Documentation ¶
Index ¶
Constants ¶
const (
// DefaultKeyLength specifies the default length for generated keys
DefaultKeyLength = 16
)
Variables ¶
This section is empty.
Functions ¶
func Base64Encoding ¶
Base64Encoding encodes the generated key into a base64 byte array with standard encoding settings (using base64.StdEncoding). The result can just be cast into a string to get a valid base64 string.
func HexEncoding ¶
HexEncoding encodes the generated key into a hexadecimal byte array. The result can just be cast into a string to get a hex string.
func NoopEncoding ¶
NoopEncoding is just a default noop encoder that returns the original byte array produced by the Generator.
Types ¶
type Generator ¶
type Generator struct {
// contains filtered or unexported fields
}
func NewGenerator ¶
NewGenerator returns a new key generator. If no options are specified, it will return a generator using the DefaultKeyLength, Secure random generator, NoopSigner, NoopVerifier and NoopEncoding.
func (*Generator) GenerateKey ¶
GenerateKey generates a random key. It will contain a signature if WithSigner has been set and is going to be encoded based on the WithEncoding option.
func (*Generator) VerifySignature ¶
VerifySignature returns true if the signature embedded in the key is valid. It uses the Verifier that has been set using the WithVerifier option.
type Option ¶
type Option func(*Generator)
func WithEncoding ¶
WithEncoding sets the given Encoder and Decoder to be used to handle key codings.
func WithKeyLength ¶
WithKeyLength overrides the DefaultKeyLength used to define the byte length of a generated key. Note this method will panic if it receives a keyLength of zero or smaller.
type Signer ¶
Signer receives a key and returns a signature for it.
func Ed25519Signer ¶
func Ed25519Signer(privateKey ed25519.PrivateKey) Signer
Ed25519Signer returns a signer that signs a key with an ed25519.PrivateKey. It will not be hashed.
func HmacSigner ¶
HmacSigner returns a signer that creates a hmac signature using the given hash function and signing key. If prefixLength is set to a value greater than 0, the signature will be capped. This can be used to shorten the overall key length, but reduces the security of the signing. Note that the prefixLength set must be the same as set in HmacVerifier.
func NoopSigner ¶
func NoopSigner() Signer
NoopSigner returns a signer that just returns an empty byte array (no signature).
type Verifier ¶
Verifier returns true if the signature is valid for the given key or false otherwise.
func Ed25519Verifier ¶
Ed25519Verifier verifies a key's signature using an ed25519.PublicKey.
func HmacVerifier ¶
HmacVerifier verifies the given signature using the hmac hashing. It accepts a hash method like sha1.New, the signing key to be used and a prefix length which is used to cap the signature at the first x bytes (this reduces the overall length of the keys). If no signature capping is wished, prefixLength can just be set to -1. Note that the prefixLength must match the one set in the HmacSigner or the validation will fail.
func NoopVerifier ¶
func NoopVerifier() Verifier
NoopVerifier returns a noop verifier which will always return true, no matter the key and signature given.