encryptValues encrypts the values in the data using the given key data: the data to encrypt encPrefix: the prefix to search for the values to encrypt decPrefix: the prefix to replace the values with nonce: the nonce to use for encryption
( data, encPrefix, decPrefix, nonce []byte, key [32]byte)
| 13 | // decPrefix: the prefix to replace the values with |
| 14 | // nonce: the nonce to use for encryption |
| 15 | func encryptValues( |
| 16 | data, encPrefix, decPrefix, nonce []byte, |
| 17 | key [32]byte) ([]byte, error) { |
| 18 | var s, e int |
| 19 | |
| 20 | if e = bytes.Index(data[s:], encPrefix); e == -1 { |
| 21 | return data, nil |
| 22 | } |
| 23 | |
| 24 | var b bytes.Buffer |
| 25 | var buf [500]byte |
| 26 | |
| 27 | block, err := aes.NewCipher(key[:]) |
| 28 | if err != nil { |
| 29 | return nil, err |
| 30 | } |
| 31 | |
| 32 | gcm, err := cipher.NewGCM(block) |
| 33 | if err != nil { |
| 34 | return nil, err |
| 35 | } |
| 36 | |
| 37 | b64 := base64.NewEncoder(base64.RawStdEncoding, &b) |
| 38 | |
| 39 | pl := len(encPrefix) |
| 40 | nonce = nonce[:gcm.NonceSize()] |
| 41 | |
| 42 | for { |
| 43 | evs := (s + e + pl) |
| 44 | q := bytes.IndexByte(data[evs:], '"') |
| 45 | if q == -1 { |
| 46 | break |
| 47 | } |
| 48 | eve := evs + q |
| 49 | d := data[evs:eve] |
| 50 | cl := (len(d) + 64) |
| 51 | |
| 52 | var out []byte |
| 53 | if cl < len(buf) { |
| 54 | out = buf[:cl] |
| 55 | } else { |
| 56 | out = make([]byte, cl) |
| 57 | } |
| 58 | |
| 59 | ev := gcm.Seal( |
| 60 | out[:0], |
| 61 | nonce, |
| 62 | d, nil) |
| 63 | |
| 64 | if s == 0 { |
| 65 | b.Grow(len(data) + (len(data) / 5)) |
| 66 | } |
| 67 | b.Write(data[s:(s + e)]) |
| 68 | b.Write(decPrefix) |
| 69 | if _, err := b64.Write(nonce); err != nil { |
| 70 | return nil, err |
| 71 | } |
| 72 | if _, err := b64.Write(ev); err != nil { |