英文:
How to encrypt repository secret for Github Action Secrets API
问题
使用Github Action Secrets API创建存储库密钥时,我们需要使用sodium库对密钥进行加密。Github文档中没有提供Go的示例。有人可以帮我编写一个加密密钥的函数吗?
我的当前实现如下:
func EncodeWithPublicKey(text string, publicKey string) (string, error) {
// 将公钥从base64解码
publicKeyBytes, _ := base64.StdEncoding.DecodeString(publicKey)
fmt.Printf("%x\n\n", publicKeyBytes)
// 生成密钥对
_, privateKey, _ := box.GenerateKey(rand.Reader)
fmt.Printf("私钥: %x\n\n", *privateKey)
// 将公钥转换为字节
var publicKeyDecoded [32]byte
copy(publicKeyDecoded[:], publicKeyBytes)
// 加密密钥值
nonce := new([24]byte)
encrypted := box.Seal(nil, []byte(text), nonce, &publicKeyDecoded, privateKey)
fmt.Printf("%x\n\n", encrypted)
// 将加密后的值进行base64编码
encryptedBase64 := base64.StdEncoding.EncodeToString(encrypted)
fmt.Printf("%x\n\n\n", encryptedBase64)
return encryptedBase64, nil
}
我正在使用golang.org/x/crypto/nacl/box
。
由于当前实现的原因,操作密钥设置不正确,因为构建过程会提示错误"apiToken not found"。然而,如果我在GitHub的网站上设置密钥,部署就可以正常工作。
英文:
To use the Github Action Secrets API for creating repository secret, we have to encrypt the secret key using sodium library. Github docs. Example for Go is not provided. Could anybody help me out by writing a function to encrypt the secret?
My current implementation is as follows:
func EncodeWithPublicKey(text string, publicKey string) (string, error) {
// Decode the public key from base64
publicKeyBytes, _ := base64.StdEncoding.DecodeString(publicKey)
fmt.Printf("%x\n\n", publicKeyBytes)
// Generate a key pair
_, privateKey, _ := box.GenerateKey(rand.Reader)
fmt.Printf("Private key: %x\n\n", *privateKey)
// Convert publickey to bytes
var publicKeyDecoded [32]byte
copy(publicKeyDecoded[:], publicKeyBytes)
// Encrypt the secret value
nonce := new([24]byte)
encrypted := box.Seal(nil, []byte(text), nonce, &publicKeyDecoded, privateKey)
fmt.Printf("%x\n\n", encrypted)
// Encode the encrypted value in base64
encryptedBase64 := base64.StdEncoding.EncodeToString(encrypted)
fmt.Printf("%x\n\n\n", encryptedBase64)
return encryptedBase64, nil
}
I am using golang.org/x/crypto/nacl/box
.
The action secret is set incorrectly as of current implementation because the build process prompts me with an error "apiToken not found". However, if I set the secret using GitHub's website, the deployment works.
答案1
得分: 2
我不是一个代码编辑器,但是我可以帮你翻译你提供的代码段。以下是翻译好的代码:
func EncodeWithPublicKey(text string, publicKey string) (string, error) {
// 从base64解码公钥
publicKeyBytes, err := base64.StdEncoding.DecodeString(publicKey)
if err != nil {
return "", err
}
// 解码公钥
var publicKeyDecoded [32]byte
copy(publicKeyDecoded[:], publicKeyBytes)
// 加密秘密值
encrypted, err := box.SealAnonymous(nil, []byte(text), (*[32]byte)(&publicKeyDecoded), rand.Reader)
if err != nil {
return "", err
}
// 将加密后的值以base64编码
encryptedBase64 := base64.StdEncoding.EncodeToString(encrypted)
return encryptedBase64, nil
}
希望这可以帮到你!如果你有任何其他问题,请随时问我。
英文:
I had to change Seal
to SealAnonymous
func EncodeWithPublicKey(text string, publicKey string) (string, error) {
// Decode the public key from base64
publicKeyBytes, err := base64.StdEncoding.DecodeString(publicKey)
if err != nil {
return "", err
}
// Decode the public key
var publicKeyDecoded [32]byte
copy(publicKeyDecoded[:], publicKeyBytes)
// Encrypt the secret value
encrypted, err := box.SealAnonymous(nil, []byte(text), (*[32]byte)(publicKeyBytes), rand.Reader)
if err != nil {
return "", err
}
// Encode the encrypted value in base64
encryptedBase64 := base64.StdEncoding.EncodeToString(encrypted)
return encryptedBase64, nil
}
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论