acrypto

package
Version: v0.12.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 4, 2020 License: MIT Imports: 19 Imported by: 4

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	// ErrPasswordEncoderIsNil returned when given password encoder instance is nil.
	ErrPasswordEncoderIsNil = errors.New("security/crypto: password encoder is nil")
)
View Source
var (
	// ErrUnableToDecrypt returned for decrypt errors.
	ErrUnableToDecrypt = errors.New("security/crypto: unable to decrypt")
)

Functions

func AESDecrypt

func AESDecrypt(block cipher.Block, value []byte) ([]byte, error)

AESDecrypt method decrypts a given value with the given key block in CTR mode.

func AESDecryptString

func AESDecryptString(key, encryptedText string) (string, error)

AESDecryptString is convenient method to do AES decryption. It decrypts the encrypted text with given key.

func AESEncrypt

func AESEncrypt(block cipher.Block, value []byte) []byte

AESEncrypt method encrypts a given value with given key block in CTR mode.

func AESEncryptString

func AESEncryptString(key, text string) (string, error)

AESEncryptString is convenient method to do AES encryption.

The key argument should be the AES key, either 16, 24, or 32 bytes to select AES-128, AES-192, or AES-256.

func AddPasswordAlgorithm

func AddPasswordAlgorithm(name string, pe PasswordEncoder) error

AddPasswordAlgorithm method is add password algorithm to encoders list. Implementation have to implement interface `PasswordEncoder`.

func InitPasswordEncoders

func InitPasswordEncoders(cfg *config.Config) error

InitPasswordEncoders method initializes the password encoders based defined configuration in `security.password_encoder { ... }`

func Sign

func Sign(key, value []byte, sha string) []byte

Sign method signs a given value using HMAC and given SHA name.

func SignString

func SignString(key, text, sha string) string

SignString method signs the given text using provided key with HMAC SHA.

Supported SHA's are SHA-1, SHA-224, SHA-256, SHA-384, SHA-512.

func Verify

func Verify(key, value, mac []byte, sha string) bool

Verify method verifies given key, value and mac is valid. If valid it returns true otherwise false.

func VerifyString

func VerifyString(key, text, signedText, sha string) (bool, error)

VerifyString method verifies the signed text and text using provide key with HMAC SHA. Returns true if sign is valid otherwise false.

Supported SHA's are SHA-1, SHA-224, SHA-256, SHA-384, SHA-512.

Types

type BcryptEncoder

type BcryptEncoder struct {
	// contains filtered or unexported fields
}

BcryptEncoder struct implements `PasswordEncoder` interface for `bcrypt` hashing.

func (*BcryptEncoder) Compare

func (be *BcryptEncoder) Compare(hash, password []byte) bool

Compare method compares given password hash and password using bcrypt.

func (*BcryptEncoder) Generate

func (be *BcryptEncoder) Generate(password []byte) ([]byte, error)

Generate method returns the `bcrypt` password hash based on configured cost at `security.password_encoder.bcrypt.*`.

type PasswordEncoder

type PasswordEncoder interface {
	Generate(password []byte) ([]byte, error)
	Compare(hash, password []byte) bool
}

PasswordEncoder interface is used to implement generate password hash and compare given hash & password based chosen hashing type. Such as `bcrypt`, `scrypt` and `pbkdf2`.

Good read about hashing security https://crackstation.net/hashing-security.htm

func PasswordAlgorithm

func PasswordAlgorithm(alg string) PasswordEncoder

PasswordAlgorithm method returns the password encoder for given algorithm, Otherwise nil. Out-of-the-box supported passowrd algorithms are `bcrypt`, `scrypt` and `pbkdf2`. You can add your own if need be via method `AddPasswordEncoder`.

type Pbkdf2Encoder

type Pbkdf2Encoder struct {
	// contains filtered or unexported fields
}

Pbkdf2Encoder struct implements `PasswordEncoder` interface for `pbkdf2` hashing.

func (*Pbkdf2Encoder) Compare

func (pe *Pbkdf2Encoder) Compare(hash, password []byte) bool

Compare method compares given hash password and password using `pbkdf2`.

func (*Pbkdf2Encoder) Generate

func (pe *Pbkdf2Encoder) Generate(password []byte) ([]byte, error)

Generate method returns `pbkdf2` password hash based on configured values at `security.password_encoder.pbkdf2.*`.

type ScryptEncoder

type ScryptEncoder struct {
	// contains filtered or unexported fields
}

ScryptEncoder struct implements `PasswordEncoder` interface for `scrypt` hashing.

func (*ScryptEncoder) Compare

func (se *ScryptEncoder) Compare(hash, password []byte) bool

Compare method compares given hash password and password using `scrypt`.

func (*ScryptEncoder) Generate

func (se *ScryptEncoder) Generate(password []byte) ([]byte, error)

Generate method returns the `scrypt` password hash based on configured values at `security.password_encoder.scrypt.*`.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
t or T : Toggle theme light dark auto