Documentation ¶
Overview ¶
Package fernet takes a user-provided message (an arbitrary sequence of bytes), a key (256 bits), and the current time, and produces a token, which contains the message in a form that can't be read or altered without the key.
For more information and background, see the Fernet spec at https://github.com/fernet/spec.
Subdirectories in this package provide command-line tools for working with Fernet keys and tokens.
Example ¶
k := fernet.MustDecodeKeys("cw_0x689RpI-jtRR7oE8h_eQsKImvJapLeSbXpwF4e4=") tok, err := fernet.EncryptAndSign([]byte("hello"), k[0]) if err != nil { panic(err) } msg := fernet.VerifyAndDecrypt(tok, 60*time.Second, k) fmt.Println(string(msg))
Output: hello
Index ¶
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func EncryptAndSign ¶
EncryptAndSign encrypts and signs msg with key k and returns the resulting fernet token. If msg contains text, the text should be encoded with UTF-8 to follow fernet convention.
func VerifyAndDecrypt ¶
VerifyAndDecrypt verifies that tok is a valid fernet token that was signed with a key in k at most ttl time ago only if ttl is greater than zero. Returns the message contained in tok if tok is valid, otherwise nil.
Types ¶
type Key ¶
type Key [32]byte
Key represents a key.
func DecodeKey ¶
DecodeKey decodes a key from s and returns it. The key can be in hexadecimal, standard base64, or URL-safe base64.
func DecodeKeys ¶
DecodeKeys decodes each element of a using DecodeKey and returns the resulting keys. Requires at least one key.
func MustDecodeKeys ¶
MustDecodeKeys is like DecodeKeys, but panics if an error occurs. It simplifies safe initialization of global variables holding keys.