github.com/elliott5/community@v0.14.1-0.20160709191136-823126fb026a/wordsmith/utility/secrets.go

github.com/elliott5/community@v0.14.1-0.20160709191136-823126fb026a/wordsmith/utility/secrets.go (about)

     1  // Copyright 2016 Documize Inc. <legal@documize.com>. All rights reserved.
     2  //
     3  // This software (Documize Community Edition) is licensed under 
     4  // GNU AGPL v3 http://www.gnu.org/licenses/agpl-3.0.en.html
     5  //
     6  // You can operate outside the AGPL restrictions by purchasing
     7  // Documize Enterprise Edition and obtaining a commercial license
     8  // by contacting <sales@documize.com>. 
     9  //
    10  // https://documize.com
    11  
    12  package utility
    13  
    14  import (
    15  	"crypto/aes"
    16  	"crypto/cipher"
    17  	"crypto/rand"
    18  	"encoding/base64"
    19  	"errors"
    20  	"io"
    21  )
    22  
    23  var key = []byte("8456FHkQW1566etydT46jk39ghjfFhg4") // 32 bytes
    24  
    25  // MakeMD5 returns the MD5 hash of a given string, usually a password.
    26  /*
    27  func MakeMD5(password string) []byte {
    28  	hash := md5.New()
    29  	if _, err := io.WriteString(hash, password); err != nil {
    30  		log.Error("error in MakeMD5", err)
    31  	}
    32  	return hash.Sum(nil)
    33  }
    34  */
    35  
    36  // MakeAES creates an AES encryption of of a given string,
    37  // using a hard-wired key value,
    38  // suitable for use as an authentication token.
    39  func MakeAES(secret string) ([]byte, error) {
    40  	block, err := aes.NewCipher(key)
    41  	if err != nil {
    42  		return nil, err
    43  	}
    44  	b := EncodeBase64([]byte(secret))
    45  	ciphertext := make([]byte, aes.BlockSize+len(b))
    46  	iv := ciphertext[:aes.BlockSize]
    47  	if _, err := io.ReadFull(rand.Reader, iv); err != nil {
    48  		return nil, err
    49  	}
    50  	cfb := cipher.NewCFBEncrypter(block, iv)
    51  	cfb.XORKeyStream(ciphertext[aes.BlockSize:], b)
    52  	return ciphertext, nil
    53  }
    54  
    55  // DecryptAES decrypts an AES encoded []byte,
    56  // using a hard-wired key value,
    57  // suitable for use when reading an authentication token.
    58  func DecryptAES(text []byte) ([]byte, error) {
    59  	block, err := aes.NewCipher(key)
    60  	if err != nil {
    61  		return nil, errors.New("aes.NewCipher failure: " + err.Error())
    62  	}
    63  	if len(text) < aes.BlockSize {
    64  		return nil, errors.New("ciphertext too short")
    65  	}
    66  	iv := text[:aes.BlockSize]
    67  	text = text[aes.BlockSize:]
    68  	cfb := cipher.NewCFBDecrypter(block, iv)
    69  	cfb.XORKeyStream(text, text)
    70  	return DecodeBase64(text)
    71  }
    72  
    73  // EncodeBase64 is a convenience function to encode using StdEncoding.
    74  func EncodeBase64(b []byte) []byte {
    75  	return []byte(base64.StdEncoding.EncodeToString(b))
    76  }
    77  
    78  // EncodeBase64AsString is a convenience function to encode using StdEncoding.
    79  /*
    80  func EncodeBase64AsString(b []byte) string {
    81  	return base64.StdEncoding.EncodeToString(b)
    82  }
    83  */
    84  
    85  // DecodeBase64 is a convenience function to decode using StdEncoding.
    86  func DecodeBase64(b []byte) ([]byte, error) {
    87  	return base64.StdEncoding.DecodeString(string(b))
    88  }