crypto

package
v1.12.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 3, 2020 License: MIT Imports: 17 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	// ErrCipherTooShort occurs when `Decrypt` does not
	// have input of enough length to decrypt using AES256
	ErrCipherTooShort = errors.New("crypto: cipher plainText is too short for AES encryption")
	// ErrCorruptedMessage occurs when an attempt of unsealing a message
	// does not pass the authentication check
	ErrCorruptedMessage = errors.New("crypto: the message didn't pass the authentication check")
)
View Source
var (
	// ErrTokenExpired occurs when the token lifetime is exceeded
	ErrTokenExpired = errors.New("crypto: token expired")
)

Functions

func DecodeAndVerifyToken added in v1.3.0

func DecodeAndVerifyToken(tokenStr string, key []byte, lifetime time.Duration) (data []byte, err error)

DecodeAndVerify unseals the token and verifies its lifetime

func Decrypt

func Decrypt(cipherText, key []byte) (plainText []byte, err error)

Decrypt decrypts content with a key using AES256 CFB mode

func DecryptFromString

func DecryptFromString(cipherTextStr string, key []byte) ([]byte, error)

DecryptFromString decrypts a string with a key

func Encrypt

func Encrypt(plainText, key []byte) (cipherText []byte, err error)

Encrypt encrypts content with a key using AES256 CFB mode

func EncryptToString

func EncryptToString(plainText, key []byte) (string, error)

EncryptToString encrypts content with a key using AES256 and encodes it to a hexadecimal string

func GenerateRandomString

func GenerateRandomString(length int) (string, error)

GenerateRandomString generates a random string with a given length

func GenerateToken added in v1.3.0

func GenerateToken(data, key []byte) (tokenStr string, err error)

GenerateToken generates a sealed token with a given ID and timestamp for future verification.

func Hash added in v1.11.0

func Hash(data ...interface{}) ([]byte, error)

Hash is a convenience function calling the default hasher WARNING: only pass in data that is json-marshalable. If not, the worst case scenario is that you passed in data with circular references and this will just blow up your CPU

func HashToString added in v1.11.0

func HashToString(data ...interface{}) (string, error)

HashToString is a convenience function calling the default hasher and encoding the result as hex string

func PassphraseToKey

func PassphraseToKey(passphrase string) (key []byte)

PassphraseToKey converts a string to a key for encryption.

This function must be used STRICTLY ONLY for generating an encryption key out of a passphrase. Please don't use this function for hashing user-provided values. It uses SHA2 for simplicity and it's faster but less secure than SHA3. User-provided data should use SHA3 or bcrypt.

func Seal added in v1.3.0

func Seal(plainText, key []byte) (cipherText []byte, err error)

Seal implements authenticated encryption using the MAC-then-Encrypt (MtE) approach. It's using SHA3-256 for MAC and AES256 CFB for encryption. https://en.wikipedia.org/wiki/Authenticated_encryption#MAC-then-Encrypt_(MtE)

func SealToString added in v1.3.0

func SealToString(plainText, key []byte) (string, error)

SealToString runs `Seal` and then encodes the result into base64.

func Unseal added in v1.3.0

func Unseal(cipherText, key []byte) (plainText []byte, err error)

Unseal decrypts and authenticates the data encrypted by Seal

func UnsealFromString added in v1.3.0

func UnsealFromString(cipherTextStr string, key []byte) ([]byte, error)

UnsealFromString decodes from Base64 and applies `Unseal`.

Types

type Hasher added in v1.11.0

type Hasher interface {
	Hash(data ...interface{}) ([]byte, error)
}

Hasher provides a method for hashing arbitary data types

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL