acrypto

package
v0.12.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 4, 2020 License: MIT Imports: 19 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	// ErrPasswordEncoderIsNil returned when given password encoder instance is nil.
	ErrPasswordEncoderIsNil = errors.New("security/crypto: password encoder is nil")
)
View Source 
var (
	// ErrUnableToDecrypt returned for decrypt errors.
	ErrUnableToDecrypt = errors.New("security/crypto: unable to decrypt")
)

Functions

func AESDecrypt 

func AESDecrypt(block cipher.Block, value []byte) ([]byte, error)

AESDecrypt method decrypts a given value with the given key block in CTR mode.

func AESDecryptString 

func AESDecryptString(key, encryptedText string) (string, error)

AESDecryptString is convenient method to do AES decryption. It decrypts the encrypted text with given key.

func AESEncrypt 

func AESEncrypt(block cipher.Block, value []byte) []byte

AESEncrypt method encrypts a given value with given key block in CTR mode.

func AESEncryptString 

func AESEncryptString(key, text string) (string, error)

AESEncryptString is convenient method to do AES encryption.

The key argument should be the AES key, either 16, 24, or 32 bytes to select AES-128, AES-192, or AES-256.

func AddPasswordAlgorithm 

func AddPasswordAlgorithm(name string, pe PasswordEncoder) error

AddPasswordAlgorithm method is add password algorithm to encoders list. Implementation have to implement interface `PasswordEncoder`.

func InitPasswordEncoders 

func InitPasswordEncoders(cfg *config.Config) error

InitPasswordEncoders method initializes the password encoders based defined configuration in `security.password_encoder { ... }`

func Sign 

func Sign(key, value []byte, sha string) []byte

Sign method signs a given value using HMAC and given SHA name.

func SignString 

func SignString(key, text, sha string) string

SignString method signs the given text using provided key with HMAC SHA.

Supported SHA's are SHA-1, SHA-224, SHA-256, SHA-384, SHA-512.

func Verify 

func Verify(key, value, mac []byte, sha string) bool

Verify method verifies given key, value and mac is valid. If valid it returns true otherwise false.

func VerifyString 

func VerifyString(key, text, signedText, sha string) (bool, error)

VerifyString method verifies the signed text and text using provide key with HMAC SHA. Returns true if sign is valid otherwise false.

Supported SHA's are SHA-1, SHA-224, SHA-256, SHA-384, SHA-512.

Types

type BcryptEncoder 

type BcryptEncoder struct {
	// contains filtered or unexported fields
}

BcryptEncoder struct implements `PasswordEncoder` interface for `bcrypt` hashing.

func (*BcryptEncoder) Compare 

func (be *BcryptEncoder) Compare(hash, password []byte) bool

Compare method compares given password hash and password using bcrypt.

func (*BcryptEncoder) Generate 

func (be *BcryptEncoder) Generate(password []byte) ([]byte, error)

Generate method returns the `bcrypt` password hash based on configured cost at `security.password_encoder.bcrypt.*`.

type PasswordEncoder 

type PasswordEncoder interface {
	Generate(password []byte) ([]byte, error)
	Compare(hash, password []byte) bool
}

PasswordEncoder interface is used to implement generate password hash and compare given hash & password based chosen hashing type. Such as `bcrypt`, `scrypt` and `pbkdf2`.

Good read about hashing security https://crackstation.net/hashing-security.htm

func PasswordAlgorithm 

func PasswordAlgorithm(alg string) PasswordEncoder

PasswordAlgorithm method returns the password encoder for given algorithm, Otherwise nil. Out-of-the-box supported passowrd algorithms are `bcrypt`, `scrypt` and `pbkdf2`. You can add your own if need be via method `AddPasswordEncoder`.

type Pbkdf2Encoder 

type Pbkdf2Encoder struct {
	// contains filtered or unexported fields
}

Pbkdf2Encoder struct implements `PasswordEncoder` interface for `pbkdf2` hashing.

func (*Pbkdf2Encoder) Compare 

func (pe *Pbkdf2Encoder) Compare(hash, password []byte) bool

Compare method compares given hash password and password using `pbkdf2`.

func (*Pbkdf2Encoder) Generate 

func (pe *Pbkdf2Encoder) Generate(password []byte) ([]byte, error)

Generate method returns `pbkdf2` password hash based on configured values at `security.password_encoder.pbkdf2.*`.

type ScryptEncoder 

type ScryptEncoder struct {
	// contains filtered or unexported fields
}

ScryptEncoder struct implements `PasswordEncoder` interface for `scrypt` hashing.

func (*ScryptEncoder) Compare 

func (se *ScryptEncoder) Compare(hash, password []byte) bool

Compare method compares given hash password and password using `scrypt`.

func (*ScryptEncoder) Generate 

func (se *ScryptEncoder) Generate(password []byte) ([]byte, error)

Generate method returns the `scrypt` password hash based on configured values at `security.password_encoder.scrypt.*`.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.