v.0.0.4.1 Добавлено шифрование сообщения
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
madipo2611
parent
00b6b32cf3
commit
04d56cd6dc
@ -4,6 +4,7 @@ import (
|
||||
"encoding/base64"
|
||||
"fmt"
|
||||
"log"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/hashicorp/vault/api"
|
||||
@ -15,7 +16,7 @@ type VaultManager struct {
|
||||
|
||||
func NewVaultManager() (*VaultManager, error) {
|
||||
config := api.DefaultConfig()
|
||||
config.Address = "http://192.168.0.59:8200" // или https в продакшене
|
||||
config.Address = "http://192.168.0.59:8200"
|
||||
|
||||
client, err := api.NewClient(config)
|
||||
if err != nil {
|
||||
@ -32,6 +33,10 @@ func NewVaultManager() (*VaultManager, error) {
|
||||
return nil, fmt.Errorf("failed to authenticate with Vault: %v", err)
|
||||
}
|
||||
|
||||
if secret == nil || secret.Auth == nil {
|
||||
return nil, fmt.Errorf("empty authentication response from Vault")
|
||||
}
|
||||
|
||||
client.SetToken(secret.Auth.ClientToken)
|
||||
|
||||
// Настраиваем автоматическое обновление токена
|
||||
@ -41,7 +46,7 @@ func NewVaultManager() (*VaultManager, error) {
|
||||
secret, err := client.Auth().Token().RenewSelf(0)
|
||||
if err != nil {
|
||||
log.Printf("Failed to renew Vault token: %v", err)
|
||||
} else {
|
||||
} else if secret != nil && secret.Auth != nil {
|
||||
client.SetToken(secret.Auth.ClientToken)
|
||||
}
|
||||
}
|
||||
@ -60,10 +65,36 @@ func (v *VaultManager) GetMasterPrivateKey() ([]byte, error) {
|
||||
return nil, fmt.Errorf("master key not found")
|
||||
}
|
||||
|
||||
data := secret.Data["data"].(map[string]interface{})
|
||||
keyBase64 := data["private_key"].(string)
|
||||
// Получаем данные из секрета
|
||||
data, ok := secret.Data["data"].(map[string]interface{})
|
||||
if !ok {
|
||||
return nil, fmt.Errorf("invalid data format in Vault secret")
|
||||
}
|
||||
|
||||
return base64.StdEncoding.DecodeString(keyBase64)
|
||||
// Получаем приватный ключ
|
||||
keyInterface, ok := data["private_key"]
|
||||
if !ok {
|
||||
return nil, fmt.Errorf("private_key not found in Vault data")
|
||||
}
|
||||
|
||||
keyBase64, ok := keyInterface.(string)
|
||||
if !ok {
|
||||
return nil, fmt.Errorf("private_key is not a string")
|
||||
}
|
||||
|
||||
// Очищаем строку от лишних символов (пробелов, переносов и т.д.)
|
||||
keyBase64 = strings.TrimSpace(keyBase64)
|
||||
keyBase64 = strings.ReplaceAll(keyBase64, "\n", "")
|
||||
keyBase64 = strings.ReplaceAll(keyBase64, "\r", "")
|
||||
keyBase64 = strings.ReplaceAll(keyBase64, " ", "")
|
||||
|
||||
// Декодируем base64
|
||||
keyBytes, err := base64.StdEncoding.DecodeString(keyBase64)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to decode base64 private key: %v. Input: %s", err, keyBase64)
|
||||
}
|
||||
|
||||
return keyBytes, nil
|
||||
}
|
||||
|
||||
func (v *VaultManager) StoreSessionKey(chatID int, messageID int, encryptedKey []byte) error {
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user