa.PrivateKey) ([]byte, error)
func EncodeECDSAPublicKey(publicKey *ecdsa.PublicKey) ([]byte, error)
func EncodeES256SignByBase64(a, b *big.Int) string
func EncodeES256SignByHex(a, b *big.Int) string
func EncodeRSAPrivateKey(privateKey *rsa.PrivateKey) ([]byte, error)
func EncodeRSAPublicKey(publicKey *rsa.PublicKey) ([]byte, error)
func FormatBig2Base64(b *big.Int) string
func FormatBig2Hex(b *big.Int) string
func GeneratePasswordHash(password []byte) ([]byte, error)
func HashSHA128String(val string) string
func HashSHA256String(val string) string
func HashXxhashString(val string) string
func ParseBase642Big(raw string) (*big.Int, error)
func ParseHex2Big(hex string) (b *big.Int, ok bool)
func SignByECDSAWithSHA256(priKey *ecdsa.PrivateKey, content []byte) (r, s *big.Int, err error)
func SignByRSAWithSHA256(priKey *rsa.PrivateKey, content []byte) ([]byte, error)
func SignReaderByECDSAWithSHA256(priKey *ecdsa.PrivateKey, reader io.Reader) (r, s *big.Int, err error)
func SignReaderByRSAWithSHA256(priKey *rsa.PrivateKey, reader io.Reader) (sig []byte, err error)
func ValidatePasswordHash(hashedPassword, password []byte) bool
func VerifyByECDSAWithSHA256(pubKey *ecdsa.PublicKey, content []byte, r, s *big.Int) bool
func VerifyByRSAWithSHA256(pubKey *rsa.PublicKey, content []byte, sig []byte) error
func VerifyReaderByECDSAWithSHA256(pubKey *ecdsa.PublicKey, reader io.Reader, r, s *big.Int) (bool, error)
func VerifyReaderByRSAWithSHA256(pubKey *rsa.PublicKey, reader io.Reader, sig []byte) error
type AESEncryptFilesInDirOption
- func WithAESFilesInDirFileExt(ext string) AESEncryptFilesInDirOption
- func WithAESFilesInDirFileSuffix(suffix string) AESEncryptFilesInDirOption
type AesReaderWrapper
- func NewAesReaderWrapper(in io.Reader, key []byte) (*AesReaderWrapper, error)
- func (w *AesReaderWrapper) Read(p []byte) (n int, err error)
type DHKX
- func NewDHKX(optfs ...DHKXOptionFunc) (d *DHKX, err error)
- func (d *DHKX) GenerateKey(peerPubKey []byte) ([]byte, error)
- func (d *DHKX) PublicKey() []byte
type DHKXOptionFunc

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func AESEncryptFilesInDir ¶

func AESEncryptFilesInDir(dir string, secret []byte, opts ...AESEncryptFilesInDirOption) (err error)

AESEncryptFilesInDir encrypt files in dir

will generate new encrypted files with <suffix> after ext

xxx.toml -> xxx.toml.enc

func AesDecrypt ¶

func AesDecrypt(secret []byte, encrypted []byte) ([]byte, error)

AesDecrypt encrypt bytes by aes with key

inspired by https://tutorialedge.net/golang/go-encrypt-decrypt-aes-tutorial/

The key argument should be 16, 24, or 32 bytes

func AesEncrypt ¶

func AesEncrypt(secret []byte, cnt []byte) ([]byte, error)

AesEncrypt encrypt bytes by aes with key

inspired by https://tutorialedge.net/golang/go-encrypt-decrypt-aes-tutorial/

The key argument should be the AES key, either 16, 24, or 32 bytes to select AES-128, AES-192, or AES-256.

func DecodeECDSAPrivateKey ¶

func DecodeECDSAPrivateKey(pemEncoded []byte) (*ecdsa.PrivateKey, error)

