skyle1995/NetworkAuth
1
0
Fork 0
mirror of https://github.com/skyle1995/NetworkAuth.git synced 2026-05-25 02:24:05 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
270c5a8ffdbd9cdcbe9b8dbcd3f8aeac70ef7e0c
NetworkAuth/config/security.go

49 lines
1.3 KiB
Go
Raw Normal View History

New administrator authentication method New configuration generation scheme
2025-10-26 09:35:07 +08:00
package config
import (
"crypto/rand"
"encoding/base64"
"encoding/hex"
"fmt"
)
// GenerateSecureJWTSecret 生成安全的JWT密钥
// 生成64字节512位的随机密钥使用base64编码
func GenerateSecureJWTSecret() (string, error) {
// 生成64字节的随机数据
bytes := make([]byte, 64)
if _, err := rand.Read(bytes); err != nil {
return "", fmt.Errorf("生成JWT密钥失败: %w", err)
}
// 使用base64编码便于配置文件存储
return base64.StdEncoding.EncodeToString(bytes), nil
}
// GenerateSecureEncryptionKey 生成安全的加密密钥
// 生成32字节256位的随机密钥使用十六进制编码
func GenerateSecureEncryptionKey() (string, error) {
// 生成32字节的随机数据AES-256
bytes := make([]byte, 32)
if _, err := rand.Read(bytes); err != nil {
return "", fmt.Errorf("生成加密密钥失败: %w", err)
}
// 使用十六进制编码
return hex.EncodeToString(bytes), nil
}
// GenerateSecureKeys 生成所有安全密钥
func GenerateSecureKeys() (jwtSecret, encryptionKey string, err error) {
jwtSecret, err = GenerateSecureJWTSecret()
if err != nil {
return "", "", err
}
encryptionKey, err = GenerateSecureEncryptionKey()
if err != nil {
return "", "", err
}
return jwtSecret, encryptionKey, nil
}
Reference in New Issue Copy Permalink