mirror of https://github.com/dapr/go-sdk.git
163 lines
4.3 KiB
Go
163 lines
4.3 KiB
Go
package main
|
|
|
|
import (
|
|
"bytes"
|
|
"context"
|
|
"fmt"
|
|
"io"
|
|
"log"
|
|
"os"
|
|
"strings"
|
|
|
|
dapr "github.com/dapr/go-sdk/client"
|
|
)
|
|
|
|
const (
|
|
// Name of the crypto component to use
|
|
CryptoComponentName = "localstorage"
|
|
// Name of the RSA private key to use
|
|
RSAKeyName = "rsa-private-key.pem"
|
|
// Name of the symmetric (AES) key to use
|
|
SymmetricKeyName = "symmetric-key-256"
|
|
)
|
|
|
|
func main() {
|
|
// Create a new Dapr SDK client
|
|
client, err := dapr.NewClient()
|
|
if err != nil {
|
|
log.Fatalf("Failed to initialize the Dapr client: %v", err)
|
|
}
|
|
defer client.Close()
|
|
|
|
// Step 1: encrypt a string using the RSA key, then decrypt it and show the output in the terminal
|
|
encryptDecryptString(client)
|
|
|
|
// Step 2: encrypt a large file and then decrypt it, using the AES key
|
|
encryptDecryptFile(client)
|
|
}
|
|
|
|
func encryptDecryptString(client dapr.Client) {
|
|
const message = `The secret is "passw0rd"`
|
|
|
|
// Encrypt the message
|
|
encStream, err := client.Encrypt(context.Background(),
|
|
strings.NewReader(message),
|
|
dapr.EncryptOptions{
|
|
ComponentName: CryptoComponentName,
|
|
// Name of the key to use
|
|
// Since this is a RSA key, we specify that as key wrapping algorithm
|
|
KeyName: RSAKeyName,
|
|
KeyWrapAlgorithm: "RSA",
|
|
},
|
|
)
|
|
if err != nil {
|
|
log.Fatalf("Failed to encrypt the message: %v", err)
|
|
}
|
|
|
|
// The method returns a readable stream, which we read in full in memory
|
|
encBytes, err := io.ReadAll(encStream)
|
|
if err != nil {
|
|
log.Fatalf("Failed to read the stream for the encrypted message: %v", err)
|
|
}
|
|
|
|
fmt.Printf("Encrypted the message, got %d bytes\n", len(encBytes))
|
|
|
|
// Now, decrypt the encrypted data
|
|
decStream, err := client.Decrypt(context.Background(),
|
|
bytes.NewReader(encBytes),
|
|
dapr.DecryptOptions{
|
|
// We just need to pass the name of the component
|
|
ComponentName: CryptoComponentName,
|
|
// Passing the name of the key is optional
|
|
KeyName: RSAKeyName,
|
|
},
|
|
)
|
|
if err != nil {
|
|
log.Fatalf("Failed to decrypt the message: %v", err)
|
|
}
|
|
|
|
// The method returns a readable stream, which we read in full in memory
|
|
decBytes, err := io.ReadAll(decStream)
|
|
if err != nil {
|
|
log.Fatalf("Failed to read the stream for the decrypted message: %v", err)
|
|
}
|
|
|
|
// Print the message on the console
|
|
fmt.Printf("Decrypted the message, got %d bytes\n", len(decBytes))
|
|
fmt.Println(string(decBytes))
|
|
}
|
|
|
|
func encryptDecryptFile(client dapr.Client) {
|
|
const fileName = "desert.jpg"
|
|
|
|
// Get a readable stream to the input file
|
|
plaintextF, err := os.Open(fileName)
|
|
if err != nil {
|
|
log.Fatalf("Failed to open plaintext file: %v", err)
|
|
}
|
|
defer plaintextF.Close()
|
|
|
|
// Encrypt the file
|
|
encStream, err := client.Encrypt(context.Background(),
|
|
plaintextF,
|
|
dapr.EncryptOptions{
|
|
ComponentName: CryptoComponentName,
|
|
// Name of the key to use
|
|
// Since this is a symmetric key, we specify AES as key wrapping algorithm
|
|
KeyName: SymmetricKeyName,
|
|
KeyWrapAlgorithm: "AES",
|
|
},
|
|
)
|
|
if err != nil {
|
|
log.Fatalf("Failed to encrypt the file: %v", err)
|
|
}
|
|
|
|
// Write the encrypted data to a file "encrypted.out"
|
|
encryptedF, err := os.Create("encrypted.out")
|
|
if err != nil {
|
|
log.Fatalf("Failed to open destination file: %v", err)
|
|
}
|
|
_, err = io.Copy(encryptedF, encStream)
|
|
if err != nil {
|
|
log.Fatalf("Failed to write encrypted stream to file: %v", err)
|
|
}
|
|
encryptedF.Close()
|
|
|
|
fmt.Println("Wrote encrypted data to encrypted.out")
|
|
|
|
// Now, decrypt the encrypted data
|
|
// First, open the file "encrypted.out" again, this time for reading
|
|
encryptedF, err = os.Open("encrypted.out")
|
|
if err != nil {
|
|
log.Fatalf("Failed to open encrypted file: %v", err)
|
|
}
|
|
defer encryptedF.Close()
|
|
|
|
// Now, decrypt the encrypted data
|
|
decStream, err := client.Decrypt(context.Background(),
|
|
encryptedF,
|
|
dapr.DecryptOptions{
|
|
// We just need to pass the name of the component
|
|
ComponentName: CryptoComponentName,
|
|
// Passing the name of the key is optional
|
|
KeyName: SymmetricKeyName,
|
|
},
|
|
)
|
|
if err != nil {
|
|
log.Fatalf("Failed to decrypt the file: %v", err)
|
|
}
|
|
|
|
// Write the decrypted data to a file "decrypted.out.jpg"
|
|
decryptedF, err := os.Create("decrypted.out.jpg")
|
|
if err != nil {
|
|
log.Fatalf("Failed to open destination file: %v", err)
|
|
}
|
|
_, err = io.Copy(decryptedF, decStream)
|
|
if err != nil {
|
|
log.Fatalf("Failed to write decrypted stream to file: %v", err)
|
|
}
|
|
decryptedF.Close()
|
|
|
|
fmt.Println("Wrote decrypted data to decrypted.out.jpg")
|
|
}
|