sec

package
v0.0.0-...-7690095 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 24, 2017 License: MIT Imports: 17 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	//dSecurityKey		    = "\x69\x51\xe8\x41\x50\x83\x19\xa4\xf0\x2f\xac\x7d\x99\xb7\x5e\xbe\x7e\x32\xf5\xa5\xf7\x1f\x43\x04\x96\xdd\x1b\xf0\x93\x4e\xc5\x44"
	//dCSRFToken			= "\xc7\x58\xa7\xf2\x15\x79\x54\x34\x24\xeb\x45\x50\x33\x0f\xa5\x52\x95\x36\x06\xb0\xb7\xdb\x5d\xa7\x07\xcf\xa5\x1c\x10\xe7\x4b\xd4"
	//dHashSalt			= "\x5d\xfb\xcf\x47\x30\xce\x2e\x43\xfa\x1c\x5f\xee\x76\x0f\xd7\x31\x14\x07\x24\xa8\xbf\xd0\x3c\x88\xfc\xa3\xdc\x3b\xae\xaa\x3a\x15"
	//dCSRFTokenLife		= 14400
	CSRFTokenMinLife       = 3600
	CSRFDefaultTokenLife   = 14400
	CSRFDefaultCookieName  = "XSRF-TOKEN"
	CSRFDefaultRequestName = "X-XSRF-TOKEN"
	CSRFTimestampLen       = 5
	CSRFRandTokenLen       = 16
)
View Source 
const DefaultSaltLen = 24

Variables

View Source 
var (
	ErrNonceGenFailed = errors.New("generating of random nonce failed")
	ErrNonceMissing   = errors.New("unable to locate nonce in encrypted message")
)
View Source 
var ErrSaltGenFailed = errors.New("unable to generate a random salt")

Functions

func AesCtrDecrypt 

func AesCtrDecrypt(key []byte, msg []byte) ([]byte, error)

AesCtrDecrypt decrypts the given encrypted msg with the key using AES CTR cipher, and returns the decrypted slice of bytes or error if any

func AesCtrDecryptBase64 

func AesCtrDecryptBase64(key []byte, msg string) (inp []byte, err error)

AesCtrDecryptBase64 decrypts the given encrypted msg of base64 format with the key using AES GCM cipher, and returns the decrypted slice of bytes or error if any

func AesCtrEncrypt 

func AesCtrEncrypt(key []byte, msg []byte) ([]byte, error)

AesCtrEncrypt encrypts the given msg with the key using AES CTR cipher, and returns the encrypted slice of bytes or error if any

func AesCtrEncryptBase64 

func AesCtrEncryptBase64(key []byte, msg []byte) (b64 string, err error)

AesCtrEncryptBase64 encrypts the given msg with the key using AES CTR cipher, and returns the base64 string format of the encrypted bytes or error if any

func AesGcmDecrypt 

func AesGcmDecrypt(key []byte, msg []byte) ([]byte, error)

AesGcmDecrypt decrypts the given encrypted msg with the key using AES GCM cipher, and returns the decrypted slice of bytes or error if any

func AesGcmDecryptBase64 

func AesGcmDecryptBase64(key []byte, msg string) (inp []byte, err error)

AesGcmDecryptBase64 decrypts the given encrypted msg of base64 format with the key using AES GCM cipher, and returns the decrypted slice of bytes or error if any

func AesGcmEncrypt 

func AesGcmEncrypt(key []byte, msg []byte) ([]byte, error)

AesGcmEncrypt encrypts the given msg with the key using AES GCM cipher, and returns the encrypted slice of bytes or error if any

func AesGcmEncryptBase64 

func AesGcmEncryptBase64(key []byte, msg []byte) (b64 string, err error)

AesGcmEncryptBase64 encrypts the given msg with the key using AES GCM cipher, and returns the base64 string format of the encrypted bytes or error if any

func GenPassword 

func GenPassword(l int) string

func GenRandomBase64String 

func GenRandomBase64String(l int) string

func GenRandomBytes 

func GenRandomBytes(l int) (rb []byte)

GenRandomBytes return a slice of random bytes of length l

func GenRandomHexString 

func GenRandomHexString(l int) string

func GenRandomString 

func GenRandomString(l int) string

func GenSessionID 

func GenSessionID(l ...int) string

func GenSessionIDBase32 

func GenSessionIDBase32(l ...int) string

func VerifyPassword 

func VerifyPassword(hashstr, pwd string) (ok bool)

func VerifyPasswordGetMeta 

func VerifyPasswordGetMeta(hashstr, pwd string) (bool, uint8, int8, uint8)

Types

type AuthPassword 

type AuthPassword struct {
	// contains filtered or unexported fields
}

func NewAuthPassword 

func NewAuthPassword(settings AuthPasswordConfig) *AuthPassword

func (*AuthPassword) CryptPassword 

func (ap *AuthPassword) CryptPassword(pwd string) (string, error)

func (*AuthPassword) HashIsOutdated 

func (ap *AuthPassword) HashIsOutdated(hashstr string) bool

func (*AuthPassword) VerifyPassword 

func (ap *AuthPassword) VerifyPassword(hashstr, pwd string) bool

func (*AuthPassword) VerifyPasswordAndUpdateHash 

func (ap *AuthPassword) VerifyPasswordAndUpdateHash(hashstr, pwd string) (bool, string)

when crypto is updated, the hash done using previous crypto can still be verified and the new hash with the updated crypto will be returned this allows rolling updates of new crypto hash function for password hashing

type AuthPasswordConfig 

type AuthPasswordConfig struct {
	SunnyConfig bool  `config.namespace:"sunnified.sec.auth"`
	Saltlen     uint8 `config.default:"24"`
	Strength    int8  `config.default:"5"` // strength ranges from 1-10
}

type CSRFGate 

type CSRFGate struct {
	// contains filtered or unexported fields
}

func NewCSRFGate 

func NewCSRFGate(settings CSRFGateConfig) *CSRFGate

func (*CSRFGate) CSRFToken 

func (cg *CSRFGate) CSRFToken(w http.ResponseWriter, r *http.Request) (crb CSRFRequestBody)

SetCSRFToken returns a CsrfRequestBody containing the name and value to be used as a query string or form input that can be verified by VerifyCSRFToken. Additionally, a cookie will be set (if ResponseWriter is not nil) to cross authenticate validity of token data if non exists

func (*CSRFGate) VerifyCSRFToken 

func (cg *CSRFGate) VerifyCSRFToken(r *http.Request) (valid bool)

VerifyCSRFToken checks whether the request r includes a valid CSRF token

type CSRFGateConfig 

type CSRFGateConfig struct {
	SunnyConfig bool `config.namespace:"sunnified.sec.csrf"`
	Key         []byte
	Token       []byte
	Tokenlife   int    `config.default:"14400"`
	Cookiename  string `config.default:"XSRF-TOKEN"`
	Reqname     string `config.default:"X-XSRF-TOKEN"`
}

type CSRFRequestBody 

type CSRFRequestBody struct {
	Name   string
	Value  string
	Cookie *http.Cookie
	Ok     bool
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.