/
replication.go
168 lines (128 loc) · 3.16 KB
/
replication.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
package models
import (
"crypto/aes"
"crypto/cipher"
"crypto/rand"
"encoding/base64"
"encoding/json"
"fmt"
"io"
"time"
"github.com/inpher/sb/internal/config"
"github.com/inpher/sb/internal/helpers"
"github.com/google/uuid"
"gorm.io/gorm"
)
type Replication struct {
UniqID string `gorm:"PRIMARY_KEY"`
CreationDate time.Time `gorm:"autoCreateTime"`
Instance string
Action string
Data string
}
type ReplicationData map[string]string
func (r *Replication) BeforeCreate(tx *gorm.DB) (err error) {
r.UniqID = uuid.New().String()
return
}
// Delete removes the access from the provided database
func (r *Replication) Delete(db *gorm.DB) (err error) {
// We delete our access
return db.Delete(r).Error
}
// Save saves the replication entry in the provided database
func (r *Replication) Save(db *gorm.DB) (err error) {
// We insert or update our access
return db.Save(r).Error
}
func GetNextReplicationEntryToPush(db *gorm.DB) (entry Replication, err error) {
err = db.Limit(1).Order("creation_date ASC").Find(&entry).Error
return
}
func NewReplicationEntry(action string, data ReplicationData) (repl *Replication, err error) {
hostname, err := helpers.GetHostname()
if err != nil {
return
}
encryptedPayload, err := EncryptReplicationDataForTransport(data)
if err != nil {
return
}
repl = &Replication{
Instance: hostname,
Action: action,
Data: encryptedPayload,
}
return
}
func EncryptReplicationDataForTransport(data ReplicationData) (encrypted string, err error) {
// Let's start by json encode our type
dataStr, err := json.Marshal(data)
if err != nil {
return
}
cipherKey := config.GetEncryptionKey()
cipherKeyLen := len(cipherKey)
if cipherKeyLen != 8 && cipherKeyLen != 16 && cipherKeyLen != 32 {
err = fmt.Errorf("cipher key is invalid")
return
}
var cipherText []byte
if cipherKey != "" {
var c cipher.Block
var gcm cipher.AEAD
var nonce []byte
// Then, let's AES encrypt the json data
c, err = aes.NewCipher([]byte(cipherKey))
if err != nil {
return
}
gcm, err = cipher.NewGCM(c)
if err != nil {
return
}
nonce = make([]byte, gcm.NonceSize())
if _, err = io.ReadFull(rand.Reader, nonce); err != nil {
return
}
cipherText = gcm.Seal(nonce, nonce, dataStr, nil)
} else {
cipherText = dataStr
}
encrypted = base64.StdEncoding.EncodeToString(cipherText)
return
}
func DecryptReplicationData(encryptedPayload string) (data ReplicationData, err error) {
ciphertext, err := base64.StdEncoding.DecodeString(encryptedPayload)
if err != nil {
return
}
cipherKey := config.GetEncryptionKey()
var plaintext []byte
if cipherKey != "" {
var c cipher.Block
var gcm cipher.AEAD
var nonceSize int
c, err = aes.NewCipher([]byte(cipherKey))
if err != nil {
return
}
gcm, err = cipher.NewGCM(c)
if err != nil {
return
}
nonceSize = gcm.NonceSize()
if len(ciphertext) < nonceSize {
return
}
nonce, ciphertext := ciphertext[:nonceSize], ciphertext[nonceSize:]
plaintext, err = gcm.Open(nil, nonce, ciphertext, nil)
if err != nil {
return
}
} else {
plaintext = ciphertext
}
err = json.Unmarshal(plaintext, &data)
return
}