-
Notifications
You must be signed in to change notification settings - Fork 535
/
Copy pathapp.go
162 lines (140 loc) · 4.32 KB
/
app.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
package main
import (
"bytes"
"context"
"fmt"
"io"
"log"
"os"
"strings"
dapr "github.com/dapr/go-sdk/client"
)
const (
// Name of the crypto component to use
CryptoComponentName = "localstorage"
// Name of the RSA private key to use
RSAKeyName = "rsa-private-key.pem"
// Name of the symmetric (AES) key to use
SymmetricKeyName = "symmetric-key-256"
)
func main() {
// Create a new Dapr SDK client
client, err := dapr.NewClient()
if err != nil {
log.Fatalf("Failed to initialize the Dapr client: %v", err)
}
defer client.Close()
// Step 1: encrypt a string using the RSA key, then decrypt it and show the output in the terminal
encryptDecryptString(client)
// Step 2: encrypt a large file and then decrypt it, using the AES key
encryptDecryptFile(client)
}
func encryptDecryptString(client dapr.Client) {
const message = `The secret is "passw0rd"`
// Encrypt the message
encStream, err := client.Encrypt(context.Background(),
strings.NewReader(message),
dapr.EncryptOptions{
ComponentName: CryptoComponentName,
// Name of the key to use
// Since this is a RSA key, we specify that as key wrapping algorithm
KeyName: RSAKeyName,
KeyWrapAlgorithm: "RSA",
},
)
if err != nil {
log.Fatalf("Failed to encrypt the message: %v", err)
}
// The method returns a readable stream, which we read in full in memory
encBytes, err := io.ReadAll(encStream)
if err != nil {
log.Fatalf("Failed to read the stream for the encrypted message: %v", err)
}
fmt.Printf("Encrypted the message, got %d bytes\n", len(encBytes))
// Now, decrypt the encrypted data
decStream, err := client.Decrypt(context.Background(),
bytes.NewReader(encBytes),
dapr.DecryptOptions{
// We just need to pass the name of the component
ComponentName: CryptoComponentName,
// Passing the name of the key is optional
KeyName: RSAKeyName,
},
)
if err != nil {
log.Fatalf("Failed to decrypt the message: %v", err)
}
// The method returns a readable stream, which we read in full in memory
decBytes, err := io.ReadAll(decStream)
if err != nil {
log.Fatalf("Failed to read the stream for the decrypted message: %v", err)
}
// Print the message on the console
fmt.Printf("Decrypted the message, got %d bytes\n", len(decBytes))
fmt.Println(string(decBytes))
}
func encryptDecryptFile(client dapr.Client) {
const fileName = "liuguangxi-66ouBTTs_x0-unsplash.jpg"
// Get a readable stream to the input file
plaintextF, err := os.Open(fileName)
if err != nil {
log.Fatalf("Failed to open plaintext file: %v", err)
}
defer plaintextF.Close()
// Encrypt the file
encStream, err := client.Encrypt(context.Background(),
plaintextF,
dapr.EncryptOptions{
ComponentName: CryptoComponentName,
// Name of the key to use
// Since this is a symmetric key, we specify AES as key wrapping algorithm
KeyName: SymmetricKeyName,
KeyWrapAlgorithm: "AES",
},
)
if err != nil {
log.Fatalf("Failed to encrypt the file: %v", err)
}
// Write the encrypted data to a file "encrypted.out"
encryptedF, err := os.Create("encrypted.out")
if err != nil {
log.Fatalf("Failed to open destination file: %v", err)
}
_, err = io.Copy(encryptedF, encStream)
if err != nil {
log.Fatalf("Failed to write encrypted stream to file: %v", err)
}
encryptedF.Close()
fmt.Println("Wrote decrypted data to encrypted.out")
// Now, decrypt the encrypted data
// First, open the file "encrypted.out" again, this time for reading
encryptedF, err = os.Open("encrypted.out")
if err != nil {
log.Fatalf("Failed to open encrypted file: %v", err)
}
defer encryptedF.Close()
// Now, decrypt the encrypted data
decStream, err := client.Decrypt(context.Background(),
encryptedF,
dapr.DecryptOptions{
// We just need to pass the name of the component
ComponentName: CryptoComponentName,
// Passing the name of the key is optional
KeyName: SymmetricKeyName,
},
)
if err != nil {
log.Fatalf("Failed to decrypt the file: %v", err)
}
// Write the decrypted data to a file "decrypted.out.jpg"
decryptedF, err := os.Create("decrypted.out.jpg")
if err != nil {
log.Fatalf("Failed to open destination file: %v", err)
}
_, err = io.Copy(decryptedF, decStream)
if err != nil {
log.Fatalf("Failed to write decrypted stream to file: %v", err)
}
decryptedF.Close()
fmt.Println("Wrote decrypted data to decrypted.out.jpg")
}