README
¶
fpast2l
PASETO is a specification for secure, stateless authentication tokens. fpast2l is Go implementation of only the secret/symmetric part of version 2 of the PASETO spec.
There exists at least one implementation: o1egl/paseto, that covers the complete PASETO specification, is probably better written and better documenting. You should be using that instead.
The aim of fpast2l is not to be a complete or compatible implementation of the entire PASETO standard. It is written to meet specific needs and has no ambition for any sort of general use.
The key aim is to implement fast v2.local token generation in pure-Go with
the least amount of garbage possible. It is currently not completely garbage
free, which is what the roadmap will focus on. It is, however, slightly faster
than o1egl's implementation and produces less garbage.
Documentation
¶
Index ¶
Constants ¶
const KeySize = chacha20poly1305.KeySize
KeySize is the required length of the encryption key.
Variables ¶
var ( ErrBadKeySize = Error{errors.New("bad key size")} ErrBadHeader = Error{errors.New("bad header")} ErrBadEncoding = Error{errors.New("bad encoding")} ErrBadEncryption = Error{errors.New("decryption failed")} ErrEngNotInitialized = Error{errors.New("eng not properly initialized")} )
Errors.
Functions ¶
Types ¶
type Engine ¶
type Engine struct {
// contains filtered or unexported fields
}
Engine is a PASETO generator. It can be reused concurrently to generate multiple v2 local tokens as long as the encryption key and footer stay the same.
To facilitate concurrency, Engine should not mutate. Make copies (e.g. WithFooter), avoid references.
func New ¶
New constructs and returns a new Engine, with the encryption key K. New will panic if len(K) is not exactly KeySize bytes.
func (Engine) Decrypt ¶
Decrypt parses and decrypt s as a PASETO v2 local token. If successful, resulting plaintext is appended to p and returned.
Extra capacity of p, if available, is used for computation. Even if the encryption is unsuccessful, p should be overwritten or thrown away.
func (Engine) Encrypt ¶
Encrypt creates and returns a new PASETO v2 local token from the payload contained in b. b is encrypted in-place, meaning the contents of b will be overwritten with raw ciphertext. It is safe to reuse b or throw it away.
func (Engine) WithFooter ¶
WithFooter returns a copy of Engine with the footer in the copy set to f.
type Error ¶
type Error struct {
// contains filtered or unexported fields
}
Error is an error returned by this package.
func (Error) Error ¶
Error implements the builtin error interface. It returns the string representation of the Error.
func (Error) Internal ¶
Internal returns whether Error was a package-internal error. Package-internal errors are worst-case and typically should not leak outside of this package.
Source Files
Directories