https://github.com/danhunsaker/gorm-crypto
Another library for encrypting/signing data with GORM
https://github.com/danhunsaker/gorm-crypto
encryption go go-orm golang gorm
Last synced: 5 months ago
JSON representation
Another library for encrypting/signing data with GORM
- Host: GitHub
- URL: https://github.com/danhunsaker/gorm-crypto
- Owner: danhunsaker
- License: mit
- Created: 2021-12-17T05:12:04.000Z (over 4 years ago)
- Default Branch: main
- Last Pushed: 2022-05-15T22:36:16.000Z (almost 4 years ago)
- Last Synced: 2025-06-17T22:40:57.150Z (9 months ago)
- Topics: encryption, go, go-orm, golang, gorm
- Language: Go
- Homepage:
- Size: 171 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# gormcrypto
[](https://goreportcard.com/report/github.com/danhunsaker/gorm-crypto)
Another library for encrypting/signing data with GORM
## Installation
As with any other Go lib, you'll want to `go get` the module:
```bash
go get github.com/danhunsaker/gorm-crypto
```
## Usage
### Code-Based Config
Then, in your code, you would do something like this:
```go
package main
import (
"time"
gc "github.com/danhunsaker/gorm-crypto"
"github.com/danhunsaker/gorm-crypto/encoding"
"github.com/danhunsaker/gorm-crypto/encryption"
"github.com/danhunsaker/gorm-crypto/serializing"
"github.com/danhunsaker/gorm-crypto/signing"
)
var eKey = "EncryptionKeyThatShouldBe32Bytes"
var sKey = "SigningKeyThatShouldBe32BytesToo"
func main() {
aes, err := encryption.NewAES256GCM(eKey)
if err != nil {
panic(err)
}
gc.Init(gc.Config{
Setups: map[time.Time]gc.Setup{
time.Date(2022, 1, 1, 15, 17, 35, 0, time.UTC): {
Encoder: encoding.Base64{},
Serializer: serializing.JSON{},
Encrypter: aes,
Signer: signing.NewED25519FromSeed(sKey),
},
},
})
}
```
### YAML-Based Config
Alternately, you can do something like this:
```go
package main
import (
gc "github.com/danhunsaker/gorm-crypto"
)
func main() {
rawConfig, _ := os.ReadFile("crypto.yaml")
gc.Init(gc.ConfigFromBytes(rawConfig))
}
```
And in `crypto.yaml`:
```yaml
"2022-01-01T15:17:35Z":
encoding:
algorithm: base64
serializing:
algorithm: json
encryption:
algorithm: aes256gcm
config:
key: 456E6372797074696F6E4B65795468617453686F756C64427933324279746573 # EncryptionKeyThatShouldBe32Bytes in hex
signing:
algorithm: ed25519
config:
key: 5369676E696E674B65795468617453686F756C64426533324279746573546F6F # SigningKeyThatShouldBe32BytesToo in hex
```
### Types
With that setup in place, it's as simple as using one or more of the types this library offers to encrypt and/or sign any field you like.
```go
import "github.com/danhunsaker/gorm-crypto/cryptypes"
type ContrivedPersonExample struct {
Name cryptypes.SignedString
Email cryptypes.EncryptedString
Address cryptypes.NullEncryptedString
Phone cryptypes.NullSignedEncryptedString
Age cryptypes.SignedEncryptedUint
}
```
All types have a `Raw` property, which contains the unencrypted raw value - hence the name. Signed types also have a `Valid` property, which tells you
whether the value is untampered-with (but only when it's fresh from the DB). Null variants additionally include an `Empty` property, which indicates
whether the value is actually `nil` instead of whatever concrete type it would otherwise be.
## Acknowledgements
As a library with similar goals and implementation, some code is very similar to
[github.com/pkasila/gorm-crypto](https://pkg.go.dev/github.com/pkasila/gorm-crypto), which is an older library with more maintainers. If you don't
need the advanced features offered here, please use that fine library instead!