crypto

package
v1.2.8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 18, 2025 License: AGPL-3.0, AGPL-3.0-or-later Imports: 15 Imported by: 0

Documentation

Overview

SPDX-License-Identifier: AGPL-3.0-or-later

SPDX-License-Identifier: AGPL-3.0-or-later

SPDX-License-Identifier: AGPL-3.0-or-later

SPDX-License-Identifier: AGPL-3.0-or-later

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DecryptToken 

func DecryptToken(ciphertext []byte, key []byte) (string, error)

DecryptToken decrypts a ciphertext using AES-256-GCM The key must be 32 bytes for AES-256 Expects input format: nonce + ciphertext + auth tag (as created by EncryptToken)

func EncryptToken 

func EncryptToken(plaintext string, key []byte) ([]byte, error)

EncryptToken encrypts a plaintext token using AES-256-GCM The key must be 32 bytes for AES-256 Returns: nonce + ciphertext + auth tag (combined)

func GenerateCodeChallenge 

func GenerateCodeChallenge(verifier string) string

GenerateCodeChallenge generates a PKCE code challenge from a code verifier Uses the S256 method: BASE64URL(SHA256(ASCII(code_verifier)))

func GenerateCodeVerifier 

func GenerateCodeVerifier() (string, error)

GenerateCodeVerifier generates a cryptographically secure PKCE code verifier The verifier is a random string of 43-128 characters using the unreserved character set. Returns a base64 URL-safe encoded string suitable for OAuth2 PKCE flow.

func GenerateNonce 

func GenerateNonce() (string, error)

GenerateNonce creates a 16-byte cryptographically secure random nonce for replay attack prevention

func ValidateCodeVerifier 

func ValidateCodeVerifier(verifier string) bool

ValidateCodeVerifier validates that a code verifier meets RFC 7636 requirements - Length: 43-128 characters - Characters: [A-Za-z0-9-._~]

Types

type Ed25519Signer 

type Ed25519Signer struct {
	// contains filtered or unexported fields
}

Ed25519Signer provides cryptographic signature operations using Ed25519 elliptic curve algorithm

func NewEd25519Signer 

func NewEd25519Signer() (*Ed25519Signer, error)

NewEd25519Signer initializes signer with persistent or ephemeral keypair from environment

func (*Ed25519Signer) CreateSignature 

func (s *Ed25519Signer) CreateSignature(ctx context.Context, docID string, user *models.User, timestamp time.Time, nonce string, docChecksum string) (string, string, error)

CreateSignature generates SHA-256 payload hash and Ed25519 signature for non-repudiation proof The context is used for tracing and cancellation propagation.

func (*Ed25519Signer) GetPublicKey 

func (s *Ed25519Signer) GetPublicKey() string

GetPublicKey exports the base64-encoded public key for signature verification by external parties

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.