added encryption modules

Signed-off-by: Michael <michael.lindman@gmail.com>
2021-07-05 01:32:19 +01:00 · 2021-07-05 01:32:19 +01:00 · f87b4eb5be
parent b4aa90c793
commit f87b4eb5be
2 changed files with 106 additions and 2 deletions
--- a/encrypt/encrypt.go
+++ b/encrypt/encrypt.go
@ -0,0 +1,103 @@
+package encrypt
+
+import (
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/sha256"
+	"crypto/x509"
+	"encoding/base64"
+	"encoding/pem"
+	"fmt"
+	"io/ioutil"
+	"os"
+
+	"github.com/OneOfOne/xxhash"
+)
+
+type Encrypt struct {
+	PrivateKey *rsa.PrivateKey
+}
+
+func LoadKey(path string, keygen bool) (encrypt *Encrypt, err error) {
+	var privateKey *rsa.PrivateKey
+	if keygen {
+		privateKey, err = generateKey()
+		if err != nil {
+			return nil, err
+		}
+		if err := writeKeyToFile(path, privateKey); err != nil {
+			return nil, err
+		}
+	} else {
+		privateKey, err = readPrivateKey(path)
+		if err != nil {
+			return nil, err
+		}
+	}
+	return &Encrypt{
+		PrivateKey: privateKey,
+	}, nil
+}
+
+func generateKey() (*rsa.PrivateKey, error) {
+	privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
+	if err != nil {
+		return nil, err
+	}
+	return privateKey, nil
+}
+
+func writeKeyToFile(path string, privateKey *rsa.PrivateKey) error {
+	pemdata := pem.EncodeToMemory(
+		&pem.Block{
+			Type:  "RSA PRIVATE KEY",
+			Bytes: x509.MarshalPKCS1PrivateKey(privateKey),
+		},
+	)
+	if _, err := os.Stat(path); os.IsNotExist(err) {
+		if err := ioutil.WriteFile(path, pemdata, 0640); err != nil {
+			return err
+		}
+		return nil
+	}
+	return fmt.Errorf("private key file %s already exists", path)
+}
+
+func readPrivateKey(path string) (*rsa.PrivateKey, error) {
+	file, err := ioutil.ReadFile(path)
+	if err != nil {
+		return nil, err
+	}
+	pemdata, _ := pem.Decode(file)
+	privateKey, err := x509.ParsePKCS1PrivateKey(pemdata.Bytes)
+	if err != nil {
+		return nil, err
+	}
+	return privateKey, nil
+}
+
+func (enc *Encrypt) Encrypt(secretMessage string) (string, error) {
+	ciphertext, err := rsa.EncryptOAEP(sha256.New(), rand.Reader, &enc.PrivateKey.PublicKey, []byte(secretMessage), []byte("OAEP Encrypted"))
+	if err != nil {
+		return "", err
+	}
+	return base64.StdEncoding.EncodeToString(ciphertext), nil
+}
+
+func (enc *Encrypt) Decrypt(cipherText string) (string, error) {
+	ct, err := base64.StdEncoding.DecodeString(cipherText)
+	if err != nil {
+		return "", err
+	}
+	plaintext, err := rsa.DecryptOAEP(sha256.New(), rand.Reader, enc.PrivateKey, ct, []byte("OAEP Encrypted"))
+	if err != nil {
+		return "", err
+	}
+	return string(plaintext), nil
+}
+
+func Hash(key []byte) uint64 {
+	hash := xxhash.New64()
+	hash.Write(key)
+	return hash.Sum64()
+}
--- a/go.mod
+++ b/go.mod
@ -3,9 +3,10 @@ module git.0cd.xyz/michael/gtools
 go 1.15

 require (
+	github.com/OneOfOne/xxhash v1.2.8
 	github.com/gorilla/csrf v1.7.0
 	github.com/gorilla/mux v1.8.0
 	github.com/sirupsen/logrus v1.8.1
-	golang.org/x/sys v0.0.0-20210415045647-66c3f260301c // indirect
-	google.golang.org/protobuf v1.26.0
+	golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c // indirect
+	google.golang.org/protobuf v1.27.1
 )