README
¶
security
Description
This package is made for dealing with security stuff like hashing, encryption, x509/pem marshal/unmaral, etc. It supports Md5/SHA512 hashing, x509 certificate encoding,AES-GCM 256-bit symmetric-key en/decryption etc.
Usage
Import as a normal go package
import "github.com/datewu/security"
Example
Check these two encrypt_test.go and hash_test.go files.
Documentation
¶
Index ¶
- func AES256Decrypt(ciphertext []byte, key *[32]byte) (plaintext []byte, err error)
- func AES256Encrypt(plaintext []byte, key *[32]byte) (ciphertext []byte, err error)
- func BcryptPwd(f int, password []byte) ([]byte, error)
- func CheckBcryptPwd(hashed, plainText []byte) error
- func DeHexString(content string) ([]byte, error)
- func DecodePrivateKey(encodedKey []byte) (*ecdsa.PrivateKey, error)
- func DecodePublicKey(encodedKey []byte) (*ecdsa.PublicKey, error)
- func DecodeSignatureJWT(b64sig string) ([]byte, error)
- func EncodePrivateKey(key *ecdsa.PrivateKey) ([]byte, error)
- func EncodePublicKey(key *ecdsa.PublicKey) ([]byte, error)
- func EncodeSignatureJWT(sig []byte) string
- func Hash512(tag string, data []byte) []byte
- func Md5Sum(data []byte) []byte
- func Md5WithTag(tag string, data []byte) []byte
- func NewAES256Key() *[32]byte
- func ToHexString(data []byte) string
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AES256Decrypt ¶ added in v0.1.8
AES256Decrypt decrypts data using 256-bit AES-GCM. This both hides the content of the data and provides a check that it hasn't been altered. Expects input form nonce|ciphertext|tag where '|' indicates concatenation.
func AES256Encrypt ¶ added in v0.1.8
AES256Encrypt encrypts data using 256-bit AES-GCM. This both hides the content of the data and provides a check that it hasn't been altered. Output takes the form nonce|ciphertext|tag where '|' indicates concatenation.
func BcryptPwd ¶ added in v0.1.8
BcryptPwd generates a bcrypt hash of the password using work factor 14.
func CheckBcryptPwd ¶ added in v0.1.8
CheckBcryptPwd securely compares a bcrypt hashed password with its possible plaintext equivalent. Returns nil on success, or an error on failure.
func DecodePrivateKey ¶
func DecodePrivateKey(encodedKey []byte) (*ecdsa.PrivateKey, error)
DecodePrivateKey decodes a PEM-encoded ECDSA private key.
func DecodePublicKey ¶
DecodePublicKey decodes a PEM-encoded ECDSA public key.
func DecodeSignatureJWT ¶
DecodeSignatureJWT Decodes an ECDSA signature according to https://tools.ietf.org/html/rfc7515#appendix-A.3.1
func EncodePrivateKey ¶
func EncodePrivateKey(key *ecdsa.PrivateKey) ([]byte, error)
EncodePrivateKey encodes an ECDSA private key to PEM format.
func EncodePublicKey ¶
EncodePublicKey encodes an ECDSA public key to PEM format.
func EncodeSignatureJWT ¶
EncodeSignatureJWT Encodes an ECDSA signature according to https://tools.ietf.org/html/rfc7515#appendix-A.3.1
func Hash512 ¶ added in v0.2.1
Hash512 generates a hash of data using HMAC-SHA-512/256. The tag is intended to be a natural-language string describing the purpose of the hash, such as "hash file for lookup key" or "master secret to client secret". It serves as an HMAC "key" and ensures that different purposes will have different hash output. This function is NOT suitable for hashing passwords.
Example ¶
tag := "hello tag" sha512 := Hash512(tag, plainText) md5 := Md5WithTag(tag, plainText) smd5 := Md5Sum(plainText) fmt.Println(ToHexString(sha512)) fmt.Println(ToHexString(md5)) fmt.Println(ToHexString(smd5))
Output: 85aba1262bf609a3c618cb1686db45580d231a0c4f2f547aaaeb768d5e1b1c92 563753d2208f028c66f169bd16ab0644 8c04b86aa649a1835d23587afce0aadf
func Md5WithTag ¶ added in v0.2.1
Md5WithTag which you should not use in password
func NewAES256Key ¶ added in v0.2.4
func NewAES256Key() *[32]byte
NewAES256Key generates a new 256-bit AES key from random It panics if the source of randomness fails.
Types ¶
This section is empty.
Source Files