keys

package

v0.0.0-...-2205d8a Latest Latest Go to latest Published: Apr 4, 2024 License: Apache-2.0 Imports: 17 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/offen/offen

Documentation ¶

Index ¶

Constants
Variables
func CompareString(s, versionedCipher string) error
func DecryptWith(key []byte, s string) ([]byte, error)
func DeriveKey(value, versionedSalt string) ([]byte, error)
func GenerateRSAKeypair(bits int) ([]byte, []byte, error)
func GenerateRandomBytes(size int) ([]byte, error)
func GenerateRandomValue(length int) (string, error)
func GenerateRandomValueWith(length int, encoder StringEncoder) (string, error)
func HashFast(value, versionedSalt string) (string, error)
func ValidatePassword(pw string) error
type StringEncoder
type VersionedCipher
- func (v *VersionedCipher) Marshal() string

Constants ¶

View Source

const (
	RSAKeyLength             = 4096
	DefaultSecretLength      = 16
	DefaultSaltLength        = 8
	DefaultEncryptionKeySize = 32
	DefaultPasswordHashSize  = 32
)

these constants collect default values for key and secret lengths

Variables ¶

View Source

var (
	ErrPasswordTooShort = errors.New("keys: given password is shorter than 8 characters")
	ErrPasswordTooLong  = errors.New("keys: given password is longer than 64 characters")
)

different errors will be returned for different validation failures

Functions ¶

func CompareString ¶

func CompareString(s, versionedCipher string) error

CompareString compares a string with a stored hash

func DecryptWith ¶

func DecryptWith(key []byte, s string) ([]byte, error)

DecryptWith decrypts the given value using the given key and nonce value.

func DeriveKey ¶

func DeriveKey(value, versionedSalt string) ([]byte, error)

DeriveKey wraps package argon2 in order to derive a symmetric key from the given value (most likely a password) and the given salt.

func GenerateRSAKeypair ¶

func GenerateRSAKeypair(bits int) ([]byte, []byte, error)

GenerateRSAKeypair creates an RSA key pair of the requested length

func GenerateRandomBytes ¶

func GenerateRandomBytes(size int) ([]byte, error)

GenerateRandomBytes generates a slice of bytes of the given size that is supposed to be used as a symmetric key.

func GenerateRandomValue ¶

func GenerateRandomValue(length int) (string, error)

GenerateRandomValue returns a slice of random values encoded as a Base64 string. This means the returned string will likely be longer than the requested length.

func GenerateRandomValueWith ¶

func GenerateRandomValueWith(length int, encoder StringEncoder) (string, error)

GenerateRandomValueWith returns a slice of random values encoded as a URL-sage Base64 string.

func HashFast ¶

func HashFast(value, versionedSalt string) (string, error)

HashFast creates a fast (i.e. not suitable for passwords) hash of the given value and the given salt

func ValidatePassword ¶

func ValidatePassword(pw string) error

ValidatePassword checks whether the given password meets all requirements of the currently applicable password policy

Types ¶

type StringEncoder ¶

type StringEncoder interface {
	EncodeToString([]byte) string
}

StringEncoder can encode a byte slice into a printable string.

type VersionedCipher ¶

type VersionedCipher struct {
	// contains filtered or unexported fields
}

VersionedCipher adds meta information to a ciphertext string.

func EncryptAsymmetricWith ¶

func EncryptAsymmetricWith(publicKey interface{}, value []byte) (*VersionedCipher, error)

EncryptAsymmetricWith uses the given RSA Public Key in JWK format to encrypt the given value into a versioned cipher.

func EncryptWith ¶

func EncryptWith(key, value []byte) (*VersionedCipher, error)

EncryptWith encrypts the given value symmetrically using the given key. In case of success it also returns the unique nonce value that has been used for encrypting the value and will be needed for clients that want to decrypt the ciphertext.

func HashString ¶

func HashString(s string) (*VersionedCipher, error)

HashString hashes the given string using argon2 using the latest configuration

func NewFastSalt ¶

func NewFastSalt(len int) (*VersionedCipher, error)

NewFastSalt creates a new user salt value of the default length and wraps it in a versioned cipher

func NewSalt ¶

func NewSalt(len int) (*VersionedCipher, error)

NewSalt creates a new salt value of the default length and wraps it in a versioned cipher using the latest available algo version

func (*VersionedCipher) Marshal ¶

func (v *VersionedCipher) Marshal() string

Marshal returns the string representation of v. It can be deserialized again using unmarshalVersionedCipher.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL