README
¶
Secure
Secure is a simple package to easily work with the most common cryptography functions.
Installation:
go get -u github.com/catamat/secure
Example:
package main
import (
"fmt"
"os"
"github.com/catamat/secure"
)
func main() {
asymmetric()
fmt.Println("---")
signing()
fmt.Println("---")
hashing()
fmt.Println("---")
symmetric()
fmt.Println("---")
utilities()
}
func asymmetric() {
var privFile bool
var pubFile bool
if _, err := os.Stat("private.pem"); err == nil {
privFile = true
}
if _, err := os.Stat("public.pem"); err == nil {
pubFile = true
}
if !privFile || !pubFile {
// Create the keys
privKey, pubKey := secure.GenerateRsaKeyPair(4096)
// Export the keys to pem
privPem := secure.ExportRsaPrivateKeyAsPem(privKey)
pubPem, _ := secure.ExportRsaPublicKeyAsPem(pubKey)
if err := os.WriteFile("private.pem", privPem, 0644); err != nil {
fmt.Println("Error: Can't write private.pem file")
return
}
if err := os.WriteFile("public.pem", pubPem, 0644); err != nil {
fmt.Println("Error: Can't write public.pem file")
return
}
}
// Load the keys
privPem, err := os.ReadFile("private.pem")
if err != nil {
fmt.Println("Error: Can't read private.pem file")
return
}
pubPem, err := os.ReadFile("public.pem")
if err != nil {
fmt.Println("Error: Can't read public.pem file")
return
}
// Import the keys from pem
privKey, _ := secure.ParseRsaPrivateKeyFromPem(privPem)
pubKey, _ := secure.ParseRsaPublicKeyFromPem(pubPem)
text := []byte("This is super secret message!")
// Encrypt message
encryptedMessage, _ := secure.EncryptRsaOAEP(text, pubKey, nil)
fmt.Println("Asymmetric Encrypted Message:", string(encryptedMessage))
// Decrypt message
decryptedMessage, _ := secure.DecryptRsaOAEP(encryptedMessage, privKey, nil)
fmt.Println("Asymmetric Decrypted Message:", string(decryptedMessage))
}
func hashing() {
password := []byte("supersecretpassword")
// Generate hash
hashedPassword, _ := secure.GenerateBcryptHash(password, 0)
fmt.Println("Hashed password:", string(hashedPassword))
// Compare hash
err := secure.CompareBcryptHash(hashedPassword, password)
if err != nil {
fmt.Println("Invalid password")
} else {
fmt.Println("Valid password")
}
}
func signing() {
// Load the keys
privPem, err := os.ReadFile("private.pem")
if err != nil {
fmt.Println("Error: Can't read private.pem file")
return
}
pubPem, err := os.ReadFile("public.pem")
if err != nil {
fmt.Println("Error: Can't read public.pem file")
return
}
// Import the keys from pem
privKey, _ := secure.ParseRsaPrivateKeyFromPem(privPem)
pubKey, _ := secure.ParseRsaPublicKeyFromPem(pubPem)
text := []byte("Verifiable message!")
// Sign message
signedMessage, _ := secure.SignRsaPSS(text, privKey)
fmt.Println("Signed Message:", string(signedMessage))
// Verify message
err = secure.VerifyRsaPSS(text, signedMessage, pubKey)
if err != nil {
fmt.Println("Invalid message")
} else {
fmt.Println("Valid message")
}
}
func symmetric() {
key := []byte("supersecretpassword")
text := []byte("This is super secret message!")
// Encrypt message
encryptedMessage, _ := secure.EncryptAesAEAD(text, key)
fmt.Println("Symmetric Encrypted Message:", string(encryptedMessage))
// Decrypt message
decryptedMessage, _ := secure.DecryptAesAEAD(encryptedMessage, key)
fmt.Println("Symmetric Decrypted Message:", string(decryptedMessage))
}
func utilities() {
// Generate random tokens
t1, _ := secure.GenerateRandomToken(32, false, true, false, false)
fmt.Println("Token 1:", string(t1))
t2, _ := secure.GenerateRandomToken(32, true, false, false, false)
fmt.Println("Token 2:", string(t2))
t3, _ := secure.GenerateRandomToken(32, true, true, false, false)
fmt.Println("Token 3:", string(t3))
t4, _ := secure.GenerateRandomToken(32, true, true, true, false)
fmt.Println("Token 4:", string(t4))
t5, _ := secure.GenerateRandomToken(32, true, true, true, true)
fmt.Println("Token 5:", string(t5))
// Generate human passwords
p1, _ := secure.GenerateHumanPassword(0, 0)
fmt.Println("Password 1:", string(p1))
p2, _ := secure.GenerateHumanPassword(5, 2)
fmt.Println("Password 2:", string(p2))
}
Documentation
¶
Overview ¶
Package secure is a simple package to easily work with the most common cryptography functions.
