Version: v4.4.1 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Sep 10, 2021 License: MIT Imports: 17 Imported by: 0




This section is empty.


View Source
var (
	// ErrCipherTooShort occurs when `Decrypt` does not
	// have input of enough length to decrypt using AES256
	ErrCipherTooShort = errors.New("crypto: cipher plainText is too short for AES encryption")
	// ErrCorruptedMessage occurs when an attempt of unsealing a message
	// does not pass the authentication check
	ErrCorruptedMessage = errors.New("crypto: the message didn't pass the authentication check")
View Source
var (
	// ErrTokenExpired occurs when the token lifetime is exceeded
	ErrTokenExpired = errors.New("crypto: token expired")


func DecodeAndVerifyToken

func DecodeAndVerifyToken(tokenStr string, key []byte, lifetime time.Duration) (data []byte, err error)

DecodeAndVerify unseals the token and verifies its lifetime

func Decrypt

func Decrypt(cipherText, key []byte) (plainText []byte, err error)

Decrypt decrypts content with a key using AES256 CFB mode

func DecryptFromString

func DecryptFromString(cipherTextStr string, key []byte) ([]byte, error)

DecryptFromString decrypts a string with a key

func Encrypt

func Encrypt(plainText, key []byte) (cipherText []byte, err error)

Encrypt encrypts content with a key using AES256 CFB mode

func EncryptToString

func EncryptToString(plainText, key []byte) (string, error)

EncryptToString encrypts content with a key using AES256 and encodes it to a hexadecimal string

func GenerateRandomString

func GenerateRandomString(length int) (string, error)

GenerateRandomString generates a random string with a given length

func GenerateToken

func GenerateToken(data, key []byte) (tokenStr string, err error)

GenerateToken generates a sealed token with a given ID and timestamp for future verification.

func Hash

func Hash(data ...interface{}) ([]byte, error)

Hash is a convenience function calling the default hasher WARNING: only pass in data that is json-marshalable. If not, the worst case scenario is that you passed in data with circular references and this will just blow up your CPU

func HashToString

func HashToString(data ...interface{}) (string, error)

HashToString is a convenience function calling the default hasher and encoding the result as hex string

func PassphraseToKey

func PassphraseToKey(passphrase string) (key []byte)

PassphraseToKey converts a string to a key for encryption.

This function must be used STRICTLY ONLY for generating an encryption key out of a passphrase. Please don't use this function for hashing user-provided values. It uses SHA2 for simplicity and it's faster but less secure than SHA3. User-provided data should use SHA3 or bcrypt.

func Seal

func Seal(plainText, key []byte) (cipherText []byte, err error)

Seal implements authenticated encryption using the MAC-then-Encrypt (MtE) approach. It's using SHA3-256 for MAC and AES256 CFB for encryption.

func SealToString

func SealToString(plainText, key []byte) (string, error)

SealToString runs `Seal` and then encodes the result into base64.

func Unseal

func Unseal(cipherText, key []byte) (plainText []byte, err error)

Unseal decrypts and authenticates the data encrypted by Seal

func UnsealFromString

func UnsealFromString(cipherTextStr string, key []byte) ([]byte, error)

UnsealFromString decodes from Base64 and applies `Unseal`.


type Hasher

type Hasher interface {
	Hash(data ...interface{}) ([]byte, error)

Hasher provides a method for hashing arbitrary data types

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
t or T : Toggle theme light dark auto
y or Y : Canonical URL