Skip to content

moisoto/crypt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
crypt.go
crypt.go
 
 
crypt_test.go
crypt_test.go
 
 
examples_test.go
examples_test.go
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
godoc.sh
godoc.sh
 
 
test_cover.sh
test_cover.sh
 
 

Repository files navigation

made-with-Go Go Reference GoReportCard License: MIT

Go Version Release

crypt

A Simple Crypto Library

Most code in this package was taken from Nic Raboy's AES Crypto Post @ ThePoliglotDeveloper.com

Made some enhancements based on suggestions made on the comments section.

Not intended as a full-fledge library, just some place to put functions I use for simple crypto needs (like putting encrypted sensible data on a json configuration file).

Usage recommendations

Salt and Pepper

A good practice is to use different Salt values for each encripted item.

For example if you are encrypting user passwords you should use a different (and random) salt value for each user. You can store the salt value along with the username and encrypted passwords. You can use the function RandomSalt() for this. A size of 32 bytes or more is recommended.

The passphrase (also sometimes called pepper) can be the same for all items, and must not be stored along with the salt and encrypted data. Your code is a good place to put them. It can be as simple as a human generated string (hence the term passphrase), but you can also use CSPRNG data. The crypt.RandomSalt() function can also be used for this:

// A Simple Utility to generate a CSPRNG based Passphrase
package main

import (
	"encoding/base64"
	"fmt"

	"github.com/moisoto/crypt"
)

func main() {
	pepper, err := crypt.RandomSalt(32)
	if err != nil {
		panic(err)
	}

	phrase := base64.StdEncoding.EncodeToString(pepper)
	fmt.Println("Random Passphrase:", phrase)
}

Crypt and Decrypt

A simple code snippet with crypt and decrypt example:

// Salt must be Ramdom and at least 32 bytes in size
// For example in a username/password database you should generate a
// random salt for each user and store it along the ciphered password
salt, err := crypt.RandomSalt(32)
if err != nil {
  panic(err)
}

// You'll usually store your salt as a hex string
hexSalt := hex.EncodeToString(salt)
  
// Your passphrase can be a random string and should not be stored on the database
// It would be contained in your code ideally.
phrase := "dWJLXM9Eo3Nj5IzUpWmQuAtsdnaYfrsIkVrhaE1ESJU="
  
// Something you want to cipher
originalText := "My Secret Message"

// A byte array is returned
cipherBytes, err := crypt.Encrypt([]byte(originalText), phrase, salt)
if err != nil {
  panic(err)
}

// Can be encoded as base64 for readability 
cipherText := base64.StdEncoding.EncodeToString(cipherBytes)
  
// Or if you need to use it on a URL
cipherURLText := base64.URLEncoding.EncodeToString(cipherBytes)

fmt.Println("Hex Salt:", hexSalt)
fmt.Println("Cipher Text:", cipherText)
fmt.Println("URL Encoded:", cipherURLText)

// A byte array is returned
plainBytes, err := crypt.Decrypt(cipherBytes, phrase, salt)
if err != nil {
  panic(err)
}

decryptedText := string(plainBytes)
fmt.Println("Decrypted Text:", decryptedText)

If you need a more complete crypto library for go:

When browsing the comment section on Nic's Blog Post, I stumbled with Minio's SIO Package for DARE encryption on go. If you need a nicely done crypto library for go, please check it out at https://github.com/minio/sio

About

Simple Crypto Library

Topics

crypto-library

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

3 tags

Packages

No packages published

Languages