英文:
gorilla session invalid key size
问题
当我创建新的cookie存储并执行以下操作时:
var store = sessions.NewCookieStore(securecookie.GenerateRandomKey(1), securecookie.GenerateRandomKey(2))
我收到了错误消息:
crypto/aes: invalid key size 2
为什么会出错?当我查看函数定义时:
// NewCookieStore返回一个新的CookieStore。//// 键以成对的方式定义,以允许密钥轮换,但通常情况下,// 只设置一个身份验证密钥和可选的加密密钥。//// 成对中的第一个密钥用于身份验证,第二个密钥用于加密。// 加密密钥可以设置为nil或在最后一对中省略,但所有对中都需要身份验证密钥。//// 建议使用32或64字节的身份验证密钥。// 如果设置了加密密钥,则必须为16、24或32字节,以选择AES-128、AES-192或AES-256模式。//// 使用方便的函数securecookie.GenerateRandomKey()来创建强密钥。func NewCookieStore(keyPairs ...[]byte) *CookieStore {return &CookieStore{Codecs: securecookie.CodecsFromPairs(keyPairs...),Options: &Options{Path: "/",MaxAge: 86400 * 30,},}}
我认为我传递了正确的参数。
英文:
When I create new cookie store and do like:
var store = sessions.NewCookieStore(securecookie.GenerateRandomKey(1), securecookie.GenerateRandomKey(2))
I've got the the error message
crypto/aes: invalid key size 2
Why what do I wrong? When I look at the function definition
// NewCookieStore returns a new CookieStore.//// Keys are defined in pairs to allow key rotation, but the common case is// to set a single authentication key and optionally an encryption key.//// The first key in a pair is used for authentication and the second for// encryption. The encryption key can be set to nil or omitted in the last// pair, but the authentication key is required in all pairs.//// It is recommended to use an authentication key with 32 or 64 bytes.// The encryption key, if set, must be either 16, 24, or 32 bytes to select// AES-128, AES-192, or AES-256 modes.//// Use the convenience function securecookie.GenerateRandomKey() to create// strong keys.func NewCookieStore(keyPairs ...[]byte) *CookieStore {return &CookieStore{Codecs: securecookie.CodecsFromPairs(keyPairs...),Options: &Options{Path: "/",MaxAge: 86400 * 30,},}}
I think pass the right parameter.
答案1
得分: 8
从您提供的文档中可以看到:
> //建议使用32或64字节的身份验证密钥。
>
> //加密密钥(如果设置)必须是16、24或32字节,以选择AES-128、AES-192或AES-256模式。
因此,您可以使用类似以下的代码:
//将16替换为24以使用192位或32以使用256位。var store = sessions.NewCookieStore(securecookie.GenerateRandomKey(16),securecookie.GenerateRandomKey(16))
//编辑
此外,@elithrar在评论中提出了一个非常有效的观点,请记住:
> 还要注意,使用此方法重新启动应用程序意味着它无法读取现有的会话(因为每次都会生成新的密钥)。
英文:
From the documentation you linked:
> // It is recommended to use an authentication key with 32 or 64 bytes.
>
> // The encryption key, if set, must be either 16, 24, or 32 bytes to select AES-128, AES-192, or AES-256 modes.
So you could use something like this:
//replace 16 with 24 for 192bit or 32 for 256bit.var store = sessions.NewCookieStore(securecookie.GenerateRandomKey(16),securecookie.GenerateRandomKey(16))
// edit
Also @elithrar made a very valid point in comments, so keep it in mind:
> Also note that restarting your application means that it cannot read existing sessions (as new keys are generated every time) when using this method.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论