Documentation ¶
Index ¶
- func Decrypt(data []byte, key []byte) (plaintext []byte, err error)
- func Encrypt(data []byte, key []byte) []byte
- func GenerateRandomBytes(n int) ([]byte, error)
- func GenerateRandomString(s int) (string, error)
- func SessionDecrypt(ctx context.Context, encryptedValue []byte) []byte
- func SessionDecryptAttributeValue(ctx context.Context, encryptedValue string) string
- func SessionDecryptUrlValue(ctx context.Context, encryptedValue string) string
- func SessionEncrypt(ctx context.Context, value []byte) []byte
- func SessionEncryptAttributeValue(ctx context.Context, value string) string
- func SessionEncryptUrlValue(ctx context.Context, value string) string
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Decrypt ¶
Decrypt will decrypt something created by Encrypt. If the data is not decryptable, either because it is corrupt, or the key changed, an error is returned. Otherwise, if there is a system failure, it will panic.
func Encrypt ¶
Encrypt will encrypt the data using AES-GCM and return the encrypted data. Using Decrypt to decrypt the data. key is recommended to be 16 bytes long, and will produce an AES-128 encryption using GCM which is currently considered secure. Note that this is due to our use of GCM. When using CBC, AES-256 is considered secure, but GCM is better and faster. Errors will panic, since they are caused by some kind of system wide failure or a bad key size.
func GenerateRandomBytes ¶
GenerateRandomBytes returns securely generated random bytes. It will return an error if the system's secure random number generator fails to function correctly.
func GenerateRandomString ¶
GenerateRandomString returns a base64 encoded securely generated random string. The given value is the length of the initial random bytes represented by the base64 string. The actual length of the string will be bigger.
func SessionDecrypt ¶
SessionDecrypt will decrypt a value that was encrypted by the SessionEncrypt. If there was a problem with the decryption process, the result will be nil.
func SessionDecryptAttributeValue ¶
SessionDecryptAttributeValue decrypts a value encrypted with SessionEncryptAttributeValue. If there was a problem, an empty string is returned.
func SessionDecryptUrlValue ¶
SessionDecryptUrlValue decrypts the give value that was encrypted using SessionEncryptUrlValue. If there was a problem, an empty string is returned.
func SessionEncrypt ¶
SessionEncrypt encrypts the value so that as long as the session does not change, it can be decrypted using SessionDecrypt. This is useful for any time you might need to send something to the browser that would pose a security risk, like a database id, or a pagestate in a URL. The resulting value is a raw byte stream and is not suitable for sending to the browser. See the other utilities for helpers depending on where you are sending the data.
func SessionEncryptAttributeValue ¶
SessionEncryptAttributeValue encrypts a value so that it can be used as a value in an html attribute. Decrypt this value with SessionDecryptAttributeValue. It uses the ascii85 encoding algorithm.
Types ¶
This section is empty.