Hello friends, my job profile deals a lot with security. From last one year I have been working with Microsoft Crypto Providers, Openssl engines and lot’s of stuff. So, I started discovering the same in Golang. So, in this article I will explain the Golang crypto module with examples, and some use cases. Let’s start.
What is Cryptography
I simple terms, cryptography is a digital technology that secures your data, like passwords, credit card number or anything which you want to secure. It fulfills following four goals.
The four points are linked to Wikipedia pages. To go in details, you can refer same, I will explain them in very short definitions.
Confidentiality is data cannot be read by any other parties.
Data Integrity is , the crypt operation must not change data.
Authentication is, data must be read by Authenticated party.
Non-repudiation, is the party which is sending the data cannot deny, that they have not sent it.
Some Technical Terms
Cryptography algorithms are algorithms which are needed when we do crypt operations, like encryption, decryption, sign and verify. In layman terms, we are locking our data. So, for locking our data we need a key and to unlock it we need the key. So all the cryptography is based on key.
Based on keys, cryptography can be classified in two categories:
- Only one key can encrypt.
- Same key can decrypt.
- Both the parties need to hold key.
- Consists of two keys, PUBLIC and PRIVATE
- Data encrypted by Private can only be decrypted by Public.
- data encrypted by Public can only be decrypted by Private.
This was a small description of crypto, now in next parts. I will do a client server example for both.
Crypto in Golang
Golang has a package, Golang Crypto. Which fulfills almost all the application crypto needs.
It Provides implementation of, Symmetric, Asymmetric and Message Digests implimentations.
aes : Package aes implements AES encryption (formerly Rijndael), as defined in U.S. Federal Information Processing Standards Publication 197.
cipher: Package cipher implements standard block cipher modes that can be wrapped around low-level block cipher implementations.
des: Package des implements the Data Encryption Standard (DES) and the Triple Data Encryption Algorithm (TDEA) as defined in U.S. Federal Information Processing Standards Publication 46-3.
dsa: Package dsa implements the Digital Signature Algorithm, as defined in FIPS 186-3.
ecdsa: Package ecdsa implements the Elliptic Curve Digital Signature Algorithm, as defined in FIPS 186-3.
elliptic: Package elliptic implements several standard elliptic curves over prime fields.
hmac: Package hmac implements the Keyed-Hash Message Authentication Code (HMAC) as defined in U.S. Federal Information Processing Standards Publication 198.
md5: Package md5 implements the MD5 hash algorithm as defined in RFC 1321.
rand: Package rand implements a cryptographically secure pseudorandom number generator.
rc4: Package rc4 implements RC4 encryption, as defined in Bruce Schneier’s Applied Cryptography.
rsa: Package rsa implements RSA encryption as specified in PKCS#1.
sha1: Package sha1 implements the SHA1 hash algorithm as defined in RFC 3174.
sha256: Package sha256 implements the SHA224 and SHA256 hash algorithms as defined in FIPS 180-4.
sha512: Package sha512 implements the SHA-384, SHA-512, SHA-512/224, and SHA-512/256 hash algorithms as defined in FIPS 180-4.
subtle: Package subtle implements functions that are often useful in cryptographic code but require careful thought to use correctly.
tls: Package tls partially implements TLS 1.2, as specified in RFC 5246.
x509: Package x509 parses X.509-encoded keys and certificates.
pkix: Package pkix contains shared, low level structures used for ASN.1 parsing and serialization of X.509 certificates, CRL and OCSP.
In coming, pages, I will discuss most of them in a live example.
Till then, Happy Coding. 🙂