Obligatory note about the use of unsafe crypto: the author uses only AES in CBC mode. If you’re going to use CBC mode, you’d better be tagging the ciphertext with an encrypt-then-mac scheme (i.e. HMAC-SHA-384 for the author’s AES-256 example) or using GCM mode (supported in Go 1.2). Better yet, for a reader, use either a stream cipher (like Salsa/20) or implement a ReadCloser where the Close method writes the MAC.
Summary: because method calls on interfaces are polymorphic, you can implement the Decorator pattern in Golang, permitting e.g. transparent decryption as an io.Reader wrapper; the author wrote a library called wrapio which makes this easier to do. Author does not mention the word “decorator”, so probably has not read GoF.
Obligatory note about the use of unsafe crypto: the author uses only AES in CBC mode. If you’re going to use CBC mode, you’d better be tagging the ciphertext with an encrypt-then-mac scheme (i.e. HMAC-SHA-384 for the author’s AES-256 example) or using GCM mode (supported in Go 1.2). Better yet, for a reader, use either a stream cipher (like Salsa/20) or implement a ReadCloser where the Close method writes the MAC.
…and if you’re going to use a stream cipher, it’s even more important to use a MAC.
That should have been an and/or, for sure. Thanks for catching that.
Summary: because method calls on interfaces are polymorphic, you can implement the Decorator pattern in Golang, permitting e.g. transparent decryption as an
io.Readerwrapper; the author wrote a library calledwrapiowhich makes this easier to do. Author does not mention the word “decorator”, so probably has not read GoF.