Documentation
¶
Overview ¶
Package crypto 提供加解密与 JWT 能力
使用示例:
// 配置全局客户端
crypto.Configure(&crypto.Config{
AESKey: "32-byte-key-for-aes-256-gcm!",
})
// AES 加密
encrypted, err := crypto.EncryptAES([]byte("secret"))
if err != nil {
return err
}
// AES 解密
decrypted, err := crypto.DecryptAES(encrypted)
Index ¶
- Variables
- func Configure(config *Config) error
- func DecryptAES(ciphertext []byte) ([]byte, error)
- func DecryptAESString(ciphertext string) (string, error)
- func DecryptAESWithKey(ciphertext []byte, key string) ([]byte, error)
- func DecryptRSA(ciphertext []byte) ([]byte, error)
- func DecryptRSAWithKey(ciphertext []byte, privateKey []byte) ([]byte, error)
- func EncryptAES(plaintext []byte) ([]byte, error)
- func EncryptAESString(plaintext string) (string, error)
- func EncryptAESWithKey(plaintext []byte, key string) ([]byte, error)
- func EncryptRSA(plaintext []byte) ([]byte, error)
- func EncryptRSAWithKey(plaintext []byte, publicKey []byte) ([]byte, error)
- func SignJWT(claims JWTClaims) (string, error)
- func SignJWTWithAlg(claims JWTClaims, alg string) (string, error)
- func SignRSA(data []byte) ([]byte, error)
- func SignRSAWithKey(data []byte, privateKey []byte) ([]byte, error)
- func VerifyRSA(data, signature []byte) error
- func VerifyRSAWithKey(data, signature []byte, publicKey []byte) error
- type Client
- func (c *Client) DecryptAES(ciphertext []byte) ([]byte, error)
- func (c *Client) DecryptRSA(ciphertext []byte) ([]byte, error)
- func (c *Client) EncryptAES(plaintext []byte) ([]byte, error)
- func (c *Client) EncryptRSA(plaintext []byte) ([]byte, error)
- func (c *Client) ParseJWT(token string) (*JWTClaims, error)
- func (c *Client) SignJWT(claims JWTClaims) (string, error)
- func (c *Client) SignJWTWithAlg(claims JWTClaims, alg string) (string, error)
- func (c *Client) SignRSA(data []byte) ([]byte, error)
- func (c *Client) VerifyRSA(data, signature []byte) error
- type Config
- type JWTClaims
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // ErrMissingClient 客户端未配置 ErrMissingClient = errors.New("crypto: client not configured, call Configure first") // ErrInvalidKey 无效的密钥 ErrInvalidKey = errors.New("crypto: invalid key") // ErrInvalidCiphertext 无效的密文 ErrInvalidCiphertext = errors.New("crypto: invalid ciphertext") // ErrInvalidSignature 签名验证失败 ErrInvalidSignature = errors.New("crypto: signature verification failed") // ErrInvalidToken 无效的 JWT token ErrInvalidToken = errors.New("crypto: invalid JWT token") // ErrTokenExpired JWT token 已过期 ErrTokenExpired = errors.New("crypto: JWT token expired") // ErrUnsupportedAlg 不支持的算法 ErrUnsupportedAlg = errors.New("crypto: unsupported algorithm") )
Functions ¶
func DecryptAES ¶
func DecryptAESString ¶
func DecryptRSA ¶
func DecryptRSAWithKey ¶
func EncryptAES ¶
func EncryptAESString ¶
func EncryptRSA ¶
func SignJWTWithAlg ¶
SignJWTWithAlg 使用指定算法签名 JWT
func VerifyRSAWithKey ¶
Types ¶
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
Client 加密客户端
func (*Client) DecryptAES ¶
DecryptAES 使用默认客户端解密
func (*Client) DecryptRSA ¶
DecryptRSA 使用 RSA-OAEP 解密
func (*Client) EncryptAES ¶
EncryptAES 使用默认客户端加密
func (*Client) EncryptRSA ¶
EncryptRSA 使用 RSA-OAEP 加密
func (*Client) SignJWTWithAlg ¶
SignJWTWithAlg 使用指定算法签名 JWT(支持 HS256/HS384/HS512)
type Config ¶
type Config struct {
// AES 配置
AESKey string // 32字节用于 AES-256-GCM
// RSA 配置
RSAPrivateKey []byte // PEM 格式私钥
RSAPublicKey []byte // PEM 格式公钥
// JWT 配置
JWTSecret string // HMAC 密钥
JWTPrivateKey []byte // RSA 私钥(用于 RS256)
JWTPublicKey []byte // RSA 公钥(用于 RS256)
JWTExpiry time.Duration // 默认过期时间(默认 24h)
}
Config 加密配置
Source Files
Click to show internal directories.
Click to hide internal directories.