aahframe.work: aahframe.work/security/acrypto Index | Files

package acrypto

import "aahframe.work/security/acrypto"

Index

Package Files

bcrypt.go crypto.go password_encoder.go pbkdf2.go scrypt.go

Variables

var (
    // ErrPasswordEncoderIsNil returned when given password encoder instance is nil.
    ErrPasswordEncoderIsNil = errors.New("security/crypto: password encoder is nil")
)
var (
    // ErrUnableToDecrypt returned for decrypt errors.
    ErrUnableToDecrypt = errors.New("security/crypto: unable to decrypt")
)

func AESDecrypt Uses

func AESDecrypt(block cipher.Block, value []byte) ([]byte, error)

AESDecrypt method decrypts a given value with the given key block in CTR mode.

func AESDecryptString Uses

func AESDecryptString(key, encryptedText string) (string, error)

AESDecryptString is convenient method to do AES decryption. It decrypts the encrypted text with given key.

func AESEncrypt Uses

func AESEncrypt(block cipher.Block, value []byte) []byte

AESEncrypt method encrypts a given value with given key block in CTR mode.

func AESEncryptString Uses

func AESEncryptString(key, text string) (string, error)

AESEncryptString is convenient method to do AES encryption.

The key argument should be the AES key, either 16, 24, or 32 bytes to select AES-128, AES-192, or AES-256.

func AddPasswordAlgorithm Uses

func AddPasswordAlgorithm(name string, pe PasswordEncoder) error

AddPasswordAlgorithm method is add password algorithm to encoders list. Implementation have to implement interface `PasswordEncoder`.

func InitPasswordEncoders Uses

func InitPasswordEncoders(cfg *config.Config) error

InitPasswordEncoders method initializes the password encoders based defined configuration in `security.password_encoder { ... }`

func Sign Uses

func Sign(key, value []byte, sha string) []byte

Sign method signs a given value using HMAC and given SHA name.

func SignString Uses

func SignString(key, text, sha string) string

SignString method signs the given text using provided key with HMAC SHA.

Supported SHA's are SHA-1, SHA-224, SHA-256, SHA-384, SHA-512.

func Verify Uses

func Verify(key, value, mac []byte, sha string) bool

Verify method verifies given key, value and mac is valid. If valid it returns true otherwise false.

func VerifyString Uses

func VerifyString(key, text, signedText, sha string) (bool, error)

VerifyString method verifies the signed text and text using provide key with HMAC SHA. Returns true if sign is valid otherwise false.

Supported SHA's are SHA-1, SHA-224, SHA-256, SHA-384, SHA-512.

type BcryptEncoder Uses

type BcryptEncoder struct {
    // contains filtered or unexported fields
}

BcryptEncoder struct implements `PasswordEncoder` interface for `bcrypt` hashing.

func (*BcryptEncoder) Compare Uses

func (be *BcryptEncoder) Compare(hash, password []byte) bool

Compare method compares given password hash and password using bcrypt.

func (*BcryptEncoder) Generate Uses

func (be *BcryptEncoder) Generate(password []byte) ([]byte, error)

Generate method returns the `bcrypt` password hash based on configured cost at `security.password_encoder.bcrypt.*`.

type PasswordEncoder Uses

type PasswordEncoder interface {
    Generate(password []byte) ([]byte, error)
    Compare(hash, password []byte) bool
}

PasswordEncoder interface is used to implement generate password hash and compare given hash & password based chosen hashing type. Such as `bcrypt`, `scrypt` and `pbkdf2`.

Good read about hashing security https://crackstation.net/hashing-security.htm

func PasswordAlgorithm Uses

func PasswordAlgorithm(alg string) PasswordEncoder

PasswordAlgorithm method returns the password encoder for given algorithm, Otherwise nil. Out-of-the-box supported passowrd algorithms are `bcrypt`, `scrypt` and `pbkdf2`. You can add your own if need be via method `AddPasswordEncoder`.

type Pbkdf2Encoder Uses

type Pbkdf2Encoder struct {
    // contains filtered or unexported fields
}

Pbkdf2Encoder struct implements `PasswordEncoder` interface for `pbkdf2` hashing.

func (*Pbkdf2Encoder) Compare Uses

func (pe *Pbkdf2Encoder) Compare(hash, password []byte) bool

Compare method compares given hash password and password using `pbkdf2`.

func (*Pbkdf2Encoder) Generate Uses

func (pe *Pbkdf2Encoder) Generate(password []byte) ([]byte, error)

Generate method returns `pbkdf2` password hash based on configured values at `security.password_encoder.pbkdf2.*`.

type ScryptEncoder Uses

type ScryptEncoder struct {
    // contains filtered or unexported fields
}

ScryptEncoder struct implements `PasswordEncoder` interface for `scrypt` hashing.

func (*ScryptEncoder) Compare Uses

func (se *ScryptEncoder) Compare(hash, password []byte) bool

Compare method compares given hash password and password using `scrypt`.

func (*ScryptEncoder) Generate Uses

func (se *ScryptEncoder) Generate(password []byte) ([]byte, error)

Generate method returns the `scrypt` password hash based on configured values at `security.password_encoder.scrypt.*`.

Package acrypto imports 19 packages (graph) and is imported by 12 packages. Updated 2019-03-26. Refresh now. Tools for package owners.