DecodeECDSAPrivateKey decode ecdsa private key from pem bytes

func DecodeECDSAPublicKey ¶

func DecodeECDSAPublicKey(pemEncodedPub []byte) (*ecdsa.PublicKey, error)

DecodeECDSAPublicKey decode ecdsa public key from pem bytes

func DecodeES256SignByBase64 ¶

func DecodeES256SignByBase64(sign string) (a, b *big.Int, err error)

DecodeES256SignByBase64 parse ecdsa signature string to two *big.Int

func DecodeES256SignByHex ¶

func DecodeES256SignByHex(sign string) (a, b *big.Int, err error)

DecodeES256SignByHex parse ecdsa signature string to two *big.Int

func DecodeRSAPrivateKey ¶

func DecodeRSAPrivateKey(pemEncoded []byte) (*rsa.PrivateKey, error)

DecodeRSAPrivateKey decode rsa private key from pem bytes

func DecodeRSAPublicKey ¶

func DecodeRSAPublicKey(pemEncodedPub []byte) (*rsa.PublicKey, error)

DecodeRSAPublicKey decode rsa public key from pem bytes

func EncodeECDSAPrivateKey ¶

func EncodeECDSAPrivateKey(privateKey *ecdsa.PrivateKey) ([]byte, error)

EncodeECDSAPrivateKey encode ecdsa private key to pem bytes

func EncodeECDSAPublicKey ¶

func EncodeECDSAPublicKey(publicKey *ecdsa.PublicKey) ([]byte, error)

EncodeECDSAPublicKey encode ecdsa public key to pem bytes

func EncodeES256SignByBase64 ¶

func EncodeES256SignByBase64(a, b *big.Int) string

EncodeES256SignByBase64 format ecdsa signature to stirng

func EncodeES256SignByHex ¶

func EncodeES256SignByHex(a, b *big.Int) string

EncodeES256SignByHex format ecdsa sign to stirng

func EncodeRSAPrivateKey ¶

func EncodeRSAPrivateKey(privateKey *rsa.PrivateKey) ([]byte, error)

EncodeRSAPrivateKey encode rsa private key to pem bytes

func EncodeRSAPublicKey ¶

func EncodeRSAPublicKey(publicKey *rsa.PublicKey) ([]byte, error)

EncodeRSAPublicKey encode rsa public key to pem bytes

func FormatBig2Base64 ¶

func FormatBig2Base64(b *big.Int) string

FormatBig2Base64 format big to base64 string

func FormatBig2Hex ¶

func FormatBig2Hex(b *big.Int) string

FormatBig2Hex format big to hex string

func GeneratePasswordHash ¶

func GeneratePasswordHash(password []byte) ([]byte, error)

GeneratePasswordHash generate hashed password by origin password

Example ¶

// generate hashed password
rawPassword := []byte("1234567890")
hashedPassword, err := GeneratePasswordHash(rawPassword)
if err != nil {
	log.Shared.Error("try to generate password got error", zap.Error(err))
	return
}
fmt.Printf("got new hashed pasword: %v\n", string(hashedPassword))

// validate passowrd
if !ValidatePasswordHash(hashedPassword, rawPassword) {
	log.Shared.Error("password invalidate", zap.Error(err))
	return
}

Output:

func HashSHA128String ¶

func HashSHA128String(val string) string

HashSHA128String calculate string's hash by sha256

Example ¶

val := testhashraw
got := HashSHA128String(val)
log.Shared.Info("hash", zap.String("got", got))

Output:

func HashSHA256String ¶

func HashSHA256String(val string) string

HashSHA256String calculate string's hash by sha256

Example ¶

val := testhashraw
got := HashSHA256String(val)
log.Shared.Info("hash", zap.String("got", got))

Output:

func HashXxhashString ¶

func HashXxhashString(val string) string

HashXxhashString calculate string's hash by sha256

Example ¶

val := testhashraw
got := HashXxhashString(val)
log.Shared.Info("hash", zap.String("got", got))

