Merge pull request #30 from elithrar/gen-key-doc

Improved documentation for GenerateRandomKey
author: Kamil Kisiel <kamil@kamilkisiel.net> 2015-08-08 18:20:25 +0300
committer: Kamil Kisiel <kamil@kamilkisiel.net> 2015-08-08 18:20:25 +0300
commit: 95995b243b00d085c7068909df0f833b343a3215 (patch)
tree: 3bb22f76e2e1e037a3a367dfad770d0e56bdf8a5
parent: c223d6df5316d3dc8d651d7762ba32dd867d9f69 (diff)
parent: 6d727f0c85dca64d111f5654c33c08f8162220dd (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/securecookie.go b/securecookie.go
index 7dd373d..a776889 100644
--- a/securecookie.go
+++ b/securecookie.go
@@ -126,6 +126,10 @@ type Codec interface {
 // of the encryption algorithm. For AES, used by default, valid lengths are
 // 16, 24, or 32 bytes to select AES-128, AES-192, or AES-256.
 // The default encoder used for cookie serialization is encoding/gob.
+//
+// Note that keys created using GenerateRandomKey() are not automatically
+// persisted. New keys will be created when the application is restarted, and
+// previously issued cookies will not be able to be decoded.
 func New(hashKey, blockKey []byte) *SecureCookie {
 	s := &SecureCookie{
 		hashKey:   hashKey,
@@ -474,6 +478,9 @@ func decode(value []byte) ([]byte, error) {
 
 // GenerateRandomKey creates a random key with the given length in bytes.
 // On failure, returns nil.
+//
+// Callers should explicitly check for the possibility of a nil return, treat
+// it as a failure of the system random number generator, and not continue.
 func GenerateRandomKey(length int) []byte {
 	k := make([]byte, length)
 	if _, err := io.ReadFull(rand.Reader, k); err != nil {
author	Kamil Kisiel <kamil@kamilkisiel.net>	2015-08-08 18:20:25 +0300
committer	Kamil Kisiel <kamil@kamilkisiel.net>	2015-08-08 18:20:25 +0300
commit	95995b243b00d085c7068909df0f833b343a3215 (patch)
tree	3bb22f76e2e1e037a3a367dfad770d0e56bdf8a5
parent	c223d6df5316d3dc8d651d7762ba32dd867d9f69 (diff)
parent	6d727f0c85dca64d111f5654c33c08f8162220dd (diff)