This repository has been archived by the owner on May 13, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
secure.go
80 lines (69 loc) · 1.74 KB
/
secure.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
package common // import "breve.us/authsvc/common"
import (
"encoding/base64"
"github.com/gorilla/securecookie"
)
const (
// HashKeySize is optimally 64 bytes
HashKeySize = 64
// BlockKeySize is optimally 32 bytes
BlockKeySize = 32
)
// Seeder describes functions needed for encrypted cookies.
type Seeder interface {
HashKey() []byte
BlockKey() []byte
}
// NewDefaultSeeder creates random default values for the Seeder. This
// is only good for one execution run, unless the generated keys are
// persisted.
func NewDefaultSeeder() (Seeder, error) {
return NewSeeder(Generate(HashKeySize), Generate(BlockKeySize))
}
// NewSeeder creates a default Seeder from base64 encoded seed values.
func NewSeeder(hash string, block string) (Seeder, error) {
var (
hashb, blockb []byte
err error
)
if hashb, err = Decode(hash); err != nil {
return nil, err
}
if blockb, err = Decode(block); err != nil {
return nil, err
}
return &defseeder{hash: hashb, block: blockb}, nil
}
// Generate creates a random key of keysize length, and returns it in
// base64 encoded text.
func Generate(keysize int) string {
return base64.StdEncoding.
EncodeToString(securecookie.GenerateRandomKey(keysize))
}
// Decode extracts a byte slice from a base64 encoded string.
func Decode(hash string) ([]byte, error) {
return base64.StdEncoding.
DecodeString(hash)
}
type defseeder struct {
hash []byte
block []byte
}
func (s *defseeder) HashKey() []byte {
if s == nil {
return nil
}
if len(s.hash) == 0 {
s.hash = securecookie.GenerateRandomKey(HashKeySize)
}
return s.hash
}
func (s *defseeder) BlockKey() []byte {
if s == nil {
return nil
}
if len(s.block) == 0 {
s.block = securecookie.GenerateRandomKey(BlockKeySize)
}
return s.block
}