Output:

func ParseBase642Big ¶

func ParseBase642Big(raw string) (*big.Int, error)

ParseBase642Big parse base64 string to big

func ParseHex2Big ¶

func ParseHex2Big(hex string) (b *big.Int, ok bool)

ParseHex2Big parse hex string to big

func SignByECDSAWithSHA256 ¶

func SignByECDSAWithSHA256(priKey *ecdsa.PrivateKey, content []byte) (r, s *big.Int, err error)

SignByECDSAWithSHA256 generate signature by ecdsa private key use sha256

Example ¶

priKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
if err != nil {
	log.Shared.Panic("generate key", zap.Error(err))
}
priKey2, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
if err != nil {
	log.Shared.Panic("generate key", zap.Error(err))
}

// case: correct key
cnt := []byte("fjijf23lijfl23ijrl32jra9pfie9wpfi")
r, s, err := SignByECDSAWithSHA256(priKey, cnt)
if err != nil {
	log.Shared.Panic("sign", zap.Error(err))
}
if !VerifyByECDSAWithSHA256(&priKey.PublicKey, cnt, r, s) {
	log.Shared.Panic("verify failed")
}

// generate string
encoded := EncodeES256SignByBase64(r, s)
if _, _, err = DecodeES256SignByBase64(encoded); err != nil {
	log.Shared.Panic("encode and decode", zap.Error(err))
}

// case: incorrect cnt
cnt = []byte("fjijf23lijfl23ijrl32jra9pfie9wpfi")
r, s, err = SignByECDSAWithSHA256(priKey, cnt)
if err != nil {
	log.Shared.Panic("sign", zap.Error(err))
}
if VerifyByECDSAWithSHA256(&priKey.PublicKey, append(cnt, '2'), r, s) {
	log.Shared.Panic("should not verify")
}

// case: incorrect key
r, s, err = SignByECDSAWithSHA256(priKey2, cnt)
if err != nil {
	log.Shared.Panic("sign", zap.Error(err))
}
if VerifyByECDSAWithSHA256(&priKey.PublicKey, cnt, r, s) {
	log.Shared.Panic("should not verify")
}

Output:

func SignByRSAWithSHA256 ¶

func SignByRSAWithSHA256(priKey *rsa.PrivateKey, content []byte) ([]byte, error)

SignByRSAWithSHA256 generate signature by rsa private key use sha256

func SignReaderByECDSAWithSHA256 ¶

func SignReaderByECDSAWithSHA256(priKey *ecdsa.PrivateKey, reader io.Reader) (r, s *big.Int, err error)

SignReaderByECDSAWithSHA256 generate signature by ecdsa private key use sha256

func SignReaderByRSAWithSHA256 ¶

func SignReaderByRSAWithSHA256(priKey *rsa.PrivateKey, reader io.Reader) (sig []byte, err error)

SignReaderByRSAWithSHA256 generate signature by rsa private key use sha256

func ValidatePasswordHash ¶

func ValidatePasswordHash(hashedPassword, password []byte) bool

ValidatePasswordHash validate password is match with hashedPassword

func VerifyByECDSAWithSHA256 ¶

func VerifyByECDSAWithSHA256(pubKey *ecdsa.PublicKey, content []byte, r, s *big.Int) bool

VerifyByECDSAWithSHA256 verify signature by ecdsa public key use sha256

func VerifyByRSAWithSHA256 ¶

func VerifyByRSAWithSHA256(pubKey *rsa.PublicKey, content []byte, sig []byte) error

VerifyByRSAWithSHA256 verify signature by rsa public key use sha256

func VerifyReaderByECDSAWithSHA256 ¶

func VerifyReaderByECDSAWithSHA256(pubKey *ecdsa.PublicKey, reader io.Reader, r, s *big.Int) (bool, error)

