cryptography

package
v0.0.0-...-bfe46a2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 17, 2024 License: MPL-2.0 Imports: 14 Imported by: 3

Documentation

Index

Constants

View Source 
const SecretTokenPrefix = "secret-token:"

SecretTokenPrefix all secret keys will be contain

Variables

View Source 
var (
	// ErrEncryptedFieldTooLarge - the sku was invalid
	ErrEncryptedFieldTooLarge = errors.New("encrypted field is greater than 4 KB - this must be chunked")
)

Functions

func Attenuate 

func Attenuate(rootKeyID string, secretKey string, caveats map[string]string) (aKeyID string, aSecretKey string, err error)

Attenuate a root keyID and secretKey usign the provided caveats

func DecodeKeyID 

func DecodeKeyID(keyID string) (rootKeyID string, caveats map[string]string, err error)

DecodeKeyID into the root keyID and any caveats, which will be null otherwise

func DecryptMessage 

func DecryptMessage(encryptionKey [32]byte, encryptedField []byte, nonce []byte) (string, error)

DecryptMessage uses SecretBox to decrypt the message

func EncryptMessage 

func EncryptMessage(encryptionKey [32]byte, field []byte) (encrypted []byte, nonceString [24]byte, err error)

EncryptMessage uses SecretBox to encrypt the message

Types

type HMACHasher 

type HMACHasher struct {
	// contains filtered or unexported fields
}

HMACHasher is an in process signer implementation for HMACKey

func (*HMACHasher) HMACSha384 

func (hmh *HMACHasher) HMACSha384(payload []byte) ([]byte, error)

HMACSha384 hashes using an in process secret

type HMACKey 

type HMACKey interface {
	// HMACSha384 does the appropriate hashing
	HMACSha384(payload []byte) ([]byte, error)
}

HMACKey an interface for hashing to hmac-sha384

func NewHMACHasher 

func NewHMACHasher(secret []byte) HMACKey

NewHMACHasher creates a new HMACKey for hashing

type Presignable 

type Presignable interface {
	HMACSha384(payload []byte) ([]byte, error)
}

Presignable duplicates the hmac interface for signing

func NewPresigner 

func NewPresigner(sig []byte) Presignable

NewPresigner creates a new presigner

type Presigner 

type Presigner struct {
	// contains filtered or unexported fields
}

Presigner returns the same value always

func (Presigner) HMACSha384 

func (ps Presigner) HMACSha384(payload []byte) ([]byte, error)

HMACSha384 presigns a request

type TimeLimitedSecret 

type TimeLimitedSecret struct {
	// contains filtered or unexported fields
}

TimeLimitedSecret represents a secret used to derive Time Limited Credentials

func NewTimeLimitedSecret 

func NewTimeLimitedSecret(secret []byte) TimeLimitedSecret

NewTimeLimitedSecret - create a new time limited secret structure

func (TimeLimitedSecret) Derive 

func (secret TimeLimitedSecret) Derive(metadata []byte, date time.Time, expirationDate time.Time) (string, error)

Derive - derive time limited credential based on date and expiration date

func (TimeLimitedSecret) Verify 

func (secret TimeLimitedSecret) Verify(metadata []byte, date time.Time, expirationDate time.Time, token string) (bool, error)

Verify - verify time limited credential based on date being bound within the expiration date of the credential

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.