Documentation
¶
Overview ¶
Package crypto provides functions for managing encryption, keys, etc.
Index ¶
- Constants
- Variables
- func CorrectPassword(hash string, password string) bool
- func GenerateCertificate(certPath, keyPath, host, method string) error
- func GenerateKeys() (encryptPublicKey *[32]byte, encryptPrivateKey *[32]byte, ...)
- func GenerateMasterToken(key []byte) (string, error)
- func GetAPIPrivateKey(t *jwt.Token) (interface{}, error)
- func GetFakeAPIKey(tok *jwt.Token) (interface{}, error)
- func GetGithubKey(pemFile io.Reader) (ssh.AuthMethod, error)
- func HashPassword(password string) (string, error)
- func IsLegalString(str string) bool
- func Seal(valueBytes []byte, encryptPrivateKey, decryptPublicKey *[32]byte) ([]byte, error)
- func UndoSeal(value []byte, encryptPublicKey, decryptPrivateKey *[32]byte) ([]byte, error)
- func ValidateCredentialValues(username, password string) error
- type TokenClaims
Constants ¶
const ( // TokenInvalidErrorMsg says that the token is invalid TokenInvalidErrorMsg = "token invalid" // TokenExpiredErrorMsg says that the token is expired TokenExpiredErrorMsg = "token expired" )
Variables ¶
var ( // TestPrivateKey is an example key for testing purposes TestPrivateKey = []byte("very_sekrit_key") // TestMasterToken is an example token for testing purposes. This is // generated by TestGenerateMasterToken, and is a master token. TestMasterToken = "" /* 185-byte string literal not displayed */ // TestInertiaKeyPath the path to Inertia's test RSA key TestInertiaKeyPath = path.Join(os.Getenv("GOPATH"), "/src/github.com/ubclaunchpad/inertia/test/keys/id_rsa") )
var ( // DaemonGithubKeyLocation is the default path of the generated deploy key DaemonGithubKeyLocation = os.Getenv("INERTIA_GH_KEY_PATH") //"/app/host/.ssh/id_rsa_inertia_deploy" )
Functions ¶
func CorrectPassword ¶
CorrectPassword checks if given password maps correctly to the given hash
func GenerateCertificate ¶
GenerateCertificate creates an SSL certificate for HTTPS use
func GenerateKeys ¶
func GenerateKeys() (encryptPublicKey *[32]byte, encryptPrivateKey *[32]byte, decryptPublicKey *[32]byte, decryptPrivateKey *[32]byte, err error)
GenerateKeys creates 2 sets of keys - one for decryption, one for encryption
func GenerateMasterToken ¶
GenerateMasterToken creates a "master" JSON Web Token (JWT) for a client to use when sending HTTP requests to the daemon server.
func GetAPIPrivateKey ¶
GetAPIPrivateKey returns the private RSA key to authenticate HTTP requests sent to the daemon. For now, we simply use the GitHub deploy key. Retrieves from default DaemonGithubKeyLocation.
func GetFakeAPIKey ¶
GetFakeAPIKey is a helper function that implements jwt.keyFunc and returns the test private key
func GetGithubKey ¶
func GetGithubKey(pemFile io.Reader) (ssh.AuthMethod, error)
GetGithubKey returns an ssh.AuthMethod from the given io.Reader for use with the go-git library
func HashPassword ¶
HashPassword generates a bcrypt-encrypted hash from given password
func IsLegalString ¶
IsLegalString returns true if `str` only contains characters [A-Z], [a-z], or '_' or '-'
func ValidateCredentialValues ¶
ValidateCredentialValues takes a username and password and verifies if they are of sufficient length and if they only contain legal characters
Types ¶
type TokenClaims ¶
type TokenClaims struct {
SessionID string `json:"session_id"`
User string `json:"user"`
Admin bool `json:"admin"`
Expiry time.Time `json:"expiry"`
}
TokenClaims represents a JWT token's claims
func ValidateToken ¶
func ValidateToken(tokenString string, lookup jwt.Keyfunc) (*TokenClaims, error)
ValidateToken ensures token is valid and returns its metadata
func (*TokenClaims) GenerateToken ¶
func (t *TokenClaims) GenerateToken(key []byte) (string, error)
GenerateToken creates a JWT token from this claim, signed with given key
func (*TokenClaims) IsMaster ¶
func (t *TokenClaims) IsMaster() bool
IsMaster returns true if this is a mster key
Source Files