Giter Club home page Giter Club logo

securebytes's Introduction

Secure Bytes GoDoc Go Report Card

Secure Bytes takes any Go data type, serializes it to DER-ASN.1, JSON or GOB and encrypts it with AES-192-GCM. The goal of this library is to generate smaller cookies than securecookie does. It's achieved by using Authenticated Encryption instead of HMAC and optionally DER-ASN.1 instead of GOB or JSON.

Installation

go get -u github.com/meehow/securebytes

Usage

First, create Secure Bytes instance and set encryption key. Suggested key length is at least 50 characters. You can choose one of build-in serializers: GOBSerializer, JSONSerializer or ASN1Serializer. Usually ASN1Serializer gives the smallest output, but it's not compatible with some data types (for example uint).

var sb = securebytes.New(
	[]byte("choo}ng-o9quoh6oodurabishoh9haeWee~neeyaRoqu6Chue1"),
	securebytes.ASN1Serializer{})

Write a cookie:

type Session struct {
	UserID int
	Name   string
}

func SetCookieHandler(w http.ResponseWriter, r *http.Request) {
	session := Session{
		UserID: 1234567890,
		Name:   "meehow",
	}
	b64, err := sb.EncodeToBase64(session)
	if err != nil {
		fmt.Fprintf(w, "Encryption error: %v", err)
		return
	}
	cookie := &http.Cookie{
		Name:  "cookie-name",
		Value: b64,
		Path:  "/",
		HttpOnly: true,
	}
	http.SetCookie(w, cookie)
}

Read a cookie:

func ReadCookieHandler(w http.ResponseWriter, r *http.Request) {
	var session Session
	cookie, err := r.Cookie("cookie-name")
	if err != nil {
		fmt.Fprintf(w, "Cookie not found: %v", err)
		return
	}
	if err = sb.DecryptBase64(cookie.Value, &session); err != nil {
		fmt.Fprintf(w, "Decryption error: %v", err)
		return
	}
	fmt.Fprintf(w, "Your session cookie: %#v", session)
}

You can also check example to see full code of http server.

If you need plain []byte output, you can use Encrypt and Decrypt functions instead.

You can find more information in the documentation.

Benchmark

SecureBytes works 2.5 times faster than SecureCookie and generates 40% smaller cookies.

goos: linux
goarch: amd64
pkg: github.com/meehow/securebytes
BenchmarkSecureBytesJSON-4    	  300000	      3810 ns/op
BenchmarkSecureBytesGOB-4     	  300000	      5476 ns/op
BenchmarkSecureCookieJSON-4   	  200000	      9959 ns/op
BenchmarkSecureCookieGOB-4    	  100000	     11807 ns/op
PASS
ok  	github.com/meehow/securebytes	6.303s

securebytes's People

Contributors

meehow avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar

Forkers

hazcod funny-falcon euca01 mybigman

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.