security

package

v0.1.59 Latest Latest Go to latest Published: Feb 22, 2025 License: MIT Imports: 21 Imported by: 3

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/andygeiss/cloud-native-utils

Documentation ¶

Index ¶

func Decrypt(ciphertext []byte, key [32]byte) (plaintext []byte, err error)
func Encrypt(plaintext []byte, key [32]byte) (ciphertext []byte)
func GenerateKey() [32]byte
func Getenv(key string) (out [32]byte)
func Hash(tag string, data []byte) (sum []byte)
func IsPasswordValid(ciphertext, plaintext []byte) bool
func NewClient() *http.Client
func NewClientWithTLS(certFile, keyFile, caFile string) *http.Client
func NewServer(mux *http.ServeMux) *http.Server
func NewServerWithTLS(mux *http.ServeMux, domains ...string) *http.Server
func ParseDuration(key string, def time.Duration) time.Duration
func ParseInt(key string, def int) int
func Password(plaintext []byte) ([]byte, error)
type ServerSession
type ServerSessions
- func NewServeMux(ctx context.Context, efs embed.FS) (mux *http.ServeMux, serverSessions *ServerSessions)
- func NewServerSessions() *ServerSessions

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func Decrypt ¶

func Decrypt(ciphertext []byte, key [32]byte) (plaintext []byte, err error)

Decrypt takes an encrypted byte slice (ciphertext) and a 256-bit AES key, and decrypts the ciphertext using AES-GCM.

func Encrypt ¶

func Encrypt(plaintext []byte, key [32]byte) (ciphertext []byte)

Encrypt takes an input byte slice (plaintext) and encrypts it using AES-GCM. It returns the encrypted data (ciphertext) and the key used for encryption.

func GenerateKey ¶

func GenerateKey() [32]byte

GenerateKey generates a 256-bit (32-byte) random key for AES encryption. It uses a cryptographically secure random number generator.

func Getenv ¶ added in v0.1.7

func Getenv(key string) (out [32]byte)

Getenv retrieves an environment variable by the given key, interprets its value as a hexadecimal string, and decodes it into a 32-byte array. If the environment variable is not set, the value is not a valid hex string, or the decoded byte length is not 32, the function returns an empty array.

func Hash ¶

func Hash(tag string, data []byte) (sum []byte)

Hash generates an HMAC hash using the SHA-512/256 algorithm.

func IsPasswordValid ¶

func IsPasswordValid(ciphertext, plaintext []byte) bool

IsPasswordValid checks if a given plaintext password matches a hashed password.

func NewClient ¶ added in v0.1.25

func NewClient() *http.Client

NewClient creates and returns a new *http.Client with a default timeout of 5 seconds. The timeout can be adjusted by setting the CLIENT_TIMEOUT environment variable.

func NewClientWithTLS ¶ added in v0.1.39

func NewClientWithTLS(certFile, keyFile, caFile string) *http.Client

NewClientWithTLS creates and returns a new *http.Client with mutual TLS authentication.

func NewServer ¶

func NewServer(mux *http.ServeMux) *http.Server

NewServer creates and returns a configured HTTP server. It uses the PORT environment variable or defaults to port 8080. The server has a default timeout of 5 seconds for read, write, and idle connections. The timeout can be adjusted by setting the SERVER_*_TIMEOUT environment variables.

func NewServerWithTLS ¶ added in v0.1.15

func NewServerWithTLS(mux *http.ServeMux, domains ...string) *http.Server

NewServerWithTLS creates and returns a configured HTTP server with the given TLS configuration.

func ParseDuration ¶ added in v0.1.40

func ParseDuration(key string, def time.Duration) time.Duration

ParseDuration parses the value of the environment variable with the given key as a duration. If the value is not set or cannot be parsed, the default duration is returned.

func ParseInt ¶ added in v0.1.42

func ParseInt(key string, def int) int

ParseInt parses the value of the environment variable with the given key as an integer. If the value is not set or cannot be parsed, the default integer is returned.

func Password ¶

func Password(plaintext []byte) ([]byte, error)

Password hashes a plaintext password using bcrypt with a cost of 14.

Types ¶

type ServerSession ¶ added in v0.1.35

type ServerSession struct {
	ID    string `json:"id"`
	Value string `json:"value"`
}

ServerSession is a session for a user.

type ServerSessions ¶ added in v0.1.35

type ServerSessions struct {
	// contains filtered or unexported fields
}

ServerSessions is a thread-safe map of email addresses to tokens.

func NewServeMux ¶ added in v0.1.44

func NewServeMux(ctx context.Context, efs embed.FS) (mux *http.ServeMux, serverSessions *ServerSessions)

NewServeMux creates a new mux with the liveness check endpoint (/liveness) and the readiness check endpoint (/readiness). The mux is returned along with a new ServerSessions instance.

func NewServerSessions ¶ added in v0.1.35

func NewServerSessions() *ServerSessions

NewServerSessions creates a new serverSessions.

func (*ServerSessions) Create ¶ added in v0.1.48

func (a *ServerSessions) Create() (s ServerSession)

Create adds a new session to the serverSessions.

func (*ServerSessions) Delete ¶ added in v0.1.48

func (a *ServerSessions) Delete(id string)

Delete removes the session with the given sessionID.

func (*ServerSessions) Read ¶ added in v0.1.48

func (a *ServerSessions) Read(id string) (*ServerSession, bool)

Get returns the session for the given sessionID.

func (*ServerSessions) Update ¶ added in v0.1.35

func (a *ServerSessions) Update(s ServerSession)

Update adds a new session to the serverSessions.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL