secure

package
v5.0.0+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 11, 2018 License: Apache-2.0 Imports: 8 Imported by: 0

README

secure

Package secure encrypting/decrypting the message body.

Usage

import "github.com/henrylee2cn/teleport/plugin/secure"

Ciphertext struct:

package secure_test

import (
	"strconv"
	"testing"
	"time"

	tp "github.com/henrylee2cn/teleport"
	"github.com/henrylee2cn/teleport/plugin/secure"
)

type Arg struct {
	A int
	B int
}

type Result struct {
	C int
}

type math struct{ tp.CallCtx }

func (m *math) Add(arg *Arg) (*Result, *tp.Rerror) {
	// enforces the body of the encrypted reply message.
	// secure.EnforceSecure(m.Output())
	return &Result{C: arg.A + arg.B}, nil
}

func newSession(t *testing.T, port uint16) tp.Session {
	p := secure.NewPlugin(100001, "cipherkey1234567")
	srv := tp.NewPeer(tp.PeerConfig{
		ListenPort:  port,
		PrintDetail: true,
	})
	srv.RouteCall(new(math), p)
	go srv.ListenAndServe()
	time.Sleep(time.Second)

	cli := tp.NewPeer(tp.PeerConfig{
		PrintDetail: true,
	}, p)
	sess, err := cli.Dial(":" + strconv.Itoa(int(port)))
	if err != nil {
		t.Fatal(err)
	}
	return sess
}

func TestSecurePlugin(t *testing.T) {
	sess := newSession(t, 9090)
	// test secure
	var result Result
	rerr := sess.Call(
		"/math/add",
		&Arg{A: 10, B: 2},
		&result,
		secure.WithSecureMeta(),
		// secure.WithAcceptSecureMeta(false),
	).Rerror()
	if rerr != nil {
		t.Fatal(rerr)
	}
	if result.C != 12 {
		t.Fatalf("expect 12, but get %d", result.C)
	}
	t.Logf("test secure10+2=%d", result.C)
}

func TestAcceptSecurePlugin(t *testing.T) {
	sess := newSession(t, 9091)
	// test accept secure
	var result Result
	rerr := sess.Call(
		"/math/add",
		&Arg{A: 20, B: 4},
		&result,
		secure.WithAcceptSecureMeta(true),
	).Rerror()
	if rerr != nil {
		t.Fatal(rerr)
	}
	if result.C != 24 {
		t.Fatalf("expect 24, but get %d", result.C)
	}
	t.Logf("test accept secure: 20+4=%d", result.C)
}

test command:

go test -v -run=TestSecurePlugin
go test -v -run=TestAcceptSecurePlugin

Documentation

Overview

Package secure encrypting/decrypting the message body.

Copyright 2018 HenryLee. All Rights Reserved.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. 

Package secure is a generated protocol buffer package.

It is generated from these files:
	secure.proto

It has these top-level messages:
	Encrypt

Index

Constants

View Source 
const (
	// SECURE_META_KEY if the metadata is true, perform encryption operation to the body.
	SECURE_META_KEY = "X-Secure" // value: true/false
	// ACCEPT_SECURE_META_KEY if the metadata is true, perform encryption operation to the body.
	ACCEPT_SECURE_META_KEY = "X-Accept-Secure" // value: true/false
)
View Source 
const (
	// CIPHERVERSION_KEY cipherkey version
	CIPHERVERSION_KEY = "cipherversion"
	// CIPHERTEXT_KEY ciphertext content
	CIPHERTEXT_KEY = "ciphertext"
)

Variables

View Source 
var (
	ErrInvalidLengthSecure = fmt.Errorf("proto: negative length found during unmarshaling")
	ErrIntOverflowSecure   = fmt.Errorf("proto: integer overflow")
)

Functions

func EnforceSecure 

func EnforceSecure(output tp.Message)

EnforceSecure enforces the body of the encrypted reply message. Note: requires that the secure plugin has been registered!

func NewPlugin 

func NewPlugin(rerrCode int32, cipherkey string) tp.Plugin

NewPlugin creates a AES encryption/decryption plugin. The cipherkey argument should be the AES key, either 16, 24, or 32 bytes to select AES-128, AES-192, or AES-256.

func WithAcceptSecureMeta 

func WithAcceptSecureMeta(accept bool) tp.MessageSetting

WithAcceptSecureMeta requires the peer to encrypt the replying body. Note: requires that the secure plugin has been registered!

func WithSecureMeta 

func WithSecureMeta() tp.MessageSetting

WithSecureMeta encrypts the body of the current message. Note: requires that the secure plugin has been registered!

Types

type Encrypt 

type Encrypt struct {
	Cipherversion string `protobuf:"bytes,1,opt,name=cipherversion,proto3" json:"cipherversion,omitempty"`
	Ciphertext    string `protobuf:"bytes,2,opt,name=ciphertext,proto3" json:"ciphertext,omitempty"`
}

func (*Encrypt) Descriptor 

func (*Encrypt) Descriptor() ([]byte, []int)

func (*Encrypt) GetCiphertext 

func (m *Encrypt) GetCiphertext() string

func (*Encrypt) GetCipherversion 

func (m *Encrypt) GetCipherversion() string

func (*Encrypt) Marshal 

func (m *Encrypt) Marshal() (dAtA []byte, err error)

func (*Encrypt) MarshalTo 

func (m *Encrypt) MarshalTo(dAtA []byte) (int, error)

func (*Encrypt) ProtoMessage 

func (*Encrypt) ProtoMessage()

func (*Encrypt) Reset 

func (m *Encrypt) Reset()

func (*Encrypt) Size 

func (m *Encrypt) Size() (n int)

func (*Encrypt) String 

func (m *Encrypt) String() string

func (*Encrypt) Unmarshal 

func (m *Encrypt) Unmarshal(dAtA []byte) error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.