Index ¶
- func CompareBcryptHash(hashedPassword []byte, password []byte) error
- func DecodeBase64(data []byte) ([]byte, error)
- func DecryptAesAEAD(encryptedText []byte, key []byte) ([]byte, error)
- func DecryptRsaOAEP(encryptedText []byte, privKey *rsa.PrivateKey, label []byte) ([]byte, error)
- func DeriveScryptKey(password []byte, salt []byte) ([]byte, []byte, error)
- func EncodeBase64(data []byte) []byte
- func EncryptAesAEAD(decryptedText []byte, key []byte) ([]byte, error)
- func EncryptRsaOAEP(decryptedText []byte, pubKey *rsa.PublicKey, label []byte) ([]byte, error)
- func ExportRsaPrivateKeyAsPem(privKey *rsa.PrivateKey) []byte
- func ExportRsaPublicKeyAsPem(pubKey *rsa.PublicKey) ([]byte, error)
- func GenerateBcryptHash(password []byte, cost int) ([]byte, error)
- func GenerateHumanPassword(letters int, digits int) (string, error)
- func GenerateRandomToken(length int, upperCase bool, lowerCase bool, digits bool, symbols bool) (string, error)
- func GenerateRsaKeyPair(bits int) (*rsa.PrivateKey, *rsa.PublicKey)
- func ParseRsaPrivateKeyFromPem(privPem []byte) (*rsa.PrivateKey, error)
- func ParseRsaPublicKeyFromPem(pubPem []byte) (*rsa.PublicKey, error)
- func SignRsaPSS(text []byte, privKey *rsa.PrivateKey) ([]byte, error)
- func VerifyRsaPSS(text []byte, signature []byte, pubKey *rsa.PublicKey) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CompareBcryptHash ¶
CompareBcryptHash compares an hashed password with its plain equivalent.
func DecodeBase64 ¶
DecodeBase64 decodes data in base64 format.
func DecryptAesAEAD ¶
DecryptAesAEAD decrypts an encrypted text using the key.
func DecryptRsaOAEP ¶
DecryptRsaOAEP decrypts an encrypted text using a private key.
func DeriveScryptKey ¶
DeriveScryptKey derives a 32-bytes key from a variable length password.
func EncodeBase64 ¶
EncodeBase64 encodes data in base64 format.
func EncryptAesAEAD ¶
EncryptAesAEAD encrypts a decrypted text using the key.
func EncryptRsaOAEP ¶
EncryptRsaOAEP encrypts a decrypted text using a public key.
func ExportRsaPrivateKeyAsPem ¶
func ExportRsaPrivateKeyAsPem(privKey *rsa.PrivateKey) []byte
ExportRsaPrivateKeyAsPem encodes a private key in a PEM block.
func ExportRsaPublicKeyAsPem ¶
ExportRsaPublicKeyAsPem encodes a public key in a PEM block.
func GenerateBcryptHash ¶
GenerateBcryptHash generates a new hash from a password at the given cost.
func GenerateHumanPassword ¶
GenerateHumanPassword generates a human readable password.
func GenerateRandomToken ¶
func GenerateRandomToken(length int, upperCase bool, lowerCase bool, digits bool, symbols bool) (string, error)
GenerateRandomToken generates a random token.
func GenerateRsaKeyPair ¶
func GenerateRsaKeyPair(bits int) (*rsa.PrivateKey, *rsa.PublicKey)
GenerateRsaKeyPair generates a key pair from a variable bit size.
func ParseRsaPrivateKeyFromPem ¶
func ParseRsaPrivateKeyFromPem(privPem []byte) (*rsa.PrivateKey, error)
ParseRsaPrivateKeyFromPem decodes a private key from a PEM block.
func ParseRsaPublicKeyFromPem ¶
ParseRsaPublicKeyFromPem decodes a public key from a PEM block.
func SignRsaPSS ¶
func SignRsaPSS(text []byte, privKey *rsa.PrivateKey) ([]byte, error)
SignRsaPSS signs a text using a private key.
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.