authio

package module

v0.0.0-...-bcaf304 Latest Latest Go to latest Published: Jan 3, 2023 License: MIT Imports: 5 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/adrianosela/authio

Links

Open Source Insights

README ¶

authio

Authenticated message implementations of io.Reader and io.Writer

Summary

authio.AppendMACWriter: computes and appends MACs on every message written
authio.VerifyMACReader: verifies and removes MACs from every message read
authio.AppendMACReader: computes and appends MACs on every message read
authio.VerifyMACWriter: verifies and removes MACs from every message written

Note that authio.Writer and authio.Reader are aliases for other types in this package. Under the hood they point to authio.AppendMACWriter and authio.VerifyMACReader respectively, which are considered "default" because they will be used in the vast majority of scenarios.

Road Map

Timestamp/SequenceNum/Nonces i.e. replay attack mitigation
Need to account for case where buffer given to Read(buf) is too small to fit all the data read from underlying io.Reader
- e.g. keep a buffer of already-verified bytes in-memory and copy those bytes first on the next Read(buf)
Unit tests for all functions
Better naming convention
Better message authentication (e.g. hash algo, size, etc) parameter setting on reader/writer building
Support asymmetric signing algorithms
Support OpenPGP / PGP key server integration

Usage

authio.AppendMACWriter: computes and appends MACs on every message written

common use case: adding MACs to data written to a net.Conn

// initialize new writer
authedWriter := authio.NewAppendMACWriter(conn, []byte("mysupersecretpassword"))

// writing an (unauthenticated) message results in an MAC being prepended
// to the message before getting written to the underlying io.Writer
n, err := authedWriter.Write(message)

// ...

authio.VerifyMACReader: verifies and removes MACs from every message read

common use case: verifying MAC on authenticated messages received over a net.Conn

// initialize new authenticated reader
authedReader := authio.NewVerifyMACReader(conn, []byte("mysupersecretpassword"))

// reading results in an (authenticated) message being read from the
// underlying io.Reader. The MAC on the message is verified and removed
// before the raw message is loaded onto the given buffer
authedWriter.Read(buffer)

// ...

authio.AppendMACReader: computes and appends MACs on every message read

common use case: adding MACs to data read from stdin

// initialize new authenticated reader
authedReader := authio.NewAppendMACReader(os.Stdin, []byte("mysupersecretpassword"))

// reading results in an (unauthenticated) message being read from the
// underlying io.Reader. An MAC is computed and prepended with every
// message read.
authedWriter.Read(buffer)

// ...

authio.VerifyMACWriter: verifies and removes MACs from every message written

common use case: verifying MAC on authenticated messages before writing raw message to stdout

// initialize new writer
authedWriter := authio.NewVerifyMACWriter(os.Stdout, []byte("mysupersecretpassword"))

// writing an (authenticated) message results in the MAC being verified and
// removed before writing the raw message to the underlying io.Writer 
n, err := authedWriter.Write(message)

// ...

Documentation ¶

Index ¶

type AppendMACReader
- func NewAppendMACReader(reader io.Reader, key []byte) *AppendMACReader
- func (r *AppendMACReader) Read(b []byte) (int, error)
type AppendMACWriter
- func NewAppendMACWriter(writer io.Writer, key []byte) *AppendMACWriter
- func (w *AppendMACWriter) Write(b []byte) (int, error)
type Reader
- func NewReader(reader io.Reader, key []byte) *Reader
type VerifyMACReader
- func NewVerifyMACReader(reader io.Reader, key []byte) *VerifyMACReader
- func (r *VerifyMACReader) Read(b []byte) (int, error)
type VerifyMACWriter
- func NewVerifyMACWriter(writer io.Writer, key []byte) *VerifyMACWriter
- func (w *VerifyMACWriter) Write(b []byte) (int, error)
type Writer
- func NewWriter(writer io.Writer, key []byte) *Writer

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AppendMACReader ¶

type AppendMACReader struct {
	// contains filtered or unexported fields
}

AppendMACReader is a reader that computes and prepends MACs to every message

func NewAppendMACReader ¶

func NewAppendMACReader(reader io.Reader, key []byte) *AppendMACReader

NewAppendMACReader returns a new AppendMACReader

func (*AppendMACReader) Read ¶

func (r *AppendMACReader) Read(b []byte) (int, error)

Read reads data onto the given buffer

type AppendMACWriter ¶

type AppendMACWriter struct {
	// contains filtered or unexported fields
}

AppendMACWriter is a writer that computes and prepends MACs to every message

func NewAppendMACWriter ¶

func NewAppendMACWriter(writer io.Writer, key []byte) *AppendMACWriter

NewAppendMACWriter wraps an io.Writer in an AppendMACWriter

func (*AppendMACWriter) Write ¶

func (w *AppendMACWriter) Write(b []byte) (int, error)

Write writes the contents of a buffer to a writer (with an included MAC)

type Reader ¶

type Reader struct {
	*VerifyMACReader
}

Reader is an authenticated message reader. Note that this type serves as an alias to whichever implementation of io.Reader is considered the default for this package.

func NewReader ¶

func NewReader(reader io.Reader, key []byte) *Reader

NewReader returns a default Reader implementation

type VerifyMACReader ¶

type VerifyMACReader struct {
	// contains filtered or unexported fields
}

VerifyMACReader is a reader that verifies and strips MACs from every message

func NewVerifyMACReader ¶

func NewVerifyMACReader(reader io.Reader, key []byte) *VerifyMACReader

NewVerifyMACReader returns a new VerifyMACReader

func (*VerifyMACReader) Read ¶

func (r *VerifyMACReader) Read(b []byte) (int, error)

Read reads data onto the given buffer

type VerifyMACWriter ¶

type VerifyMACWriter struct {
	// contains filtered or unexported fields
}

VerifyMACWriter is a writer that verifies and strips MACs on every message before writing them to the underlying writer.

func NewVerifyMACWriter ¶

func NewVerifyMACWriter(writer io.Writer, key []byte) *VerifyMACWriter

NewVerifyMACWriter wraps an io.Writer in an VerifyMACWriter

func (*VerifyMACWriter) Write ¶

func (w *VerifyMACWriter) Write(b []byte) (int, error)

Write writes the contents of a buffer to a writer (with MAC excluded)

type Writer ¶

type Writer struct {
	*AppendMACWriter
}

Writer is an authenticated message writer. Note that this type serves as an alias to whichever implementation of io.Writer is considered the default for this package.

func NewWriter ¶

func NewWriter(writer io.Writer, key []byte) *Writer

NewWriter returns a new Writer

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
_examples_
client_server/client
client_server/server
inverted_client_server/client
inverted_client_server/server
cmd
build_hmac
protocol
authenticator

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL