Documentation
¶
Overview ¶
Package pb implements some useful password-based (PB) functions:
AES-related (192-bit AES): 1.1. PBAesEncrypt encrypts input byte array using string password specified into a new (encrypted) byte array 1.2. PBAesDecrypt decrypts input byte array using string password specified into a new (decrypted) byte array
HTTP-related 2.1. PBSignRequest signs an http request using a string password; adds 2 additional headers to the request 2.2. PBVerifyRequest verifies previously signed http request using a string password
Index ¶
- Constants
- Variables
- func AllocateSlice(length int) []byte
- func New(pbkdf2_iterations, pbkdf2_salt_length, aes_key_length, hmac_key_length int) *pbe
- func PBAesDecrypt(encrypted []byte, password string) (original []byte, err error)
- func PBAesDecryptPtr(block *[]byte, password string) error
- func PBAesEncrypt(original []byte, password string) (encrypted []byte, err error)
- func PBAesEncryptPtr(block *[]byte, password string) error
- func PBKDF2Key(password string, salt []byte, keylen int) (key []byte)
- func PBSignRequest(req *http.Request, password string, pattern *util.SignaturePattern) error
- func PBVerifyRequest(req *http.Request, password string, pattern *util.SignaturePattern) bool
Constants ¶
const AES_BLOCK_LENGTH = 1 << 4 // 128 bit
AES_BLOCK_LENGTH AES block length (128 bit)
const DEFAULT_AES_KEY_LENGTH = 24
KEY LENGTH (AES): 192 bit
const DEFAULT_HMAC_KEY_LENGTH = 1 << 5
KEY LENGTH (HMAC): 256 bit
const DEFAULT_PBKDF2_ITERATIONS = 1 << 15
Defaults for DefaultPBE: PBKDF2 ITERATIONS: 32k
const DEFAULT_PBKDF2_SALT_LENGTH = 1 << 4
PBKDF2 SALT LENGTH: 128 bit
const REQ_HEADER_HMAC = "X-Cryptogo-Hmac"
const REQ_HEADER_SALT = "X-Cryptogo-Salt"
Variables ¶
var DefaultPBE *pbe = New( DEFAULT_PBKDF2_ITERATIONS, DEFAULT_PBKDF2_SALT_LENGTH, DEFAULT_AES_KEY_LENGTH, DEFAULT_HMAC_KEY_LENGTH, )
DefaultPBE
Functions ¶
func AllocateSlice ¶
AllocateSlice allocates slice of the specified length with a capacity enough to perform encryption of this slice without creating a new one This is the desired method to create slices to encrypt with PBAesEncryptPtr Executes on the DefaultPBE
func New ¶
func New(pbkdf2_iterations, pbkdf2_salt_length, aes_key_length, hmac_key_length int) *pbe
New creates new pbe structure with the settings specified
func PBAesDecrypt ¶
PBAesDecrypt: AES-based password-based decryption Executes on the DefaultPBE
func PBAesDecryptPtr ¶
PBAesDecryptPtr: AES-based password-based decryption Changes the slice supplied itself Executes on the DefaultPBE
func PBAesEncrypt ¶
PBAesEncrypt: AES-based password-based encryption Executes on the DefaultPBE
func PBAesEncryptPtr ¶
PBAesEncryptPtr: AES-based password-based encryption Changes the slice supplied itself Executes on the DefaultPBE
func PBKDF2Key ¶
PBKDF2Key generates a key from given password using PBKDF2 function Executes on the DefaultPBE
func PBSignRequest ¶
PBSignRequest signs a http request using the password specified Signature changes if:
remote address changes request URI changes request header is deleted request header is added request header is modified
Signature doesn't change if:
request header ordering is changed
Executes on the DefaultPBE
func PBVerifyRequest ¶
PBVerifyRequest checks earlier signed http request signature using password specified to ensure request was not altered Executes on the DefaultPBE
Types ¶
This section is empty.
Source Files