72 lines
2.1 KiB
Go
72 lines
2.1 KiB
Go
package encrypter
|
|
|
|
import (
|
|
"context"
|
|
"crypto/aes"
|
|
"crypto/cipher"
|
|
"crypto/ecdh"
|
|
"encoding/base64"
|
|
"fmt"
|
|
|
|
"github.com/beckn-one/beckn-onix/pkg/model"
|
|
"github.com/zenazn/pkcs7pad"
|
|
)
|
|
|
|
// encrypter implements the Encrypter interface and handles the encryption process.
|
|
type encrypter struct {
|
|
}
|
|
|
|
// New creates a new encrypter instance with the given configuration.
|
|
func New(ctx context.Context) (*encrypter, func() error, error) {
|
|
return &encrypter{}, nil, nil
|
|
}
|
|
|
|
func (e *encrypter) Encrypt(ctx context.Context, data string, privateKeyBase64, publicKeyBase64 string) (string, error) {
|
|
privateKeyBytes, err := base64.StdEncoding.DecodeString(privateKeyBase64)
|
|
if err != nil {
|
|
return "", model.NewBadReqErr(fmt.Errorf("invalid private key: %w", err))
|
|
}
|
|
|
|
publicKeyBytes, err := base64.StdEncoding.DecodeString(publicKeyBase64)
|
|
if err != nil {
|
|
return "", model.NewBadReqErr(fmt.Errorf("invalid public key: %w", err))
|
|
}
|
|
|
|
// Convert the input string to a byte slice.
|
|
dataByte := []byte(data)
|
|
aesCipher, err := createAESCipher(privateKeyBytes, publicKeyBytes)
|
|
if err != nil {
|
|
return "", fmt.Errorf("failed to create AES cipher: %w", err)
|
|
}
|
|
|
|
dataByte = pkcs7pad.Pad(dataByte, aesCipher.BlockSize())
|
|
for i := 0; i < len(dataByte); i += aesCipher.BlockSize() {
|
|
aesCipher.Encrypt(dataByte[i:i+aesCipher.BlockSize()], dataByte[i:i+aesCipher.BlockSize()])
|
|
}
|
|
|
|
return base64.StdEncoding.EncodeToString(dataByte), nil
|
|
}
|
|
|
|
func createAESCipher(privateKey, publicKey []byte) (cipher.Block, error) {
|
|
x25519Curve := ecdh.X25519()
|
|
x25519PrivateKey, err := x25519Curve.NewPrivateKey(privateKey)
|
|
if err != nil {
|
|
return nil, model.NewBadReqErr(fmt.Errorf("failed to create private key: %w", err))
|
|
}
|
|
x25519PublicKey, err := x25519Curve.NewPublicKey(publicKey)
|
|
if err != nil {
|
|
return nil, model.NewBadReqErr(fmt.Errorf("failed to create public key: %w", err))
|
|
}
|
|
sharedSecret, err := x25519PrivateKey.ECDH(x25519PublicKey)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("failed to derive shared secret: %w", err)
|
|
}
|
|
|
|
aesCipher, err := aes.NewCipher(sharedSecret)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("failed to create AES cipher: %w", err)
|
|
}
|
|
|
|
return aesCipher, nil
|
|
}
|