Documentation
¶
Index ¶
- func FillRandom(buf []byte)
- func GetRandBytes(n int) []byte
- func IsKeyExpired(created int64, expireAfter time.Duration) bool
- func IsKeyInvalid(key Revokable, expireAfter time.Duration) bool
- func MemClr(buf []byte)
- func WithKey(key BytesAccessor, action func([]byte) error) error
- func WithKeyFunc(key BytesFuncAccessor, action func([]byte) ([]byte, error)) ([]byte, error)
- type BytesAccessor
- type BytesFuncAccessor
- type CryptoKey
- func (k *CryptoKey) Close()
- func (k *CryptoKey) Created() int64
- func (k *CryptoKey) IsClosed() bool
- func (k *CryptoKey) Revoked() bool
- func (k *CryptoKey) SetRevoked(revoked bool)
- func (k *CryptoKey) String() string
- func (k *CryptoKey) WithBytes(action func([]byte) error) error
- func (k *CryptoKey) WithBytesFunc(action func([]byte) ([]byte, error)) ([]byte, error)
- type Revokable
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func FillRandom ¶
func FillRandom(buf []byte)
FillRandom takes a buffer and overwrites it with cryptographically-secure random bytes.
func GetRandBytes ¶
GetRandBytes returns a slice of a specified length, filled with cryptographically-secure random bytes.
func IsKeyExpired ¶ added in v0.4.0
IsKeyExpired checks if the key's created timestamp is older than the allowed duration.
func IsKeyInvalid ¶ added in v0.4.0
IsKeyInvalid checks if the key is revoked or expired.
func WithKey ¶
func WithKey(key BytesAccessor, action func([]byte) error) error
WithKey takes in BytesAccessor, e.g., a CryptoKey, makes the underlying bytes readable, and passes them to the function provided. A reference MUST not be stored to the provided bytes. The underlying array will be wiped after the function exits.
func WithKeyFunc ¶
WithKeyFunc takes in a BytesFuncAccessor, e.g., a CryptoKey, makes the underlying bytes readable, and passes them to the function provided. A reference MUST not be stored to the provided bytes. The underlying array will be wiped after the function exits.
Types ¶
type BytesAccessor ¶ added in v0.4.0
type BytesFuncAccessor ¶ added in v0.4.0
type CryptoKey ¶
type CryptoKey struct {
// contains filtered or unexported fields
}
CryptoKey represents an unencrypted key stored in a secure section in memory.
func GenerateKey ¶
func GenerateKey(factory securememory.SecretFactory, created int64, size int) (*CryptoKey, error)
GenerateKey creates a new random CryptoKey.
func NewCryptoKey ¶
func NewCryptoKey(factory securememory.SecretFactory, created int64, revoked bool, key []byte) (*CryptoKey, error)
NewCryptoKey creates a CryptoKey using the given key. Note that the underlying array will be wiped after the function exits.
func NewCryptoKeyForTest ¶
NewCryptoKeyForTest creates a CryptoKey intended to be used for TEST only. TODO: explore refactoring dependent tests to eliminate the need for this function.
func (*CryptoKey) Close ¶
func (k *CryptoKey) Close()
Close destroys the underlying buffer for this key.
func (*CryptoKey) Created ¶
Created returns the time the CryptoKey was created as a Unix epoch in seconds.
func (*CryptoKey) Revoked ¶
Revoked returns whether the CryptoKey has been marked as revoked or not.
func (*CryptoKey) SetRevoked ¶
SetRevoked atomically sets the revoked flag of the CryptoKey to the given value.
Source Files