mirror of https://github.com/dapr/kit.git
125 lines
3.3 KiB
Go
125 lines
3.3 KiB
Go
/*
|
|
Copyright 2023 The Dapr Authors
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
*/
|
|
|
|
package v1
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
"strconv"
|
|
)
|
|
|
|
// Algorithm used to wrap the file key.
|
|
type KeyAlgorithm string
|
|
|
|
const (
|
|
KeyAlgorithmAES256KW KeyAlgorithm = "A256KW"
|
|
KeyAlgorithmAES128CBC KeyAlgorithm = "A128CBC-NOPAD"
|
|
KeyAlgorithmAES192CBC KeyAlgorithm = "A192CBC-NOPAD"
|
|
KeyAlgorithmAES256CBC KeyAlgorithm = "A256CBC-NOPAD"
|
|
KeyAlgorithmRSAOAEP256 KeyAlgorithm = "RSA-OAEP-256"
|
|
|
|
KeyAlgorithmAES KeyAlgorithm = "AES" // Alias for A256KW
|
|
KeyAlgorithmRSA KeyAlgorithm = "RSA" // Alias for RSA-OAEP-256
|
|
|
|
keyAlgorithmInvalid = 0
|
|
keyAlgorithmNumAES256KW = 1
|
|
keyAlgorithmNumAES128CBC = 2
|
|
keyAlgorithmNumAES192CBC = 3
|
|
keyAlgorithmNumAES256CBC = 4
|
|
keyAlgorithmNumRSAOAEP256 = 5
|
|
)
|
|
|
|
// Validate the passed algorithm and resolves aliases.
|
|
func (a KeyAlgorithm) Validate() (KeyAlgorithm, error) {
|
|
switch a {
|
|
// Valid algorithms, not aliased
|
|
case KeyAlgorithmAES256KW,
|
|
KeyAlgorithmAES128CBC, KeyAlgorithmAES192CBC, KeyAlgorithmAES256CBC,
|
|
KeyAlgorithmRSAOAEP256:
|
|
return a, nil
|
|
|
|
// Alias for A256KW
|
|
case KeyAlgorithmAES:
|
|
return KeyAlgorithmAES256KW, nil
|
|
|
|
// Alias for RSA-OAEP-256
|
|
case KeyAlgorithmRSA:
|
|
return KeyAlgorithmRSAOAEP256, nil
|
|
|
|
default:
|
|
return a, fmt.Errorf("algorithm %s is not supported", a)
|
|
}
|
|
}
|
|
|
|
// ID returns the numeric ID for the algorithm.
|
|
func (a KeyAlgorithm) ID() int {
|
|
switch a {
|
|
case KeyAlgorithmAES256KW, KeyAlgorithmAES:
|
|
return keyAlgorithmNumAES256KW
|
|
case KeyAlgorithmAES128CBC:
|
|
return keyAlgorithmNumAES128CBC
|
|
case KeyAlgorithmAES192CBC:
|
|
return keyAlgorithmNumAES192CBC
|
|
case KeyAlgorithmAES256CBC:
|
|
return keyAlgorithmNumAES256CBC
|
|
case KeyAlgorithmRSAOAEP256, KeyAlgorithmRSA:
|
|
return keyAlgorithmNumRSAOAEP256
|
|
default:
|
|
return keyAlgorithmInvalid
|
|
}
|
|
}
|
|
|
|
// NewKeyAlgorithmFromID returns a KeyAlgorithm from its ID.
|
|
func NewKeyAlgorithmFromID(id int) (KeyAlgorithm, error) {
|
|
switch id {
|
|
case keyAlgorithmNumAES256KW:
|
|
return KeyAlgorithmAES256KW, nil
|
|
case keyAlgorithmNumAES128CBC:
|
|
return KeyAlgorithmAES128CBC, nil
|
|
case keyAlgorithmNumAES192CBC:
|
|
return KeyAlgorithmAES192CBC, nil
|
|
case keyAlgorithmNumAES256CBC:
|
|
return KeyAlgorithmAES256CBC, nil
|
|
case keyAlgorithmNumRSAOAEP256:
|
|
return KeyAlgorithmRSAOAEP256, nil
|
|
default:
|
|
return "", fmt.Errorf("algorithm ID %d is not supported", id)
|
|
}
|
|
}
|
|
|
|
// MarhsalJSON implements json.Marshaler.
|
|
func (a KeyAlgorithm) MarshalJSON() ([]byte, error) {
|
|
return []byte(strconv.Itoa(a.ID())), nil
|
|
}
|
|
|
|
// UnmarshalJSON implements json.Unmarshaler.
|
|
func (a *KeyAlgorithm) UnmarshalJSON(dataB []byte) error {
|
|
data := string(dataB)
|
|
if data == "" || data == "null" {
|
|
return errors.New("value is empty")
|
|
}
|
|
|
|
id, err := strconv.Atoi(data)
|
|
if err != nil {
|
|
return errors.New("failed to parse value as number")
|
|
}
|
|
|
|
newA, err := NewKeyAlgorithmFromID(id)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
*a = newA
|
|
return nil
|
|
}
|