crypto

package

v0.1.5 Latest Latest Go to latest Published: Jun 3, 2026 License: AGPL-3.0 Imports: 12 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/swayrider/swlib

Links

Open Source Insights

Documentation ¶

Overview ¶

Package crypto provides cryptographic utilities for password hashing, secure random generation, and RSA keypair management.

Password Hashing ¶

Uses Argon2id, the winner of the Password Hashing Competition, for secure password storage. Argon2id is resistant to both GPU and side-channel attacks.

hash, err := crypto.CalculatePasswordHash("mypassword")
if err != nil {
    log.Fatal(err)
}
// Store hash in database

valid, err := crypto.VerifyPassword(storedHash, "mypassword")

Random Generation ¶

Generates cryptographically secure random strings:

token, err := crypto.GenerateSecureRandomString(32)

RSA Keypairs ¶

Creates 2048-bit RSA keypairs for JWT signing:

privateKey, publicKey, expiresAt, err := crypto.CreateKeypair()

Index ¶

Constants
func CalculatePasswordHash(password string) (string, error)
func CreateKeypair() (privatePEM, publicPEM string, validUntil *time.Time, err error)
func GenerateSecureRandomString(length int) (string, error)
func VerifyPassword(encodedHash, password string) (bool, error)

Constants ¶

View Source

const PasswordMinEntropy = 80

PasswordMinEntropy defines the minimum entropy bits required for passwords.

Variables ¶

This section is empty.

Functions ¶

func CalculatePasswordHash ¶

func CalculatePasswordHash(password string) (string, error)

CalculatePasswordHash generates a password hash using Argon2id

Parameters:

password: the password to hash

Returns:

string: the hash of the password
error: an error if the hash could not be generated

func CreateKeypair ¶

func CreateKeypair() (privatePEM, publicPEM string, validUntil *time.Time, err error)

CreateKeypair generates a new RSA keypair for JWT signing. The keypair uses 2048-bit RSA and returns keys in PEM format.

Returns:

privatePEM: The private key in PEM format (for signing tokens)
publicPEM: The public key in PEM format (for verifying tokens)
validUntil: Recommended expiration time (30 days from creation)
err: An error if the keypair could not be generated

Example:

privateKey, publicKey, expiresAt, err := crypto.CreateKeypair()
if err != nil {
    log.Fatalf("Failed to create keypair: %v", err)
}
// Store privateKey securely for signing
// Distribute publicKey for verification

func GenerateSecureRandomString ¶

func GenerateSecureRandomString(length int) (string, error)

GenerateSecureRandomString generates a secure random string of the given length

Parameters:

length: the length of the string to generate

Returns:

string: the generated string
error: an error if the string could not be generated

func VerifyPassword ¶

func VerifyPassword(encodedHash, password string) (bool, error)

VerifyPassword verifies a password against a hash

Parameters:

encodedHash: the hash of the password
password: the password to verify

Returns:

bool: true if the password is valid, false otherwise
error: an error if the hash could not be verified

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL