mirror of
https://github.com/opentofu/opentofu.git
synced 2026-06-11 09:31:23 -04:00
66983273e5
Some checks are pending
build / Build for freebsd_386 (push) Waiting to run
build / Build for linux_386 (push) Waiting to run
build / Build for openbsd_386 (push) Waiting to run
build / Build for windows_386 (push) Waiting to run
build / Build for freebsd_amd64 (push) Waiting to run
build / Build for linux_amd64 (push) Waiting to run
build / Build for openbsd_amd64 (push) Waiting to run
build / Build for solaris_amd64 (push) Waiting to run
build / Build for windows_amd64 (push) Waiting to run
build / Build for freebsd_arm (push) Waiting to run
build / Build for linux_arm (push) Waiting to run
build / Build for linux_arm64 (push) Waiting to run
build / Build for darwin_amd64 (push) Waiting to run
build / Build for darwin_arm64 (push) Waiting to run
build / End-to-end Tests for linux_386 (push) Waiting to run
build / End-to-end Tests for windows_386 (push) Waiting to run
build / End-to-end Tests for darwin_amd64 (push) Waiting to run
build / End-to-end Tests for linux_amd64 (push) Waiting to run
build / End-to-end Tests for windows_amd64 (push) Waiting to run
Quick Checks / List files changed for pull request (push) Waiting to run
Quick Checks / Unit tests for linux_386 (push) Blocked by required conditions
Quick Checks / Unit tests for linux_amd64 (push) Blocked by required conditions
Quick Checks / Unit tests for windows_amd64 (push) Blocked by required conditions
Quick Checks / Unit tests for linux_arm (push) Blocked by required conditions
Quick Checks / Unit tests for darwin_arm64 (push) Blocked by required conditions
Quick Checks / Unit tests for linux_arm64 (push) Blocked by required conditions
Quick Checks / Race Tests (push) Blocked by required conditions
Quick Checks / End-to-end Tests (push) Blocked by required conditions
Quick Checks / Code Consistency Checks (push) Blocked by required conditions
Quick Checks / License Checks (push) Waiting to run
Website checks / List files changed for pull request (push) Waiting to run
Website checks / Build (push) Blocked by required conditions
Website checks / Test Installation Instructions (push) Blocked by required conditions
Signed-off-by: Christian Mesh <christianmesh1@gmail.com> Signed-off-by: Andrei Ciobanu <andrei.ciobanu@opentofu.org> Co-authored-by: Christian Mesh <christianmesh1@gmail.com>
98 lines
2.4 KiB
Go
98 lines
2.4 KiB
Go
// Copyright (c) The OpenTofu Authors
|
|
// SPDX-License-Identifier: MPL-2.0
|
|
// Copyright (c) 2023 HashiCorp, Inc.
|
|
// SPDX-License-Identifier: MPL-2.0
|
|
|
|
package aesgcm_test
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
"github.com/hashicorp/hcl/v2"
|
|
"github.com/hashicorp/hcl/v2/hclsyntax"
|
|
"github.com/opentofu/opentofu/internal/encryption/keyprovider"
|
|
"github.com/opentofu/opentofu/internal/encryption/method"
|
|
"github.com/opentofu/opentofu/internal/encryption/method/aesgcm"
|
|
"github.com/zclconf/go-cty/cty"
|
|
)
|
|
|
|
func Example_config() {
|
|
// Obtain a modifiable, buildable config.
|
|
config := aesgcm.Config{}
|
|
|
|
// Set up an encryption key:
|
|
config.Keys = keyprovider.Output{
|
|
EncryptionKey: []byte("AiphoogheuwohShal8Aefohy7ooLeeyu"),
|
|
DecryptionKey: []byte("AiphoogheuwohShal8Aefohy7ooLeeyu"),
|
|
}
|
|
|
|
// Now you can build a method:
|
|
method, err := config.Build()
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
|
|
// Encrypt something:
|
|
encrypted, err := method.Encrypt([]byte("Hello world!"))
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
|
|
// Decrypt it:
|
|
decrypted, err := method.Decrypt(encrypted)
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
|
|
fmt.Printf("%s", decrypted)
|
|
// Output: Hello world!
|
|
}
|
|
|
|
func Example_config_hcl() {
|
|
// First, get the descriptor to make sure we always have the default values.
|
|
descriptor := aesgcm.New()
|
|
|
|
// Unmarshal HCL code into the config struct. The input must be a list of bytes, so in a real world scenario
|
|
// you may want to put in a hex-decoding function:
|
|
rawHCLInput := `keys = {
|
|
encryption_key = [1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32],
|
|
decryption_key = [1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32]
|
|
}`
|
|
file, diags := hclsyntax.ParseConfig(
|
|
[]byte(rawHCLInput),
|
|
"example.hcl",
|
|
hcl.Pos{Byte: 0, Line: 1, Column: 1},
|
|
)
|
|
if diags.HasErrors() {
|
|
panic(diags)
|
|
}
|
|
|
|
methodCtx := method.EvalContext{ValueForExpression: func(expr hcl.Expression) (cty.Value, hcl.Diagnostics) {
|
|
return expr.Value(nil)
|
|
}}
|
|
config, diags := descriptor.DecodeConfig(methodCtx, file.Body)
|
|
if diags.HasErrors() {
|
|
panic(diags)
|
|
}
|
|
|
|
// Now you can build a method:
|
|
method, err := config.Build()
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
|
|
// Encrypt something:
|
|
encrypted, err := method.Encrypt([]byte("Hello world!"))
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
|
|
// Decrypt it:
|
|
decrypted, err := method.Decrypt(encrypted)
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
|
|
fmt.Printf("%s", decrypted)
|
|
// Output: Hello world!
|
|
}
|