VerifyReaderByECDSAWithSHA256 verify signature by ecdsa public key use sha256

func VerifyReaderByRSAWithSHA256 ¶

func VerifyReaderByRSAWithSHA256(pubKey *rsa.PublicKey, reader io.Reader, sig []byte) error

VerifyReaderByRSAWithSHA256 verify signature by rsa public key use sha256

Types ¶

type AESEncryptFilesInDirOption ¶

type AESEncryptFilesInDirOption func(*encryptFilesOption) error

AESEncryptFilesInDirOption options to encrypt files in dir

func WithAESFilesInDirFileExt ¶

func WithAESFilesInDirFileExt(ext string) AESEncryptFilesInDirOption

WithAESFilesInDirFileExt only encrypt files with specific ext

func WithAESFilesInDirFileSuffix ¶

func WithAESFilesInDirFileSuffix(suffix string) AESEncryptFilesInDirOption

WithAESFilesInDirFileSuffix will append to encrypted's filename as suffix

xxx.toml -> xxx.toml.enc

type AesReaderWrapper ¶

type AesReaderWrapper struct {
	// contains filtered or unexported fields
}

AesReaderWrapper used to decrypt encrypted reader

func NewAesReaderWrapper ¶

func NewAesReaderWrapper(in io.Reader, key []byte) (*AesReaderWrapper, error)

NewAesReaderWrapper wrap reader by aes

func (*AesReaderWrapper) Read ¶

func (w *AesReaderWrapper) Read(p []byte) (n int, err error)

type DHKX ¶

type DHKX struct {
	// contains filtered or unexported fields
}

Diffie Hellman Key-exchange algorithm

https://pkg.go.dev/github.com/monnand/dhkx

Example

alice, _ := NewDHKX()
bob, _ := NewDHKX()

alicePub := alice.PublicKey()
bobPub := bob.PublicKey()

aliceKey, _ := alice.GenerateKey(bobPub)
bobKey, _ := bob.GenerateKey(alicePub)

// aliceKey == bobKey

Example ¶

alice, _ := NewDHKX()

bob, _ := NewDHKX()

alicePub := alice.PublicKey()
bobPub := bob.PublicKey()

aliceKey, _ := alice.GenerateKey(bobPub)
bobKey, _ := bob.GenerateKey(alicePub)
fmt.Println(reflect.DeepEqual(aliceKey, bobKey))

Output:

true

func NewDHKX ¶

func NewDHKX(optfs ...DHKXOptionFunc) (d *DHKX, err error)

NewDHKX create a new DHKX instance

each DHKX instance has it's unique group and private key

func (*DHKX) GenerateKey ¶

func (d *DHKX) GenerateKey(peerPubKey []byte) ([]byte, error)

GenerateKey generate new key by peer's public key

each side of the DHKX exchange peers will generate the same key

key like:

60a425ca3a4cc313db9c113a0526f3809725305afc68e1accd0e653ae8d0182c6eb05557f4b5d094f015972b9fda7d60c1b64d79f50baea7365d858ede0fb7a6571403d4b95f682144b56fa17ffcbe9e70de69dc0045672696e683c423c5b3dfc02a6916be1e50c74e60353ec08a465cc124e8ca88337fb74a0370e17a7cedb0b1e76733f43ad3db9e3d29ab43c75686a8bc4a88ee46addbd1590c8277d1b1ef42aded6cc0bfe0a7ff8933861dae772c755087f2a41021f4ca53867ba49797d111ef21b381cb6441178f4ccd3748f8e7b1a12ec3799571a49fc0aa793c05ab6e228b559f1fda2912542d7246388ccec138b4d8ce9df4a32c198891c4e33b5034

func (*DHKX) PublicKey ¶

func (d *DHKX) PublicKey() []byte

PublicKey return public key bytes

type DHKXOptionFunc ¶

type DHKXOptionFunc func(*dhkxOption) error

DHKXOptionFunc optional func to set dhkx option

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL