secure

package module
v0.2.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 3, 2023 License: MIT Imports: 16 Imported by: 0

README

Secure

License Build Status Go Report Card Go Reference Version

Secure is a simple package to easily work with the most common cryptography functions.

Installation:

go get -u github.com/catamat/secure

Example:

package main

import (
	"fmt"
	"os"
	"github.com/catamat/secure"
)

func main() {
	asymmetric()
	fmt.Println("---")
	signing()
	fmt.Println("---")
	hashing()
	fmt.Println("---")
	symmetric()
	fmt.Println("---")
	utilities()
}

func asymmetric() {
	var privFile bool
	var pubFile bool

	if _, err := os.Stat("private.pem"); err == nil {
		privFile = true
	}

	if _, err := os.Stat("public.pem"); err == nil {
		pubFile = true
	}

	if !privFile || !pubFile {
		// Create the keys
		privKey, pubKey := RSAGenerateKeyPair(4096)

		// Export the keys to PEM
		privPem := RSAExportPrivateKeyAsPEM(privKey)
		pubPem, _ := RSAExportPublicKeyAsPEM(pubKey)

		if err := os.WriteFile("private.pem", privPem, 0644); err != nil {
			fmt.Println("Error: Can't write private.pem file")
			return
		}

		if err := os.WriteFile("public.pem", pubPem, 0644); err != nil {
			fmt.Println("Error: Can't write public.pem file")
			return
		}
	}

	// Load the keys
	privPem, err := os.ReadFile("private.pem")
	if err != nil {
		fmt.Println("Error: Can't read private.pem file")
		return
	}

	pubPem, err := os.ReadFile("public.pem")
	if err != nil {
		fmt.Println("Error: Can't read public.pem file")
		return
	}

	// Import the keys from PEM
	privKey, _ := RSAParsePrivateKeyFromPEM(privPem)
	pubKey, _ := RSAParsePublicKeyFromPEM(pubPem)
	text := []byte("This is super secret message!")

	// Encrypt RSA with OAEP message
	encryptedMessage, _ := RSAEncryptWithOAEP(text, pubKey, nil)
	fmt.Println("Asymmetric Encrypted Message:", string(encryptedMessage))

	// Decrypt RSA with OAEP message
	decryptedMessage, _ := RSADecryptWithOAEP(encryptedMessage, privKey, nil)
	fmt.Println("Asymmetric Decrypted Message:", string(decryptedMessage))
}

func hashing() {
	password := []byte("supersecretpassword")

	// Generate Bcrypt hash
	hashedPassword, _ := BcryptGenerateHash(password, 0)
	fmt.Println("Hashed password:", string(hashedPassword))

	// Compare Bcrypt hash
	err := BcryptCompareHash(hashedPassword, password)
	if err != nil {
		fmt.Println("Invalid password")
	} else {
		fmt.Println("Valid password")
	}

	// Generate Argon2 hash
	hashedPassword, _ = Argon2GenerateHash(password, 64*1024, 1, 2, 16, 32)
	fmt.Println("Hashed password:", string(hashedPassword))

	// Compare Argon2 hash
	err = Argon2CompareHash(hashedPassword, password)
	if err != nil {
		fmt.Println("Invalid password")
	} else {
		fmt.Println("Valid password")
	}
}

func signing() {
	// Load the keys
	privPem, err := os.ReadFile("private.pem")
	if err != nil {
		fmt.Println("Error: Can't read private.pem file")
		return
	}

	pubPem, err := os.ReadFile("public.pem")
	if err != nil {
		fmt.Println("Error: Can't read public.pem file")
		return
	}

	// Import the keys from PEM
	privKey, _ := RSAParsePrivateKeyFromPEM(privPem)
	pubKey, _ := RSAParsePublicKeyFromPEM(pubPem)
	text := []byte("Verifiable message!")

	// Sign RSA with PSS message
	signedMessage, _ := RSASignWithPSS(text, privKey)
	fmt.Println("Signed Message:", string(signedMessage))

	// Verify RSA with PSS message
	err = RSAVerifyWithPSS(text, signedMessage, pubKey)
	if err != nil {
		fmt.Println("Invalid message")
	} else {
		fmt.Println("Valid message")
	}
}

func symmetric() {
	key := []byte("supersecretpassword")
	text := []byte("This is super secret message!")

	// Encrypt AES with GCM message
	encryptedMessage, _ := AESEncryptWithGCM(text, key)
	fmt.Println("Symmetric Encrypted Message:", string(encryptedMessage))

	// Decrypt AES with GCM message
	decryptedMessage, _ := AESDecryptWithGCM(encryptedMessage, key)
	fmt.Println("Symmetric Decrypted Message:", string(decryptedMessage))
}

func utilities() {
	// Generate random tokens
	t1, _ := GenerateRandomToken(32, false, true, false, false)
	fmt.Println("Token 1:", string(t1))

	t2, _ := GenerateRandomToken(32, true, false, false, false)
	fmt.Println("Token 2:", string(t2))

	t3, _ := GenerateRandomToken(32, true, true, false, false)
	fmt.Println("Token 3:", string(t3))

	t4, _ := GenerateRandomToken(32, true, true, true, false)
	fmt.Println("Token 4:", string(t4))

	t5, _ := GenerateRandomToken(32, true, true, true, true)
	fmt.Println("Token 5:", string(t5))

