dgryski / dkeyczar Goto Github PK
View Code? Open in Web Editor NEWPort of Google's Keyczar cryptography library to Go
Port of Google's Keyczar cryptography library to Go
The enums are not named in standard Go style, nor do they need to be exported.
This is a breaking change.
I added support to the C# version with the free travis-ci
https://travis-ci.org/jbtule/keyczar-dotnet
It's pretty sweet, will automatically build and test pull requests too.
Go is an officiallly supported language for travis-ci so it should be easier than my C#.
http://about.travis-ci.org/docs/user/languages/go/
Hi,
At work we use the java keyczar library to encrypt and decrypt data, we use the AES cypher. During development, we have a dummy meta and key and I was able to use this library to decrypt text that was encrypted with the java library (the web app is actually in Scala).
Then I moved the Go code to production, where we fetch the encryption key from a key server (so I had to write a separate KeyReader
that knew how to fetch the meta and key values from our key server)
Now text that is encrypted on the web app using Scala/java is not decrypted by Go, I get the error key not found.
I was able to track it down to:
Line 1004 in 05c8ea3
this line
lookup.getKeyForID(b[1:5])
which is then converted with binary.BigEndian.Uint32
returns a value like
2829747566
but the stored in memory keyID is
2628606745
Now, I have no idea why in dev mode locally I can decrypt data (and the lookup.getKeyForID
gives the right value ) but it fails on the web app.
Any hints?
Thanks!
I'm trying dkeyczar out. Thanks so much for creating it!
I'm getting "keyczar: key not found" errors that originate on line 899 of keyczar. It appears that my keys are loaded, so why would I be getting this? Its so vague that I'm not sure where to start looking.
Thanks!
Jason
func (kz *keyCzar) getKeyForID(id []byte) ([]keydata, error) {
kl, ok := kz.idkeys[binary.BigEndian.Uint32(id)]
if !ok || len(kl) == 0 {
=> return kl, ErrKeyNotFound // keyczar.go:line 899
}
return kl, nil
}
No camelCase on the keyczar name.
'dkeyczar' is a hold-over. In my repository, it should be 'go-keyczar' with a package name of just 'keyczar'.
This is early Go code and should be brought up to 'modern' Go standards before the merge into the official keyczar repository.
I've been working on trying to produce keyczar data across implementations. Right now for every command except "usekey", java, python, c++, c# work identically flag wise. I have three scripts here java, python, c# that produce keyset and ciphertext data across platforms, and the c++ works too just not for creating ciphertext data (it lacks "usekey")
https://gist.github.com/4519944
I also have unit tests in C# and python that test against this data from each platform.
https://github.com/jbtule/keyczar-dotnet/tree/master/dotnet/Keyczar/KeyczarTest/Interop
http://code.google.com/r/jtuley-keyczar-python-interop-unittests/source/browse/python/tests/keyczar_tests/interop_test.py
For reference C# KeyczarTool usage manual, most complete i think of any of them, but does have unofficial extras too:
https://github.com/jbtule/keyczar-dotnet/wiki/KeyczarTool
Encryption + compression lead to badness.
This is a breaking change.
When executing:
package main
import (
"fmt"
"github.com/dgryski/dkeyczar"
)
func main() {
km := dkeyczar.NewKeyManager()
err := km.Create("randomname", dkeyczar.P_DECRYPT_AND_ENCRYPT, dkeyczar.T_RSA_PRIV)
if err != nil {
panic(err)
}
//Need to go back again to fix problem
err = km.AddKey(1024, dkeyczar.S_PRIMARY)
if err != nil {
panic(err)
}
fmt.Println(km.ToJSONs(nil))
}
it panics with:
panic: runtime error: assignment to entry in nil map
goroutine 1 [running]:
runtime.panic(0x53da00, 0x6e963d)
/usr/lib/go/src/pkg/runtime/panic.c:266 +0xb6
github.com/dgryski/dkeyczar.(*keyManager).AddKey(0xc210000070, 0x1000, 0x0, 0x0, 0x4)
/home/acasajus/Devel/gospace/src/github.com/dgryski/dkeyczar/keyman.go:116 +0x21a
main.main()
/home/acasajus/Devel/gospace/src/test/tet.go:16 +0xe7
exit status 2
The m.kz.keys map is not initialized when creating the keymap. What is the proper way to use it? Can this be fixed plz?
BTW is there an easy way to export/import a keymanager to JSON? or should I implement it myself in my code?
This is optional (in terms that OAEP is more secure), but for compatibility it's nice to have.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.