Merge pull request TencentBlueKing#28 from wklken/ft_cryptography

feat(pkg/cryptography): add cryptography
lybkp · Jan 23, 2022 · 0e8439a · 0e8439a
2 parents 88e33d5 + fe8ceb9
commit 0e8439a
Show file tree

Hide file tree

Showing 30 changed files with 360 additions and 35 deletions.
diff --git a/Makefile b/Makefile
@@ -1,4 +1,4 @@
-.PHONY: dep lint test godoc
+.PHONY: dep lint test bench godoc
 
 dep:
 	go mod tidy
@@ -11,6 +11,9 @@ test:
 	go test -mod=vendor -gcflags=all=-l $(shell go list ./... | grep -v mock | grep -v docs) -covermode=count -coverprofile .coverage.cov
 	go tool cover -func=.coverage.cov
 
+bench:
+	go test -run=nonthingplease -benchmem -bench=. $(shell go list ./... | grep -v /vendor/)
+
 godoc:
 	echo "http://127.0.0.1:6060"
 	godoc -http=127.0.0.1:6060 -goroot="."
diff --git a/cache/cache_suite_test.go b/cache/cache_suite_test.go
@@ -3,7 +3,7 @@ package cache_test
 import (
 	"testing"
 
-	. "github.com/onsi/ginkgo"
+	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
 )
 

diff --git a/cache/key_test.go b/cache/key_test.go
@@ -12,7 +12,7 @@
 package cache
 
 import (
-	. "github.com/onsi/ginkgo"
+	. "github.com/onsi/ginkgo/v2"
 	"github.com/stretchr/testify/assert"
 )
 

diff --git a/cache/memory/backend/backend_suite_test.go b/cache/memory/backend/backend_suite_test.go
@@ -14,7 +14,7 @@ package backend_test
 import (
 	"testing"
 
-	. "github.com/onsi/ginkgo"
+	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
 )
 

diff --git a/cache/memory/backend/memory_test.go b/cache/memory/backend/memory_test.go
@@ -15,7 +15,7 @@ import (
 	"math/rand"
 	"time"
 
-	. "github.com/onsi/ginkgo"
+	. "github.com/onsi/ginkgo/v2"
 	"github.com/stretchr/testify/assert"
 )
 

diff --git a/cache/memory/base_cache_test.go b/cache/memory/base_cache_test.go
@@ -15,7 +15,7 @@ import (
 	"errors"
 	"time"
 
-	. "github.com/onsi/ginkgo"
+	. "github.com/onsi/ginkgo/v2"
 	"github.com/stretchr/testify/assert"
 
 	"github.com/TencentBlueKing/gopkg/cache"

diff --git a/cache/memory/cache_test.go b/cache/memory/cache_test.go
@@ -14,7 +14,7 @@ package memory
 import (
 	"time"
 
-	. "github.com/onsi/ginkgo"
+	. "github.com/onsi/ginkgo/v2"
 	"github.com/stretchr/testify/assert"
 
 	"github.com/TencentBlueKing/gopkg/cache"

diff --git a/cache/memory/memory_suite_test.go b/cache/memory/memory_suite_test.go
@@ -14,7 +14,7 @@ package memory_test
 import (
 	"testing"
 
-	. "github.com/onsi/ginkgo"
+	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
 )
 

diff --git a/collection/set/int64_test.go b/collection/set/int64_test.go
@@ -12,7 +12,7 @@
 package set_test
 
 import (
-	. "github.com/onsi/ginkgo"
+	. "github.com/onsi/ginkgo/v2"
 	"github.com/stretchr/testify/assert"
 
 	"github.com/TencentBlueKing/gopkg/collection/set"
@@ -26,7 +26,7 @@ var _ = Describe("Int64", func() {
 	})
 
 	It("NewInt64Set", func() {
-		//s := util.NewInt64Set()
+		// s := util.NewInt64Set()
 		assert.Len(GinkgoT(), s.Data, 0)
 		assert.Equal(GinkgoT(), 0, s.Size())
 	})

diff --git a/collection/set/set_suite_test.go b/collection/set/set_suite_test.go
@@ -14,7 +14,7 @@ package set_test
 import (
 	"testing"
 
-	. "github.com/onsi/ginkgo"
+	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
 )
 

diff --git a/collection/set/string_test.go b/collection/set/string_test.go
@@ -12,7 +12,7 @@
 package set_test
 
 import (
-	. "github.com/onsi/ginkgo"
+	. "github.com/onsi/ginkgo/v2"
 	"github.com/stretchr/testify/assert"
 
 	"github.com/TencentBlueKing/gopkg/collection/set"
@@ -97,7 +97,7 @@ var _ = Describe("String Set", func() {
 			s2 := s.ToString(",")
 
 			isEqual := s2 == "hello,world" || s2 == "world,hello"
-			//assert.Equal(GinkgoT(), "hello,world", s2)
+			// assert.Equal(GinkgoT(), "hello,world", s2)
 			assert.True(GinkgoT(), isEqual)
 
 		})

diff --git a/conv/conv_suite_test.go b/conv/conv_suite_test.go
@@ -14,7 +14,7 @@ package conv_test
 import (
 	"testing"
 
-	. "github.com/onsi/ginkgo"
+	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
 )
 

diff --git a/conv/int64_test.go b/conv/int64_test.go
@@ -13,8 +13,7 @@ package conv_test
 
 import (
 	"github.com/TencentBlueKing/gopkg/conv"
-	. "github.com/onsi/ginkgo"
-	. "github.com/onsi/ginkgo/extensions/table"
+	. "github.com/onsi/ginkgo/v2"
 	"github.com/stretchr/testify/assert"
 )
 

diff --git a/conv/slice_test.go b/conv/slice_test.go
@@ -13,8 +13,7 @@ package conv_test
 
 import (
 	"github.com/TencentBlueKing/gopkg/conv"
-	. "github.com/onsi/ginkgo"
-	. "github.com/onsi/ginkgo/extensions/table"
+	. "github.com/onsi/ginkgo/v2"
 	"github.com/stretchr/testify/assert"
 )
 

diff --git a/conv/string_test.go b/conv/string_test.go
@@ -17,8 +17,7 @@ import (
 	"testing"
 
 	"github.com/TencentBlueKing/gopkg/conv"
-	. "github.com/onsi/ginkgo"
-	. "github.com/onsi/ginkgo/extensions/table"
+	. "github.com/onsi/ginkgo/v2"
 	"github.com/stretchr/testify/assert"
 )
 

diff --git a/cryptography/aes_gcm.go b/cryptography/aes_gcm.go
@@ -0,0 +1,98 @@
+/*
+ * TencentBlueKing is pleased to support the open source community by making
+ * 蓝鲸智云-gopkg available.
+ * Copyright (C) 2017-2021 THL A29 Limited, a Tencent company. All rights reserved.
+ * Licensed under the MIT License (the "License"); you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at http://opensource.org/licenses/MIT
+ * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on
+ * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+
+package cryptography
+
+import (
+	"crypto/aes"
+	"crypto/cipher"
+	"errors"
+
+	"github.com/TencentBlueKing/gopkg/conv"
+)
+
+// reference: https://golang.org/src/crypto/cipher/example_test.go
+
+const (
+	// When decoded the key should be 16 bytes (AES-128) or 32 (AES-256)
+
+	ValidAES128KeySize int = 16
+	ValidAES256KeySize int = 32
+
+	// Never use more than 2^32 random nonces with a given key because of the risk of a repeat.
+
+	NonceByteSize int = 12
+)
+
+var (
+	ErrInvalidKey   = errors.New("invalid key, should be 16 or 32 bytes")
+	ErrInvalidNonce = errors.New("invalid nonce, should be 12 bytes")
+)
+
+type AESGcm struct {
+	key   []byte
+	nonce []byte
+	// authenticated encryption with associated data (AEAD)
+	aead cipher.AEAD
+}
+
+// NewAESGcm returns a new AES-GCM instance
+func NewAESGcm(key []byte, nonce []byte) (aesGcm *AESGcm, err error) {
+	// check key and nonce length
+	if len(key) != ValidAES128KeySize && len(key) != ValidAES256KeySize {
+		return nil, ErrInvalidKey
+	}
+
+	if len(nonce) != NonceByteSize {
+		return nil, ErrInvalidNonce
+	}
+
+	// create AEAD
+	block, err := aes.NewCipher(key)
+	if err != nil {
+		return
+	}
+
+	aead, err := cipher.NewGCM(block)
+	if err != nil {
+		return
+	}
+
+	return &AESGcm{
+		key:   key,
+		nonce: nonce,
+		aead:  aead,
+	}, nil
+}
+
+// Encrypt encrypts plaintext
+func (a *AESGcm) Encrypt(plaintext []byte) []byte {
+	encryptedText := a.aead.Seal(plaintext[:0], a.nonce, plaintext, nil)
+	return encryptedText
+}
+
+// Decrypt decrypts ciphertext
+func (a *AESGcm) Decrypt(encryptedText []byte) ([]byte, error) {
+	plaintext, err := a.aead.Open(nil, a.nonce, encryptedText, nil)
+	return plaintext, err
+}
+
+// EncryptToString encrypts plaintext to string
+func (a *AESGcm) EncryptToString(plaintext []byte) string {
+	encryptedText := a.aead.Seal(plaintext[:0], a.nonce, plaintext, nil)
+	return conv.BytesToString(encryptedText)
+}
+
+// DecryptString decrypts ciphertext string
+func (a *AESGcm) DecryptString(encryptedText string) ([]byte, error) {
+	plaintext, err := a.aead.Open(nil, a.nonce, conv.StringToBytes(encryptedText), nil)
+	return plaintext, err
+}