Documentation ¶
Overview ¶
Package mcrypto contains general purpose functionality related to cryptography, notably related to unique identifiers, signing/verifying data, and encrypting/decrypting data
Index ¶
- Variables
- func NewKeyPair() (PublicKey, PrivateKey)
- func NewWeakKeyPair() (PublicKey, PrivateKey)
- func Verify(v Verifier, s Signature, r io.Reader) error
- func VerifyBytes(v Verifier, s Signature, b []byte) error
- func VerifyString(v Verifier, s Signature, in string) error
- type PrivateKey
- type PublicKey
- type Secret
- type Signature
- func (s Signature) KV() map[string]interface{}
- func (s Signature) MarshalJSON() ([]byte, error)
- func (s Signature) MarshalText() ([]byte, error)
- func (s Signature) String() string
- func (s Signature) Time() time.Time
- func (s *Signature) UnmarshalJSON(b []byte) error
- func (s *Signature) UnmarshalText(b []byte) error
- type Signer
- type UUID
- func (u UUID) Equal(u2 UUID) bool
- func (u UUID) KV() map[string]interface{}
- func (u UUID) MarshalJSON() ([]byte, error)
- func (u UUID) MarshalText() ([]byte, error)
- func (u UUID) String() string
- func (u UUID) Time() time.Time
- func (u *UUID) UnmarshalJSON(b []byte) error
- func (u *UUID) UnmarshalText(b []byte) error
- type Verifier
Constants ¶
This section is empty.
Variables ¶
var ( // ErrInvalidSig is returned by Signer related functions when an invalid // signature is used, e.g. it is a signature for different data, or uses a // different secret key, or has expired ErrInvalidSig = errors.New("invalid signature") )
Functions ¶
func NewKeyPair ¶
func NewKeyPair() (PublicKey, PrivateKey)
NewKeyPair generates and returns a complementary public/private key pair
func NewWeakKeyPair ¶
func NewWeakKeyPair() (PublicKey, PrivateKey)
NewWeakKeyPair is like NewKeyPair but the returned pair uses fewer bits (though still a reasonably secure amount for data that doesn't need security guarantees into the year 3000 whatever).
func Verify ¶
Verify reads all data from the io.Reader and uses the Verifier to verify that the Signature is for that data.
Returns any errors from io.Reader, or ErrInvalidSig (use merr.Equal(err, mcrypto.ErrInvalidSig) to check).
func VerifyBytes ¶
VerifyBytes uses the Verifier to verify that the Signature is for the given []bytes.
Returns ErrInvalidSig (use merr.Equal(err, mcrypto.ErrInvalidSig) to check).
Types ¶
type PrivateKey ¶
type PrivateKey struct {
*rsa.PrivateKey
}
PrivateKey is a wrapper around an rsa.PrivateKey which simplifies using it and adds marshaling/unmarshaling methods.
A PrivateKey automatically implements the Signer interface.
func (PrivateKey) KV ¶
func (pk PrivateKey) KV() map[string]interface{}
KV implements the method for the mlog.KVer interface
func (PrivateKey) MarshalJSON ¶
func (pk PrivateKey) MarshalJSON() ([]byte, error)
MarshalJSON implements the method for the json.Marshaler interface
func (PrivateKey) MarshalText ¶
func (pk PrivateKey) MarshalText() ([]byte, error)
MarshalText implements the method for the encoding.TextMarshaler interface
func (PrivateKey) String ¶
func (pk PrivateKey) String() string
func (*PrivateKey) UnmarshalJSON ¶
func (pk *PrivateKey) UnmarshalJSON(b []byte) error
UnmarshalJSON implements the method for the json.Unmarshaler interface
func (*PrivateKey) UnmarshalText ¶
func (pk *PrivateKey) UnmarshalText(b []byte) error
UnmarshalText implements the method for the encoding.TextUnmarshaler interface
type PublicKey ¶
PublicKey is a wrapper around an rsa.PublicKey which simplifies using it and adds marshaling/unmarshaling methods.
A PublicKey automatically implements the Verifier interface.
func (PublicKey) MarshalJSON ¶
MarshalJSON implements the method for the json.Marshaler interface
func (PublicKey) MarshalText ¶
MarshalText implements the method for the encoding.TextMarshaler interface
func (*PublicKey) UnmarshalJSON ¶
UnmarshalJSON implements the method for the json.Unmarshaler interface
func (*PublicKey) UnmarshalText ¶
UnmarshalText implements the method for the encoding.TextUnmarshaler interface
type Secret ¶
type Secret struct {
// contains filtered or unexported fields
}
Secret contains a set of bytes which are inteded to remain secret within some context (e.g. a backend application keeping a secret from the frontend).
Secret inherently implements the Signer and Verifier interfaces.
Secret can be initialized with NewSecret or NewWeakSecret. The Signatures produced by these will be of differing lengths, but either can Verify a Signature made by the other as long as the secret bytes they are initialized with are the same.
func NewSecret ¶
NewSecret initializes and returns an instance of Secret which uses the given bytes as the underlying secret.
func NewWeakSecret ¶
NewWeakSecret is like NewSecret but the Signatures it produces will be shorter and weaker (though still secure enough for most applications). Signatures produced by either normal or weak Secrets can be Verified by the other.
type Signature ¶
type Signature struct {
// contains filtered or unexported fields
}
Signature marshals/unmarshals an actual signature, produced internally by a Signer, along with the timestamp the signing took place and a random salt.
All signatures produced in this package will have had the timestamp and salt included in the signature's input data, and so are also checked by the Verifier.
func SignString ¶
SignString uses the Signer to generate a Signature for the given string
func (Signature) MarshalJSON ¶
MarshalJSON implements the method for the json.Marshaler interface
func (Signature) MarshalText ¶
MarshalText implements the method for the encoding.TextMarshaler interface
func (*Signature) UnmarshalJSON ¶
UnmarshalJSON implements the method for the json.Unmarshaler interface
func (*Signature) UnmarshalText ¶
UnmarshalText implements the method for the encoding.TextUnmarshaler interface
type Signer ¶
type Signer interface {
// contains filtered or unexported methods
}
Signer is some entity which can generate signatures for arbitrary data and can later verify those signatures
type UUID ¶
type UUID struct {
// contains filtered or unexported fields
}
UUID is a universally unique identifier which embeds within it a timestamp.
Only Unmarshal methods should be called on the zero UUID value.
Comparing the equality of two UUID's should always be done using the Equal method, or by comparing their string forms.
The string form of UUIDs (returned by String or MarshalText) are lexigraphically order-able by their embedded timestamp.
func (UUID) MarshalJSON ¶
MarshalJSON implements the method for the json.Marshaler interface
func (UUID) MarshalText ¶
MarshalText implements the method for the encoding.TextMarshaler interface
func (*UUID) UnmarshalJSON ¶
UnmarshalJSON implements the method for the json.Unmarshaler interface
func (*UUID) UnmarshalText ¶
UnmarshalText implements the method for the encoding.TextUnmarshaler interface