代码拉取完成,页面将自动刷新
package osscrypto
import (
"encoding/base64"
"encoding/json"
"fmt"
kms "github.com/aliyun/alibaba-cloud-sdk-go/services/kms"
)
// CreateMasterAliKms Create master key interface implemented by ali kms
// matDesc will be converted to json string
func CreateMasterAliKms(matDesc map[string]string, kmsID string, kmsClient *kms.Client) (MasterCipher, error) {
var masterCipher MasterAliKmsCipher
if kmsID == "" || kmsClient == nil {
return masterCipher, fmt.Errorf("kmsID is empty or kmsClient is nil")
}
var jsonDesc string
if len(matDesc) > 0 {
b, err := json.Marshal(matDesc)
if err != nil {
return masterCipher, err
}
jsonDesc = string(b)
}
masterCipher.MatDesc = jsonDesc
masterCipher.KmsID = kmsID
masterCipher.KmsClient = kmsClient
return masterCipher, nil
}
// MasterAliKmsCipher ali kms master key interface
type MasterAliKmsCipher struct {
MatDesc string
KmsID string
KmsClient *kms.Client
}
// GetWrapAlgorithm get master key wrap algorithm
func (mrc MasterAliKmsCipher) GetWrapAlgorithm() string {
return KmsAliCryptoWrap
}
// GetMatDesc get master key describe
func (mkms MasterAliKmsCipher) GetMatDesc() string {
return mkms.MatDesc
}
// Encrypt encrypt data by ali kms
// Mainly used to encrypt object's symmetric secret key and iv
func (mkms MasterAliKmsCipher) Encrypt(plainData []byte) ([]byte, error) {
// kms Plaintext must be base64 encoded
base64Plain := base64.StdEncoding.EncodeToString(plainData)
request := kms.CreateEncryptRequest()
request.RpcRequest.Scheme = "https"
request.RpcRequest.Method = "POST"
request.RpcRequest.AcceptFormat = "json"
request.KeyId = mkms.KmsID
request.Plaintext = base64Plain
response, err := mkms.KmsClient.Encrypt(request)
if err != nil {
return nil, err
}
return base64.StdEncoding.DecodeString(response.CiphertextBlob)
}
// Decrypt decrypt data by ali kms
// Mainly used to decrypt object's symmetric secret key and iv
func (mkms MasterAliKmsCipher) Decrypt(cryptoData []byte) ([]byte, error) {
base64Crypto := base64.StdEncoding.EncodeToString(cryptoData)
request := kms.CreateDecryptRequest()
request.RpcRequest.Scheme = "https"
request.RpcRequest.Method = "POST"
request.RpcRequest.AcceptFormat = "json"
request.CiphertextBlob = string(base64Crypto)
response, err := mkms.KmsClient.Decrypt(request)
if err != nil {
return nil, err
}
return base64.StdEncoding.DecodeString(response.Plaintext)
}
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。