Documentation ¶
Overview ¶
Package message implements Rails/ActiveSupport style signed messages support in Golang. It is heavily based on the Rails ActiveSupport version, but it is NOT compatible with the Ruby version, because Go does not have a Ruby compatible Marshalling system.
I wrote this a few years ago, when I was first learning the language. Thus, it needs a lot of cleanup.
While similar to and heavily based on that package, this package currently only supports string messages.
Getting Started ¶
To use the package, you need to first initialize a message.Message object by calling NewMessage, passing in a Hash algorithm's New function and your secret key, to initialize the HMAC signing.
msg := message.NewMessage(sha1.New, "s3krit")
To generate a signed message, set parameters on the Message object:
msg.Message = "Your Message" msg.Expires = true msg.ExpiresIn = 30 * time.Minute msg.Purpose = "My Purpose"
Then call Generate() to create the signed, base64-encoded message:
signed, err := msg.Generate()
Verifying messages is similar to the ActiveSupport implementation.
Notes ¶
Note that this is not quite compatible with Rails, due to the fact that Go doesn't have a compatible Marshalling system.
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ErrInvalidMessage error = errors.New("message: Invalid message")
Error value returned if the Message cannot be decrypted or verified
var (
ErrInvalidSignature = errors.New("message: Invalid signature")
)
Functions ¶
This section is empty.
Types ¶
type EncryptedMessage ¶
EncryptedMessage encapsulates a Message with AES-256-GCM encryption.
func NewEncryptedMessage ¶
func NewEncryptedMessage(h func() hash.Hash, key []byte) EncryptedMessage
NewEncryptedMessage creates a newly initialized EncryptedMessage struct.
func (*EncryptedMessage) DecryptAndVerify ¶
func (e *EncryptedMessage) DecryptAndVerify(blob string) (string, error)
DecryptAndVerify decrypts and verifies the given message using AES-256-GCM.
func (*EncryptedMessage) EncryptAndSign ¶
func (e *EncryptedMessage) EncryptAndSign() (string, error)
EncryptAndSign encrypts and signs the given Message with AES-256-GCM.
type Message ¶
type Message struct { Message string `json:"message"` // the actual message Expires bool `json:"-"` // Whether the message expires or not ExpiresIn time.Duration `json:"-"` // Distance from time.Now that the message will expire ExpiresAt time.Time `json:"exp"` // Date and time the message expires Purpose string `json:"pur"` // Purpose of the message Debug bool `json:"-"` // Set to true to enable printing of debugging messages // contains filtered or unexported fields }
Message represents a signed message
func NewMessage ¶
NewMessage will eventually create an initialized Message object
func (*Message) GenerateDigest ¶
GenerateDigest generates an HMAC digest of the given data
func (*Message) ValidMessage ¶
ValidMessage checks if the given signed_message is valid
type RailsMessage ¶
type RailsMessage struct {
Message Message `json:"_rails"`
}
Attempt to work up a Rails compatible Message obj