certman/crypto.go

package main

import (
	"crypto/rand"
	"crypto/rsa"
	"crypto/x509"
	"fmt"
	"os"
)

var cert *x509.Certificate
var key *rsa.PrivateKey

func encryptBytes(data []byte) []byte {
	if cert == nil || key == nil {
		loadCerts()
	}

	encrypted, err := rsa.EncryptPKCS1v15(rand.Reader, cert.PublicKey.(*rsa.PublicKey), data)
	if err != nil {
		fmt.Println("Error encrypting data,", err)
		os.Exit(1)
	}
	return encrypted
}

func decryptBytes(data []byte) []byte {
	if cert == nil || key == nil {
		loadCerts()
	}

	decrypted, err := rsa.DecryptPKCS1v15(rand.Reader, key, data)
	if err != nil {
		fmt.Println("Error decrypting data,", err)
		os.Exit(1)
	}
	return decrypted
}

func loadCerts() {
	var err error
	certBytes, err := os.ReadFile(config.GetAsString("Crypto.cert_path"))
	keyBytes, err := os.ReadFile(config.GetAsString("Crypto.key_path"))
	if err != nil {
		fmt.Println("Error reading cert or key,", err)
		os.Exit(1)
	}

	cert, err = x509.ParseCertificate(certBytes)
	if err != nil {
		fmt.Println("Error parsing certificate,", err)
		os.Exit(1)
	}
	key, err = x509.ParsePKCS1PrivateKey(keyBytes)
	if err != nil {
		fmt.Println("Error parsing private key,", err)
	}
}