crypto

package

v1.0.0 Latest Latest Go to latest Published: Mar 6, 2026 License: Apache-2.0 Imports: 9 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/techquestsdev/code-search

Links

Open Source Insights

Documentation ¶

Overview ¶

Package crypto provides encryption utilities for sensitive data.

Index ¶

Constants
Variables
func IsEncrypted(value string) bool
type TokenEncryptor
- func NewTokenEncryptor(key string) (*TokenEncryptor, error)

Constants ¶

View Source

const (
	// EncryptedPrefix is prepended to encrypted values to identify them.
	// This allows distinguishing encrypted from plaintext values.
	EncryptedPrefix = "enc:"

	// KeySize is the required size for AES-256 keys (32 bytes).
	KeySize = 32
)

Variables ¶

View Source

var (
	// ErrNoKey is returned when encryption/decryption is attempted without a key.
	ErrNoKey = errors.New("encryption key not configured")

	// ErrInvalidKey is returned when the key is invalid.
	ErrInvalidKey = errors.New("invalid encryption key")

	// ErrDecryptionFailed is returned when decryption fails.
	ErrDecryptionFailed = errors.New("decryption failed")

	// ErrInvalidCiphertext is returned when the ciphertext format is invalid.
	ErrInvalidCiphertext = errors.New("invalid ciphertext format")
)

Functions ¶

func IsEncrypted ¶

func IsEncrypted(value string) bool

IsEncrypted checks if a value appears to be encrypted.

Types ¶

type TokenEncryptor ¶

type TokenEncryptor struct {
	// contains filtered or unexported fields
}

TokenEncryptor handles encryption and decryption of sensitive tokens.

func NewTokenEncryptor ¶

func NewTokenEncryptor(key string) (*TokenEncryptor, error)

NewTokenEncryptor creates a new TokenEncryptor. If key is empty, encryption is disabled (passthrough mode). The key can be any string - it will be hashed to create a 32-byte AES key.

func (*TokenEncryptor) Decrypt ¶

func (te *TokenEncryptor) Decrypt(ciphertext string) (string, error)

Decrypt decrypts a ciphertext token and returns the plaintext. If the value doesn't have the encrypted prefix, returns it unchanged (plaintext). If encryption is disabled but value has prefix, returns an error.

func (*TokenEncryptor) Encrypt ¶

func (te *TokenEncryptor) Encrypt(plaintext string) (string, error)

Encrypt encrypts a plaintext token and returns the ciphertext with prefix. If encryption is disabled or the value is empty, returns the original value. If the value is already encrypted (has prefix), returns it unchanged.

func (*TokenEncryptor) IsActive ¶

func (te *TokenEncryptor) IsActive() bool

IsActive returns true if encryption is enabled.

func (*TokenEncryptor) MustDecrypt ¶

func (te *TokenEncryptor) MustDecrypt(ciphertext string) string

MustDecrypt is like Decrypt but returns the ciphertext on error. Useful for backwards compatibility when some tokens may not be encrypted.

Source Files ¶

View all Source files

crypto.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL