README
¶
go-itsdangerous
Like itsdangerous but for Go.
编译zlib
# macOS (darwin/arm64)
gcc -c zlib_wrapper.c -o zlib_wrapper_darwin.o
ar rcs libzlib_wrapper_darwin.a zlib_wrapper_darwin.o
# Linux
gcc -c zlib_wrapper.c -o zlib_wrapper_linux.o
ar rcs libzlib_wrapper_linux.a zlib_wrapper_linux.o
# Windows (可用 cross-compile 或 mingw)
x86_64-w64-mingw32-gcc -c zlib_wrapper.c -o zlib_wrapper_windows.o
ar rcs libzlib_wrapper_windows.a zlib_wrapper_windows.o
Documentation
¶
Overview ¶
Package itsdangerous implements various functions to deal with untrusted sources. Mainly useful for web applications.
This package exists purely as a port of https://github.com/mitsuhiko/itsdangerous, where the original version is written in Python.
Index ¶
- Constants
- func Base64Encode(src []byte) string
- type HMACAlgorithm
- type Signature
- func (s *Signature) DeriveKey() ([]byte, error)
- func (s *Signature) Dumps(value interface{}) (string, error)
- func (s *Signature) Get(value string) (string, error)
- func (s *Signature) Loads(value string) (string, error)
- func (s *Signature) Sign(value string) (string, error)
- func (s *Signature) UnZip(value string) ([]byte, error)
- func (s *Signature) Unsign(signed string) (string, error)
- func (s *Signature) Verify(value, sig string) (bool, error)
- func (s *Signature) Zip(value string) (string, error)
- type SigningAlgorithm
- type TimestampSignature
Constants ¶
const EPOCH = 1293840000
2011/01/01 in UTC
Variables ¶
This section is empty.
Functions ¶
func Base64Encode ¶
Encodes a single string. The resulting string is safe for putting into URLs.
Types ¶
type HMACAlgorithm ¶
HMACAlgorithm provides signature generation using HMACs.
func (*HMACAlgorithm) GetSignature ¶
func (a *HMACAlgorithm) GetSignature(key []byte, value []byte) []byte
GetSignature returns the signature for the given key and value.
func (*HMACAlgorithm) VerifySignature ¶
func (a *HMACAlgorithm) VerifySignature(key []byte, value []byte, sig []byte) bool
VerifySignature verifies the given signature matches the expected signature.
type Signature ¶
type Signature struct {
SecretKey string
Sep string
Salt string
KeyDerivation string
DigestMethod func() hash.Hash
Algorithm SigningAlgorithm
}
Signature can sign bytes and unsign it and validate the signature provided.
Salt can be used to namespace the hash, so that a signed string is only valid for a given namespace. Leaving this at the default value or re-using a salt value across different parts of your application where the same signed value in one part can mean something different in another part is a security risk.
func NewSignature ¶
func NewSignature(secret, salt, sep, derivation string, digest func() hash.Hash, algo SigningAlgorithm) *Signature
NewSignature creates a new Signature
func (*Signature) DeriveKey ¶
DeriveKey generates a key derivation. Keep in mind that the key derivation in itsdangerous is not intended to be used as a security method to make a complex key out of a short password. Instead you should use large random secret keys.
type SigningAlgorithm ¶
type SigningAlgorithm interface {
GetSignature(key []byte, value []byte) []byte
VerifySignature(key []byte, value []byte, sig []byte) bool
}
SigningAlgorithm provides interfaces to generate and verify signature
type TimestampSignature ¶
type TimestampSignature struct {
Signature
}
TimestampSignature works like the regular Signature but also records the time of the signing and can be used to expire signatures.
func NewTimestampSignature ¶
func NewTimestampSignature(secret, salt, sep, derivation string, digest func() hash.Hash, algo SigningAlgorithm) *TimestampSignature
NewTimestampSignature creates a new TimestampSignature
Source Files
Directories