Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEAT] Support Encrypted Config File #105

Open
KiddoV opened this issue Oct 21, 2022 · 4 comments
Open

[FEAT] Support Encrypted Config File #105

KiddoV opened this issue Oct 21, 2022 · 4 comments
Assignees
@inhere
Labels
enhancement New feature or request

Comments

@KiddoV
Copy link

KiddoV commented Oct 21, 2022

It would be nice to have a built-in encrypted config file so sometime we are only allow user to change setting directly from the app.

I have 2 function to encrypt and decrypt the string to base64, just not sure how to implement it...

// Encrypt a string with a secret key.
// Secretkey must be 16, 24 or 32 characters long.
func EncryptStr(text, secretKey string) (string, error) {
	var randBytes = []byte{35, 46, 57, 24, 85, 35, 24, 74, 87, 35, 88, 98, 66, 32, 14, 05}
	block, err := aes.NewCipher([]byte(secretKey))
	if err != nil {
		return "", err
	}
	plainText := []byte(text)
	cfb := cipher.NewCFBEncrypter(block, randBytes)
	cipherText := make([]byte, len(plainText))
	cfb.XORKeyStream(cipherText, plainText)
	endCodeCipherText := base64.StdEncoding.EncodeToString(cipherText)
	return endCodeCipherText, nil
}

// Decrypt am encrypt string with the same secret key used in encrypt.
// Secretkey must be 16, 24 or 32 characters long.
func DecryptStr(eText, secretKey string) (string, error) {
	var randBytes = []byte{35, 46, 57, 24, 85, 35, 24, 74, 87, 35, 88, 98, 66, 32, 14, 05}
	block, err := aes.NewCipher([]byte(secretKey))
	if err != nil {
		return "", err
	}
	cipherText, _ := base64.StdEncoding.DecodeString(eText)
	cfb := cipher.NewCFBDecrypter(block, randBytes)
	plainText := make([]byte, len(cipherText))
	cfb.XORKeyStream(plainText, cipherText)
	return string(plainText), nil
}

Thought?
@inhere inhere added the enhancement New feature or request label Oct 22, 2022
@inhere
Copy link
Member

inhere commented Nov 15, 2022

Do you mean to decrypt the content of the file when it is loaded, and write it to the file after encryption?

@KiddoV
Copy link
Author

KiddoV commented Nov 15, 2022
edited

I meant to encrypt the file so users cannot see what inside the config file physically. Forcing users to use application only to make changes for settings.

In this case, application will have to generate its setting file automatically only on first time uses.
So...
User first time open the app => app generate encrypted setting file for the first time => user make changes on settings => app read changes, apply to the map or struct => encrypted json or any format string => save to config file => user open the app again => app load encrypted config string => decrypt => apply settings to struct or map...

@inhere
Copy link
Member

inhere commented Nov 15, 2022

:) ... I think what you want is a config center like service, or a local config database like library.

@KiddoV
Copy link
Author

KiddoV commented Nov 15, 2022

With a middle ware or a center like service, It won't play nice with those built-in methods like *get() or set() config. This has to be modified at the root level of the library, I think.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@inhere inhere

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@inhere @KiddoV