123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105 |
- package utils
- import (
- "crypto/aes"
- "crypto/cipher"
- "crypto/rand"
- "crypto/sha1"
- "encoding/base64"
- "errors"
- "fmt"
- "io"
- "github.com/flet-dev/flet/server/config"
- )
- // SHA1 returns SHA1 hash of the input string.
- func SHA1(value string) string {
- h := sha1.New()
- io.WriteString(h, value)
- return fmt.Sprintf("%x", h.Sum(nil))
- }
- func EncryptWithMasterKey(data []byte) ([]byte, error) {
- return EncryptWithKey(data, config.MasterSecretKey())
- }
- func EncryptWithKey(data []byte, secretKey string) ([]byte, error) {
- block, err := aes.NewCipher(GetCipherKey(secretKey))
- if err != nil {
- return nil, err
- }
- aesgcm, err := cipher.NewGCM(block)
- if err != nil {
- panic(err.Error())
- }
- nonce := make([]byte, aesgcm.NonceSize())
- if _, err = io.ReadFull(rand.Reader, nonce); err != nil {
- return nil, err
- }
- return aesgcm.Seal(nonce, nonce, data, nil), nil
- }
- func DecryptWithMasterKey(data []byte) ([]byte, error) {
- return DecryptWithKey(data, config.MasterSecretKey())
- }
- func DecryptWithKey(cipherData []byte, secretKey string) ([]byte, error) {
- block, err := aes.NewCipher(GetCipherKey(secretKey))
- if err != nil {
- return nil, err
- }
- aesgcm, err := cipher.NewGCM(block)
- if err != nil {
- return nil, err
- }
- nonceSize := aesgcm.NonceSize()
- if len(cipherData) < nonceSize {
- return nil, errors.New("invalid cipher data")
- }
- nonce, ciphertext := cipherData[:nonceSize], cipherData[nonceSize:]
- plaintext, err := aesgcm.Open(nil, nonce, ciphertext, nil)
- if err != nil {
- return nil, err
- }
- return plaintext, nil
- }
- func GetCipherKey(secretKey string) []byte {
- key := make([]byte, 32)
- for i, b := range []byte(secretKey)[:32] {
- key[i] = b
- }
- return key
- }
- // source: https://github.com/gorilla/securecookie/blob/master/securecookie.go
- func GenerateRandomKey(length int) []byte {
- k := make([]byte, length)
- if _, err := io.ReadFull(rand.Reader, k); err != nil {
- return nil
- }
- return k
- }
- func EncodeBase64(value []byte) string {
- encoded := make([]byte, base64.URLEncoding.EncodedLen(len(value)))
- base64.URLEncoding.Encode(encoded, value)
- return string(encoded)
- }
- func DecodeBase64(value string) ([]byte, error) {
- decoded := make([]byte, base64.URLEncoding.DecodedLen(len(value)))
- b, err := base64.URLEncoding.Decode(decoded, []byte(value))
- if err != nil {
- return nil, errors.New("base64 decode failed")
- }
- return decoded[:b], nil
- }
|