README
¶
Crypto Library
A collection of cryptographic utilities.
Documentation
¶
Overview ¶
Package crypto is a collection of cryptographic utilities.
Index ¶
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type HMACEncoder ¶
type HMACEncoder struct {
// contains filtered or unexported fields
}
HMACEncoder is an encoder that can verify and optionally encrypt message
func NewHMACEncoder ¶
func NewHMACEncoder(hashKey, blockKey []byte) (*HMACEncoder, error)
NewHMACEncoder returns a new instance of the HMACEncoder. Hash key must be 32 or 64 bytes. Block key can be nil, which will disable encryption, or 16|24|32 bytes (AES-128|192|256).
func (*HMACEncoder) Decode ¶
func (s *HMACEncoder) Decode(name string, data []byte, dst *[]byte) error
Decode restores the data processed by Encode().
func (*HMACEncoder) DecodeWithTTL ¶
func (s *HMACEncoder) DecodeWithTTL(name string, minAge, maxAge int64, data []byte, dst *[]byte) error
DecodeWithTTL restores the data processed by Encode(). An error occurs if minAge or maxAge TTL (seconds) check fails with the embedded message timestamp.
Example ¶
package main
import (
"fmt"
"time"
"github.com/gozl/crypto"
)
func main() {
src := "this is a secret message"
hashKey := crypto.GetBytes(32)
blockKey := crypto.GetBytes(32)
// pass in nil instead of blockKey if you don't need encryption
encoder, _ := crypto.NewHMACEncoder(hashKey, blockKey)
encrypted, _ := encoder.Encode("test1", []byte(src))
time.Sleep(4 * time.Second)
var decrypted []byte
err := encoder.DecodeWithTTL("test1", 0, 2, encrypted, &decrypted)
if err != nil {
fmt.Println(err.Error())
} else {
fmt.Println(string(decrypted))
}
err2 := encoder.DecodeWithTTL("test1", 0, 5, encrypted, &decrypted)
if err2 != nil {
fmt.Println(err2.Error())
} else {
fmt.Println(string(decrypted))
}
}
Output: data has expired this is a secret message
func (*HMACEncoder) Encode ¶
func (s *HMACEncoder) Encode(name string, data []byte) ([]byte, error)
Encode produces a base64 encoded value that is HMAC signed. It will also be encrypted if the HMACEncoder is initialized with blockKeys.
Example ¶
package main
import (
"fmt"
"github.com/gozl/crypto"
)
func main() {
src := "this is a secret message"
hashKey := crypto.GetBytes(32)
blockKey := crypto.GetBytes(32)
// pass in nil instead of blockKey if you don't need encryption
encoder, err1 := crypto.NewHMACEncoder(hashKey, blockKey)
if err1 != nil {
fmt.Println(err1.Error())
}
encrypted, err2 := encoder.Encode("test1", []byte(src))
if err2 != nil {
fmt.Println(err2.Error())
}
var decrypted []byte
err3 := encoder.Decode("test1", encrypted, &decrypted)
if err3 != nil {
fmt.Println(err3.Error())
}
fmt.Println("Original : " + src)
//fmt.Println("Encoded : " + string(encrypted))
fmt.Println("Restored : " + string(decrypted))
}
Output: Original : this is a secret message Restored : this is a secret message
Source Files
Click to show internal directories.
Click to hide internal directories.