Skip to content
/ securebytes Public

⚡️ Take any Go data type, serialize it to JSON or GOB and encrypt it with AES. Works 2.5x faster than securecookie and generates 40% smaller cookies.

License

LGPL-3.0 license
12 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

meehow/securebytes

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits

examples

examples

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

go.mod

go.mod

 
 

main.go

main.go

 
 

main_test.go

main_test.go

 
 

serializers.go

serializers.go

 
 

Repository files navigation

Secure Bytes GoDoc Go Report Card

Secure Bytes takes any Go data type, serializes it to DER-ASN.1, JSON or GOB and encrypts it with AES-192-GCM. The goal of this library is to generate smaller cookies than securecookie does. It's achieved by using Authenticated Encryption instead of HMAC and optionally DER-ASN.1 instead of GOB or JSON.

Installation

go get -u github.com/meehow/securebytes

Usage

First, create Secure Bytes instance and set encryption key. Suggested key length is at least 50 characters. You can choose one of build-in serializers: GOBSerializer, JSONSerializer or ASN1Serializer. Usually ASN1Serializer gives the smallest output, but it's not compatible with some data types (for example uint).

var sb = securebytes.New(
	[]byte("choo}ng-o9quoh6oodurabishoh9haeWee~neeyaRoqu6Chue1"),
	securebytes.ASN1Serializer{})

Write a cookie:

type Session struct {
	UserID int
	Name   string
}

func SetCookieHandler(w http.ResponseWriter, r *http.Request) {
	session := Session{
		UserID: 1234567890,
		Name:   "meehow",
	}
	b64, err := sb.EncodeToBase64(session)
	if err != nil {
		fmt.Fprintf(w, "Encryption error: %v", err)
		return
	}
	cookie := &http.Cookie{
		Name:  "cookie-name",
		Value: b64,
		Path:  "/",
		HttpOnly: true,
	}
	http.SetCookie(w, cookie)
}

Read a cookie:

func ReadCookieHandler(w http.ResponseWriter, r *http.Request) {
	var session Session
	cookie, err := r.Cookie("cookie-name")
	if err != nil {
		fmt.Fprintf(w, "Cookie not found: %v", err)
		return
	}
	if err = sb.DecryptBase64(cookie.Value, &session); err != nil {
		fmt.Fprintf(w, "Decryption error: %v", err)
		return
	}
	fmt.Fprintf(w, "Your session cookie: %#v", session)
}

You can also check example to see full code of http server.

If you need plain []byte output, you can use Encrypt and Decrypt functions instead.

You can find more information in the documentation.

Benchmark

SecureBytes works 2.5 times faster than SecureCookie and generates 40% smaller cookies.

goos: linux
goarch: amd64
pkg: github.com/meehow/securebytes
BenchmarkSecureBytesJSON-4    	  300000	      3810 ns/op
BenchmarkSecureBytesGOB-4     	  300000	      5476 ns/op
BenchmarkSecureCookieJSON-4   	  200000	      9959 ns/op
BenchmarkSecureCookieGOB-4    	  100000	     11807 ns/op
PASS
ok  	github.com/meehow/securebytes	6.303s

About

⚡️ Take any Go data type, serialize it to JSON or GOB and encrypt it with AES. Works 2.5x faster than securecookie and generates 40% smaller cookies.

Topics

serialization encryption aes cookie authenticated-encryption securecookie

Resources

Readme

License

LGPL-3.0 license
Activity

Stars

12 stars

Watchers

3 watching

Forks

4 forks
Report repository

Releases

5 tags

Packages

No packages published

Languages