dangerous

package module

v0.1.1 Latest Latest Go to latest Published: Dec 21, 2017 License: Apache-2.0 Imports: 6 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/aisola/dangerous

Links

Open Source Insights

README ¶

Dangerous

In today's crazy world of the Internet, untrusted environments are everywhere. How do you safely send trusted data into the wild? Sign it! Given a key that you know (and others don't), you can cryptographically sign your data and send it into the wild. When you get the data back, you can easily check that the data wasn't changed.

Internally, dangerous uses HMAC and SHA1 for signing by default.

Installation

go get github.com/aisola/dangerous

Example Use Cases

You can serialize and sign a user ID for unsubscribing of newsletters into URLs. This way you don’t need to generate one-time tokens and store them in the database. Same thing with any kind of activation link for accounts and similar things.
Signed objects can be stored in cookies or other untrusted sources which means you don’t need to have sessions stored on the server, which reduces the number of necessary database queries.
Signed information can safely do a roundtrip between server and client in general which makes them useful for passing server-side state to a client and then back.

Documentation ¶

Index ¶

Variables
type GenericSigner
- func (gs *GenericSigner) Sign(message string) string
- func (gs *GenericSigner) Verify(payload string) (string, error)
type Signer
- func NewGenericSigner(key string) Signer

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrInvalidSignature = errors.New("invalid signature")
)

Functions ¶

This section is empty.

Types ¶

type GenericSigner ¶

type GenericSigner struct {
	// contains filtered or unexported fields
}

GenericSigner is the first and simple signer that is sufficient for simple applications. This signer takes a key of sufficient length. It will generate the signature based on HMAC+SHA1.

func (*GenericSigner) Sign ¶

func (gs *GenericSigner) Sign(message string) string

Sign will compute the HMAC-SHA1 signature of the given message. The message and signature are then individually base64 encoded and concatenated by a period.

func (*GenericSigner) Verify ¶

func (gs *GenericSigner) Verify(payload string) (string, error)

Verify will return the data of the validated payload or an error.

type Signer ¶

type Signer interface {
	Sign(string) string
	Verify(string) (string, error)
}

Signer is the interface to which all signers must conform.

func NewGenericSigner ¶

func NewGenericSigner(key string) Signer

NewGenericSigner creates a new standard signer with the given key.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
mock

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL