You can not select more than 25 topics
			Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
		
		
		
		
		
			
		
			
				
					
					
						
							60 lines
						
					
					
						
							1.1 KiB
						
					
					
				
			
		
		
		
			
			
			
		
		
	
	
							60 lines
						
					
					
						
							1.1 KiB
						
					
					
				| package util | |
| 
 | |
| import ( | |
| 	"crypto/aes" | |
| 	"crypto/cipher" | |
| 	"crypto/rand" | |
| 	"errors" | |
| 	"io" | |
| 
 | |
| 	"github.com/seaweedfs/seaweedfs/weed/glog" | |
| ) | |
| 
 | |
| type CipherKey []byte | |
| 
 | |
| func GenCipherKey() CipherKey { | |
| 	key := make([]byte, 32) | |
| 	if _, err := io.ReadFull(rand.Reader, key); err != nil { | |
| 		glog.Fatalf("random key gen: %v", err) | |
| 	} | |
| 	return CipherKey(key) | |
| } | |
| 
 | |
| func Encrypt(plaintext []byte, key CipherKey) ([]byte, error) { | |
| 	c, err := aes.NewCipher(key) | |
| 	if err != nil { | |
| 		return nil, err | |
| 	} | |
| 
 | |
| 	gcm, err := cipher.NewGCM(c) | |
| 	if err != nil { | |
| 		return nil, err | |
| 	} | |
| 
 | |
| 	nonce := make([]byte, gcm.NonceSize()) | |
| 	if _, err = io.ReadFull(rand.Reader, nonce); err != nil { | |
| 		return nil, err | |
| 	} | |
| 
 | |
| 	return gcm.Seal(nonce, nonce, plaintext, nil), nil | |
| } | |
| 
 | |
| func Decrypt(ciphertext []byte, key CipherKey) ([]byte, error) { | |
| 	c, err := aes.NewCipher(key) | |
| 	if err != nil { | |
| 		return nil, err | |
| 	} | |
| 
 | |
| 	gcm, err := cipher.NewGCM(c) | |
| 	if err != nil { | |
| 		return nil, err | |
| 	} | |
| 
 | |
| 	nonceSize := gcm.NonceSize() | |
| 	if len(ciphertext) < nonceSize { | |
| 		return nil, errors.New("ciphertext too short") | |
| 	} | |
| 
 | |
| 	nonce, ciphertext := ciphertext[:nonceSize], ciphertext[nonceSize:] | |
| 	return gcm.Open(nil, nonce, ciphertext, nil) | |
| }
 |