forked from TrueCloudLab/frostfs-s3-gw
43 lines
1 KiB
Go
43 lines
1 KiB
Go
|
package auth
|
||
|
|
||
|
import (
|
||
|
"crypto/rand"
|
||
|
"crypto/rsa"
|
||
|
"crypto/sha256"
|
||
|
"crypto/x509"
|
||
|
"encoding/pem"
|
||
|
"io/ioutil"
|
||
|
|
||
|
"github.com/pkg/errors"
|
||
|
)
|
||
|
|
||
|
func ReadRSAPrivateKeyFromPEMFile(filePath string) (*rsa.PrivateKey, error) {
|
||
|
kbs, err := ioutil.ReadFile(filePath)
|
||
|
if err != nil {
|
||
|
return nil, errors.Wrapf(err, "failed to read file %s", filePath)
|
||
|
}
|
||
|
pemBlock, _ := pem.Decode(kbs)
|
||
|
if pemBlock == nil {
|
||
|
return nil, errors.Errorf("failed to decode PEM data from file %s", filePath)
|
||
|
}
|
||
|
rsaKey, err := x509.ParsePKCS1PrivateKey(pemBlock.Bytes)
|
||
|
if err != nil {
|
||
|
return nil, errors.Wrapf(err, "failed to parse private key bytes from pem data from file %s", filePath)
|
||
|
}
|
||
|
return rsaKey, nil
|
||
|
}
|
||
|
|
||
|
func encrypt(key *rsa.PublicKey, data []byte) ([]byte, error) {
|
||
|
return rsa.EncryptOAEP(sha256.New(), rand.Reader, key, data, []byte{})
|
||
|
}
|
||
|
|
||
|
func decrypt(key *rsa.PrivateKey, data []byte) ([]byte, error) {
|
||
|
return rsa.DecryptOAEP(sha256.New(), rand.Reader, key, data, []byte{})
|
||
|
}
|
||
|
|
||
|
func sha256Hash(data []byte) []byte {
|
||
|
hash := sha256.New()
|
||
|
hash.Write(data)
|
||
|
return hash.Sum(nil)
|
||
|
}
|