	// Generate human passwords
	p1, _ := GenerateHumanPassword(0, 0)
	fmt.Println("Password 1:", string(p1))

	p2, _ := GenerateHumanPassword(5, 2)
	fmt.Println("Password 2:", string(p2))
}

Documentation

Overview

Package secure is a simple package to easily work with the most common cryptography functions.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AESDecryptWithGCM added in v0.2.0 

func AESDecryptWithGCM(encryptedText []byte, key []byte) ([]byte, error)

AESDecryptWithGCM decrypts an encrypted text using the key.

func AESEncryptWithGCM added in v0.2.0 

func AESEncryptWithGCM(plainText []byte, key []byte) ([]byte, error)

AESEncryptWithGCM encrypts a plain text using the key.

func Argon2idCompareHash added in v0.2.3 

func Argon2idCompareHash(hashedPassword []byte, password []byte) error

Argon2idCompareHash compares an hashed password with its plain equivalent.

func Argon2idGenerateHash added in v0.2.3 

func Argon2idGenerateHash(plainPassword []byte, memory uint32, time uint32, threads uint8, saltLength int, keyLength uint32) ([]byte, error)

Argon2idGenerateHash generates a new hash from a plain password with the given parameters.

func BcryptCompareHash added in v0.2.0 

func BcryptCompareHash(hashedPassword []byte, password []byte) error

BcryptCompareHash compares an hashed password with its plain equivalent.

func BcryptGenerateHash added in v0.2.0 

func BcryptGenerateHash(plainPassword []byte, cost int) ([]byte, error)

BcryptGenerateHash generates a new hash from a plain password at the given cost.

func DecodeBase64 

func DecodeBase64(data []byte) ([]byte, error)

DecodeBase64 decodes data in base64 format.

func EncodeBase64 

func EncodeBase64(data []byte) []byte

EncodeBase64 encodes data in base64 format.

func GenerateHumanPassword 

func GenerateHumanPassword(letters int, digits int) (string, error)

GenerateHumanPassword generates a human readable password.

func GenerateRandomBytes added in v0.2.2 

func GenerateRandomBytes(length int) ([]byte, error)

GenerateRandomBytes generates securely random bytes.

func GenerateRandomString added in v0.2.2 

func GenerateRandomString(length int, upperCase bool, lowerCase bool, digits bool, symbols bool) (string, error)

GenerateRandomString generates a random string.

func GenerateRandomStringURLSafe added in v0.2.2 

func GenerateRandomStringURLSafe(length int) (string, error)

GenerateRandomStringURLSafe generates a URL-safe, base64 encoded, random string.

func RSADecryptWithOAEP added in v0.2.0 

func RSADecryptWithOAEP(encryptedText []byte, privKey *rsa.PrivateKey, label []byte) ([]byte, error)

RSADecryptWithOAEP decrypts an encrypted text using a private key.

func RSAEncryptWithOAEP added in v0.2.0 

func RSAEncryptWithOAEP(plainText []byte, pubKey *rsa.PublicKey, label []byte) ([]byte, error)

RSAEncryptWithOAEP encrypts a plain text using a public key.

func RSAExportPrivateKeyAsPEM added in v0.2.0 

func RSAExportPrivateKeyAsPEM(privKey *rsa.PrivateKey) []byte

RSAExportPrivateKeyAsPEM encodes a private key in a PEM block.

func RSAExportPublicKeyAsPEM added in v0.2.0 

func RSAExportPublicKeyAsPEM(pubKey *rsa.PublicKey) ([]byte, error)

RSAExportPublicKeyAsPEM encodes a public key in a PEM block.

func RSAGenerateKeyPair added in v0.2.0 

func RSAGenerateKeyPair(bits int) (*rsa.PrivateKey, *rsa.PublicKey)

RSAGenerateKeyPair generates a key pair from a variable bit size.

func RSAParsePrivateKeyFromPEM added in v0.2.0 

func RSAParsePrivateKeyFromPEM(privPem []byte) (*rsa.PrivateKey, error)

RSAParsePrivateKeyFromPEM decodes a private key from a PEM block.

func RSAParsePublicKeyFromPEM added in v0.2.0 

func RSAParsePublicKeyFromPEM(pubPem []byte) (*rsa.PublicKey, error)

RSAParsePublicKeyFromPEM decodes a public key from a PEM block.

func RSASignWithPSS added in v0.2.0 

func RSASignWithPSS(plainText []byte, privKey *rsa.PrivateKey) ([]byte, error)

RSASignWithPSS signs a plain text using a private key.

func RSAVerifyWithPSS added in v0.2.0 

func RSAVerifyWithPSS(signedText []byte, signature []byte, pubKey *rsa.PublicKey) error

RSAVerifyWithPSS verifies a signed text using a public key.

func ScryptDeriveKey added in v0.2.0 

func ScryptDeriveKey(password []byte, salt []byte) ([]byte, []byte, error)

ScryptDeriveKey derives a 32-bytes key from a variable length password.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.