encryption

package

v0.4.0 Latest Latest Go to latest Published: May 5, 2025 License: MIT Imports: 18 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/atlet99/yaml-encrypter-decrypter

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func Decrypt(password, ciphertext string, algorithm ...KeyDerivationAlgorithm) (string, error)
func DecryptToString(encrypted string, password string) (string, error)
func Encrypt(password, plaintext string, algorithm ...KeyDerivationAlgorithm) (string, error)
func GetAvailableAlgorithms() []string
func IsPasswordBreached(password string) (bool, error)
func SetDefaultAlgorithm(algorithm KeyDerivationAlgorithm)
func SuggestPasswordImprovement(password string) []string
func ValidatePasswordStrength(password string) error
type KeyDerivationAlgorithm
- func GetAvailableKeyDerivationAlgorithms() []KeyDerivationAlgorithm
- func ValidateAlgorithm(algorithm string) (KeyDerivationAlgorithm, error)
type PasswordStrengthError
- func (e *PasswordStrengthError) Error() string

Constants ¶

View Source

const (
	// Key derivation algorithms
	PBKDF2SHA512Algorithm KeyDerivationAlgorithm = "pbkdf2-sha512"
	PBKDF2SHA256Algorithm KeyDerivationAlgorithm = "pbkdf2-sha256"
	Argon2idAlgorithm     KeyDerivationAlgorithm = "argon2id"

	// Algorithm indicator size
	AlgorithmIndicatorLength = 1

	// These constants needed for tests
	Argon2idTime    = 4
	Argon2idMemory  = 9216
	Argon2idThreads = 1
	Argon2idKeyLen  = 32
	PBKDF2KeyLen    = 32

	// Constants for algorithm indicators
	Argon2idIndicator     byte = 0x01
	PBKDF2SHA256Indicator byte = 0x02
	PBKDF2SHA512Indicator byte = 0x03
)

View Source

const (
	// PasswordMinLength is the minimum recommended password length (NIST SP800-63B)
	PasswordMinLength = 15

	// PasswordMaxLength is the maximum supported password length (NIST SP800-63B)
	// Allowing long passwords for passphrases while preventing DoS attacks
	PasswordMaxLength = 64

	// PasswordRecommendedLength is the recommended minimum password length for enhanced security
	PasswordRecommendedLength = 15

	// PasswordLowStrength represents a password with only one character type
	PasswordLowStrength = "Low"

	// PasswordMediumStrength represents a password with two or three character types
	PasswordMediumStrength = "Medium"

	// PasswordHighStrength represents a password with all character types
	PasswordHighStrength = "High"

	// AllowedSpecialChars contains the set of allowed special characters according to OWASP
	AllowedSpecialChars = "!@#$%^&*()_+-=[]{}|;:,.<>?"

	// CharacterTypeCounts for password strength evaluation
	OneCharType    = 1
	TwoCharTypes   = 2
	ThreeCharTypes = 3
	FourCharTypes  = 4
)

Variables ¶

This section is empty.

Functions ¶

func Decrypt ¶

func Decrypt(password, ciphertext string, algorithm ...KeyDerivationAlgorithm) (string, error)

Decrypt decrypts a base64-encoded ciphertext using AES-256 GCM with the specified key derivation algorithm and returns the plaintext.

func DecryptToString ¶ added in v0.3.5

func DecryptToString(encrypted string, password string) (string, error)

DecryptToString decrypts a base64-encoded ciphertext string and returns the plaintext as a string.

func Encrypt ¶

func Encrypt(password, plaintext string, algorithm ...KeyDerivationAlgorithm) (string, error)

Encrypt encrypts a plaintext string using AES-256 GCM with the specified key derivation algorithm and returns a base64-encoded ciphertext.

func GetAvailableAlgorithms ¶ added in v0.3.6

func GetAvailableAlgorithms() []string

GetAvailableAlgorithms returns a list of available key derivation algorithms

func IsPasswordBreached ¶ added in v0.3.5

func IsPasswordBreached(password string) (bool, error)

IsPasswordBreached checks if a password is in a known breach database This is a placeholder that should be replaced with an actual API call to Pwned Passwords or similar service

func SetDefaultAlgorithm ¶ added in v0.3.6

func SetDefaultAlgorithm(algorithm KeyDerivationAlgorithm)

SetDefaultAlgorithm sets the default key derivation algorithm

func SuggestPasswordImprovement ¶ added in v0.3.5

func SuggestPasswordImprovement(password string) []string

SuggestPasswordImprovement provides suggestions to improve password strength

func ValidatePasswordStrength ¶ added in v0.3.5

func ValidatePasswordStrength(password string) error

ValidatePasswordStrength checks if a password meets strength requirements

Types ¶

type KeyDerivationAlgorithm ¶ added in v0.3.5

type KeyDerivationAlgorithm string

KeyDerivationAlgorithm represents the algorithm used for key derivation

var (
	DefaultKeyDerivationAlgorithm KeyDerivationAlgorithm = Argon2idAlgorithm
)

Global variables

func GetAvailableKeyDerivationAlgorithms ¶ added in v0.3.5

func GetAvailableKeyDerivationAlgorithms() []KeyDerivationAlgorithm

GetAvailableKeyDerivationAlgorithms returns the list of available key derivation algorithms

func ValidateAlgorithm ¶ added in v0.3.6

func ValidateAlgorithm(algorithm string) (KeyDerivationAlgorithm, error)

ValidateAlgorithm validates the algorithm string and returns the corresponding KeyDerivationAlgorithm

type PasswordStrengthError ¶ added in v0.3.5

type PasswordStrengthError struct {
	Message   string   `json:"message"`
	Problems  []string `json:"problems"`
	Strength  string   `json:"strength"`
	IsCommon  bool     `json:"is_common"`
	MinLength int      `json:"min_length"`
	MaxLength int      `json:"max_length"`
}

PasswordStrengthError represents errors related to password strength

func (*PasswordStrengthError) Error ¶ added in v0.3.5

func (e *PasswordStrengthError) Error() string

Error returns the error message

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL