tijl.dev-core/internal/apps/uploader/crypto.go

package uploader

import (
	"crypto/aes"
	"crypto/cipher"
	"crypto/rand"
	"crypto/sha512"
	"encoding/hex"
	"fmt"
	"io"
)

func generateEncryptionKey() ([]byte, error) {
	key := make([]byte, 32) // AES-256 32-byte key
	if _, err := rand.Read(key); err != nil {
		return nil, err
	}
	return key, nil
}

func encryptData(data []byte, key []byte) ([]byte, error) {
	block, err := aes.NewCipher(key)
	if err != nil {
		return nil, err
	}

	gcm, err := cipher.NewGCM(block)
	if err != nil {
		return nil, err
	}

	nonce := make([]byte, gcm.NonceSize())
	if _, err := io.ReadFull(rand.Reader, nonce); err != nil {
		return nil, err
	}

	return gcm.Seal(nonce, nonce, data, nil), nil
}

func decryptData(encryptedData []byte, key []byte) ([]byte, error) {
	block, err := aes.NewCipher(key)
	if err != nil {
		return nil, err
	}

	gcm, err := cipher.NewGCM(block)
	if err != nil {
		return nil, err
	}

	nonceSize := gcm.NonceSize()
	if len(encryptedData) < nonceSize {
		return nil, fmt.Errorf("encrypted data is too short")
	}

	nonce, ciphertext := encryptedData[:nonceSize], encryptedData[nonceSize:]
	plaintext, err := gcm.Open(nil, nonce, ciphertext, nil)
	if err != nil {
		return nil, err
	}

	return plaintext, nil
}

func hashKey(key []byte) string {
	hash := sha512.Sum512(key)
	return hex.EncodeToString(hash[:])
}
changes + add uploader 2024-08-29 12:21:38 +02:00			`package uploader`

			`import (`
			`"crypto/aes"`
			`"crypto/cipher"`
			`"crypto/rand"`
			`"crypto/sha512"`
			`"encoding/hex"`
			`"fmt"`
			`"io"`
			`)`

			`func generateEncryptionKey() ([]byte, error) {`
			`key := make([]byte, 32) // AES-256 32-byte key`
			`if _, err := rand.Read(key); err != nil {`
			`return nil, err`
			`}`
			`return key, nil`
			`}`

			`func encryptData(data []byte, key []byte) ([]byte, error) {`
			`block, err := aes.NewCipher(key)`
			`if err != nil {`
			`return nil, err`
			`}`

			`gcm, err := cipher.NewGCM(block)`
			`if err != nil {`
			`return nil, err`
			`}`

			`nonce := make([]byte, gcm.NonceSize())`
			`if _, err := io.ReadFull(rand.Reader, nonce); err != nil {`
			`return nil, err`
			`}`

			`return gcm.Seal(nonce, nonce, data, nil), nil`
			`}`

			`func decryptData(encryptedData []byte, key []byte) ([]byte, error) {`
			`block, err := aes.NewCipher(key)`
			`if err != nil {`
			`return nil, err`
			`}`

			`gcm, err := cipher.NewGCM(block)`
			`if err != nil {`
			`return nil, err`
			`}`

			`nonceSize := gcm.NonceSize()`
			`if len(encryptedData) < nonceSize {`
			`return nil, fmt.Errorf("encrypted data is too short")`
			`}`

			`nonce, ciphertext := encryptedData[:nonceSize], encryptedData[nonceSize:]`
			`plaintext, err := gcm.Open(nil, nonce, ciphertext, nil)`
			`if err != nil {`
			`return nil, err`
			`}`

			`return plaintext, nil`
			`}`

			`func hashKey(key []byte) string {`
			`hash := sha512.Sum512(key)`
			`return hex.EncodeToString(hash[:])`
			`}`