secure

package
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 6, 2024 License: Apache-2.0 Imports: 9 Imported by: 0

README

secure

Package secure encrypting/decrypting the message body.

Usage

import "github.com/sqos/yrpc/plugin/secure"

Ciphertext struct:

package secure_test

import (
	"strconv"
	"testing"
	"time"

	"github.com/sqos/yrpc"
	"github.com/sqos/yrpc/plugin/secure"
)

type Arg struct {
	A int
	B int
}

type Result struct {
	C int
}

type math struct{ yrpc.CallCtx }

func (m *math) Add(arg *Arg) (*Result, *yrpc.Status) {
	// enforces the body of the encrypted reply message.
	// secure.EnforceSecure(m.Output())
	return &Result{C: arg.A + arg.B}, nil
}

func newSession(t *testing.T, port uint16) yrpc.Session {
	p := secure.NewPlugin(100001, "cipherkey1234567")
	srv := yrpc.NewPeer(yrpc.PeerConfig{
		ListenPort:  port,
		PrintDetail: true,
	})
	srv.RouteCall(new(math), p)
	go srv.ListenAndServe()
	time.Sleep(time.Second)

	cli := yrpc.NewPeer(yrpc.PeerConfig{
		PrintDetail: true,
	}, p)
	sess, stat := cli.Dial(":" + strconv.Itoa(int(port)))
	if !stat.OK() {
		t.Fatal(stat)
	}
	return sess
}

func TestSecurePlugin(t *testing.T) {
	sess := newSession(t, 9090)
	// test secure
	var result Result
	stat := sess.Call(
		"/math/add",
		&Arg{A: 10, B: 2},
		&result,
		secure.WithSecureMeta(),
		// secure.WithAcceptSecureMeta(false),
	).Status()
	if !stat.OK() {
		t.Fatal(stat)
	}
	if result.C != 12 {
		t.Fatalf("expect 12, but get %d", result.C)
	}
	t.Logf("test secure10+2=%d", result.C)
}

func TestAcceptSecurePlugin(t *testing.T) {
	sess := newSession(t, 9091)
	// test accept secure
	var result Result
	stat := sess.Call(
		"/math/add",
		&Arg{A: 20, B: 4},
		&result,
		secure.WithAcceptSecureMeta(true),
	).Status()
	if !stat.OK() {
		t.Fatal(stat)
	}
	if result.C != 24 {
		t.Fatalf("expect 24, but get %d", result.C)
	}
	t.Logf("test accept secure: 20+4=%d", result.C)
}

test command:

go test -v -run=TestSecurePlugin
go test -v -run=TestAcceptSecurePlugin

Documentation

Overview

Package secure encrypting/decrypting the message body.

Copyright 2018-2023 HenryLee. All Rights Reserved. Copyright 2024 sqos. All Rights Reserved.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index

Constants

View Source 
const (
	// SECURE_META_KEY if the metadata is true, perform encryption operation to the body.
	SECURE_META_KEY = "X-Secure" // value: true/false
	// ACCEPT_SECURE_META_KEY if the metadata is true, perform encryption operation to the body.
	ACCEPT_SECURE_META_KEY = "X-Accept-Secure" // value: true/false
)
View Source 
const (
	// CIPHERVERSION_KEY cipherkey version
	CIPHERVERSION_KEY = "cipherversion"
	// CIPHERTEXT_KEY ciphertext content
	CIPHERTEXT_KEY = "ciphertext"
)

Variables

View Source 
var File_secure_proto protoreflect.FileDescriptor

Functions

func EnforceSecure 

func EnforceSecure(output yrpc.Message)

EnforceSecure enforces the body of the encrypted reply message. Note: requires that the secure plugin has been registered!

func NewPlugin 

func NewPlugin(statCode int32, cipherkey string) yrpc.Plugin

NewPlugin creates a AES encryption/decryption plugin. The cipherkey argument should be the AES key, either 16, 24, or 32 bytes to select AES-128, AES-192, or AES-256.

func WithAcceptSecureMeta 

func WithAcceptSecureMeta(accept bool) yrpc.MessageSetting

WithAcceptSecureMeta requires the peer to encrypt the replying body. Note: requires that the secure plugin has been registered!

func WithSecureMeta 

func WithSecureMeta() yrpc.MessageSetting

WithSecureMeta encrypts the body of the current message. Note: requires that the secure plugin has been registered!

Types

type Encrypt 

type Encrypt struct {
	Cipherversion string `protobuf:"bytes,1,opt,name=cipherversion,proto3" json:"cipherversion,omitempty"`
	Ciphertext    string `protobuf:"bytes,2,opt,name=ciphertext,proto3" json:"ciphertext,omitempty"`
	// contains filtered or unexported fields
}

func (*Encrypt) Descriptor deprecated 

func (*Encrypt) Descriptor() ([]byte, []int)

Deprecated: Use Encrypt.ProtoReflect.Descriptor instead.

func (*Encrypt) GetCiphertext 

func (x *Encrypt) GetCiphertext() string

func (*Encrypt) GetCipherversion 

func (x *Encrypt) GetCipherversion() string

func (*Encrypt) ProtoMessage 

func (*Encrypt) ProtoMessage()

func (*Encrypt) ProtoReflect 

func (x *Encrypt) ProtoReflect() protoreflect.Message

func (*Encrypt) Reset 

func (x *Encrypt) Reset()

func (*Encrypt) String 

func (x *Encrypt) String() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.