lywsvip/cloudpods
1
0
Fork 0
mirror of https://github.com/yunionio/cloudpods.git synced 2026-05-08 06:31:00 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
d7da3c6e9cd73dc052d871bb00dd2d2f8953aefd
cloudpods/cmd/cryptool/shell/fernet.go

129 lines
3.5 KiB
Go
Raw Blame History

// Copyright 2019 Yunion
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package shell
import (
"fmt"
"yunion.io/x/pkg/util/timeutils"
"yunion.io/x/onecloud/pkg/keystone/tokens"
"yunion.io/x/onecloud/pkg/util/fernetool"
"yunion.io/x/onecloud/pkg/util/shellutils"
)
func init() {
type FernetInitKeysOptions struct {
PATH string `help:"path that stores fernet keys"`
COUNT int `help:"number of keys to init"`
}
shellutils.R(&FernetInitKeysOptions{}, "fernet-initkeys", "Initialze fernet keys", func(args *FernetInitKeysOptions) error {
fm := fernetool.SFernetKeyManager{}
err := fm.InitKeys(args.PATH, args.COUNT)
if err != nil {
return err
}
return nil
})
type FernetEncryptOptions struct {
PATH string `help:"path that stores fernet keys"`
MSG string `help:"message to encrypt"`
}
shellutils.R(&FernetEncryptOptions{}, "fernet-encrypt", "Encrypt message with fernet keys", func(args *FernetEncryptOptions) error {
fm := fernetool.SFernetKeyManager{}
err := fm.LoadKeys(args.PATH)
if err != nil {
return err
}
ret, err := fm.Encrypt([]byte(args.MSG))
if err != nil {
return err
}
fmt.Println(string(ret))
return nil
})
type FernetEncryptTokenOptions struct {
PATH string `help:"path that stores fernet keys"`
USERID string `help:"UserId"`
METHOD string `help:"auth method" choices:"password|token"`
EXPIREAT string `help:"expired time"`
ProjectId string `help:"project Id"`
DomainId string `help:"domainId"`
AUDITID string `help:"audit ID"`
}
shellutils.R(&FernetEncryptTokenOptions{}, "fernet-encrypt-token", "Encrypt auth token with fernet keys", func(args *FernetEncryptTokenOptions) error {
token := tokens.SAuthToken{}
token.UserId = args.USERID
token.Method = args.METHOD
token.ProjectId = args.ProjectId
token.DomainId = args.DomainId
token.ExpiresAt, _ = timeutils.ParseFullIsoTime(args.EXPIREAT)
token.AuditIds = []string{args.AUDITID}
tk, err := token.Encode()
if err != nil {
return err
}
fmt.Println(len(tk))
fmt.Println(string(tk))
fmt.Println(tk)
fmt.Printf("%x\n", tk)
fm := fernetool.SFernetKeyManager{}
err = fm.LoadKeys(args.PATH)
if err != nil {
return err
}
ret, err := fm.Encrypt(tk)
if err != nil {
return err
}
fmt.Println(string(ret))
return nil
})
shellutils.R(&FernetEncryptOptions{}, "fernet-decrypt", "Decrypt message with fernet keys", func(args *FernetEncryptOptions) error {
fm := fernetool.SFernetKeyManager{}
if args.PATH == "empty" {
fm.InitEmpty()
} else {
err := fm.LoadKeys(args.PATH)
if err != nil {
return err
}
}
fmt.Println("primary key hash:", fm.PrimaryKeyHash())
ret := fm.Decrypt([]byte(args.MSG))
if len(ret) == 0 {
return fmt.Errorf("invalid message")
}
fmt.Println(len(ret))
fmt.Println(string(ret))
fmt.Println(ret)
fmt.Printf("%x\n", ret)
token := tokens.SAuthToken{}
err := token.Decode(ret)
if err != nil {
return err
}
fmt.Println(token)
return nil
})
}
Reference in New Issue View Git Blame Copy Permalink