Using PGP in golang - go

I'm trying to encrypt a string using the openPGP package in golang, but so far I haven't been successful.
Nothing that I've tried so far has worked, so I'm looking for any sort of suggestions or fixes.
The only requirements I have is that it should take the public/private key and the string to decrypt as a string, not files.
I tried to use the examples from this post: http://julianyap.com/2014/07/04/gnu-privacy-guard-gpg-examples-using-golang.html
Specifically this example: https://gist.github.com/jyap808/8324818
But when I run that out of the box it saids the following when trying to read the key
openpgp: invalid argument: no armored data found
And I've found no other good example/working package.
I'm starting to run out of options, as I originally tried to do this in PHP, but failed horribly there too. Would be great if anyone could offer some suggestions!
Thanks in advance

Here's a PGP package for Golang that abstracts away most of the complications and is pretty easy to use:
https://github.com/jchavannes/go-pgp
Checkout the test file for an example:
https://github.com/jchavannes/go-pgp/blob/master/pgp/encrypt_test.go

Related

Ansible - generate docs from role argument spec

Is there any way to generate a markdown documentation from ansible role argument spec?
https://docs.ansible.com/ansible/latest/user_guide/playbooks_reuse_roles.html#role-argument-validation
I could not find anything in ansible-doc, the format itself suggests that there is a way
I was looking for such a thing previously as well, and decided to write a small tool for it: https://gitlab.com/kankare/ansible-docs
I'm not actively using it for anything, so do let me know if it turns out being useful or not.

Get ShaXXX of a GO Package

I Need to get the Sha512 or similar from a Golang package for SBOM purposes.
For example, the hash for package
https://pkg.go.dev/encoding/json
I can't found any information or api to get it. If possible I need it without download the source code.
I think you are looking for sum.golang.org which is
an auditable checksum database which will be used by the go command to
authenticate modules.
you can read more on how it works on this post from go blog

Google Pay PaymentMethodTokenRecipient function implementation in Golang

I am trying to implement Google Pay decryption method as mentioned.
https://developers.google.com/pay/api/android/guides/resources/payment-data-cryptography#decrypt-token
It mentions to use tink library with the example of Java (PaymentMethodTokenRecipient) but I'm unable to duplicate it for Golang.
I'm not personally familiar with the library, but have a look at Tink.
There's a decrypt method that may do what you are after, and a cli that may help with how to use it: https://github.com/google/tink/blob/master/tools/testing/go/hybrid_decrypt_cli.go

JavaScript rule extension

I am trying to extend Sonarqube with custom Javascript rules. I find that the documentation is fairly limited on this subject. The extension tutorials on sonarqube website show only the most basic stuff.
The only javadoc I could find is this one: http://javadocs.sonarsource.org/latest/apidocs/ and it doesn't cover anything about extending Javascript.
What I ultimately want to do is add a JS rule that will check for hardcoded secrets (such as passwords, api keys, etc). I already created one for Java, and that was a lot easier as I could take an already pre-made plugin and complete it with my custom regex.
The problematic spot that made me post here was actually this one:
cannot find symbol
symbol: class VariableTree
location: package org.sonar.plugins.javascript.api.tree.expression
I was following the same scheme as with Java and used
import org.sonar.plugins.javascript.api.tree.expression.VariableTree;
which is obviously wrong. I was not able to find the source code for this either... if anybody can point me to some secret doc stash or at least where I can find a javadoc for org.sonar.plugins.javascript.api that would be amazing!
Thanks very much for any help

Decrypt AES-256-EAX encrypted string in Ruby?

I need to decrypt a AES-256-EAX encrypted string from Java in Ruby.
Ruby's built-in OpenSSL::Cipher provides functionality to decrypt AES-256-CBC, when I try to use AES-256-EAX, its throwing that the algorithm is not supported.
Is there any library/gem out there that decrypts AES-256-EAX string in Ruby?
Thanks in advance.
Are you sure that you got the right cipher string ? Googling for "AES-256-EAX" does yield only 8 hits for me and I've never heard of it before. And if OpenSSL doesn't support it you are out if luck, I guess.
Is it possible for you to run your ruby code with jruby ?
In this case you could use the java lib inside ruby code to decrypt your string.

Resources