/
main.go
191 lines (154 loc) · 3.84 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
package main
import (
"crypto/aes"
"crypto/cipher"
"crypto/rand"
"encoding/base64"
"errors"
"io"
mrand "math/rand"
"os"
"github.com/joho/godotenv"
"github.com/pchchv/golog"
"go.mongodb.org/mongo-driver/mongo"
"golang.org/x/crypto/bcrypt"
)
const charSet = "abcdefghijklmnopqrstuvwxyz" + "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + "!@#$%&*" + "0123456789"
var (
keys_collection *mongo.Collection
secrets_collection *mongo.Collection
)
type Secret struct {
encryptedtext EncryptedText
key Key
password string
}
type Key struct {
key []byte
hash string
}
type EncryptedText struct {
text string
hash string
}
func init() {
// Load values from .env into the system
if err := godotenv.Load(); err != nil {
golog.Panic("No .env file found")
}
}
func getEnvValue(v string) string {
value, exist := os.LookupEnv(v)
if !exist {
golog.Panic("Value %v does not exist", v)
}
return value
}
func hashPassword(password string) (string, error) {
bytes, err := bcrypt.GenerateFromPassword([]byte(password), 14)
return string(bytes), err
}
func checkPasswordHash(password, hash string) bool {
err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
return err == nil
}
func genPassword() (password string) {
length := mrand.Intn(17-7) + 7
for i := 0; i < length; i++ {
password += string([]rune(charSet)[mrand.Intn(len(charSet))])
}
return
}
func genKey() ([]byte, error) {
key := make([]byte, 32)
if _, err := rand.Read(key); err != nil {
return nil, err
}
return key, nil
}
func encrypt(text string) (encoded string, key []byte, err error) {
// create byte array from the input string
plainText := []byte(text)
// getting the 32-bit passphrase
key, err = genKey()
if err != nil {
return
}
// create a new AES cipher using the key
block, err := aes.NewCipher(key)
if err != nil {
return
}
// make the cipher text a byte array of size BlockSize + the length of the message
cipherText := make([]byte, aes.BlockSize+len(plainText))
// iv is the ciphertext up to the blocksize
iv := cipherText[:aes.BlockSize]
if _, err = io.ReadFull(rand.Reader, iv); err != nil {
return
}
// encrypt the data:
stream := cipher.NewCFBEncrypter(block, iv)
stream.XORKeyStream(cipherText[aes.BlockSize:], plainText)
// return string encoded in base64
return base64.RawStdEncoding.EncodeToString(cipherText), key, err
}
func decrypt(key []byte, secure string) (decoded string, err error) {
// remove base64 encoding:
cipherText, err := base64.RawStdEncoding.DecodeString(secure)
if err != nil {
return
}
// create a new AES cipher with the key and encrypted message
block, err := aes.NewCipher(key)
if err != nil {
return
}
if len(cipherText) < aes.BlockSize {
err = errors.New("Ciphertext block size is too short!")
return
}
iv := cipherText[:aes.BlockSize]
cipherText = cipherText[aes.BlockSize:]
// decrypt the message
stream := cipher.NewCFBDecrypter(block, iv)
stream.XORKeyStream(cipherText, cipherText)
return string(cipherText), err
}
func reverse(s string) (result string) {
for _, v := range s {
result = string(v) + result
}
return
}
func encryptor(text string) (pass string, err error) {
s := Secret{}
s.encryptedtext.text, s.key.key, err = encrypt(text)
if err != nil {
return
}
s.password = genPassword()
s.encryptedtext.hash, err = hashPassword(s.password)
s.key.hash, err = hashPassword(reverse(s.password))
if err != nil {
return
}
return inserter(s)
}
func decryptor(password string) (text string, err error) {
secret, err := finder(password)
if err != nil {
return
}
if !checkPasswordHash(reverse(password), secret.key.hash) || !checkPasswordHash(password, secret.encryptedtext.hash) {
return "", errors.New("invalid password")
}
text, err = decrypt(secret.key.key, secret.encryptedtext.text)
if err != nil {
return
}
return
}
func main() {
database()
tgbot()
}