Home >Backend Development >Golang >golang encrypted stored procedure
With the rapid development of the Internet, information security issues have attracted more and more attention. Among them, data security in the database is extremely important. Therefore, in practical applications, it is very necessary to encrypt the data in the database. This article introduces an encrypted storage process based on golang to ensure data security.
1. Golang encryption algorithm
Golang provides a variety of encryption algorithms. Common encryption algorithms mainly include md5, sha, AES, etc., which need to be selected according to needs in actual applications. The following are common golang encryption algorithms.
md5 is one of the most common digest algorithms. Because its code is irreversible, it is often used for password storage. This algorithm can digest messages of any length into 128-bit length data, usually represented as a hexadecimal string.
The md5 package is provided in golang, which can be used through the following code:
import ( "crypto/md5" "fmt" ) func main() { str:="hello,world" h:=md5.Sum([]byte(str)) fmt.Printf("%x",h) }
sha is a type of secure hash algorithm , commonly used in digital signature standards. Similar to md5, there are many variations of sha, of which sha256 is the most common. It can digest messages of any length into 256-bit length information, while achieving the purpose of resisting brute force collision attacks.
The sha256 package is provided in golang, which can be used through the following code:
import ( "crypto/sha256" "fmt" ) func main() { str:="hello,world" h:=sha256.Sum256([]byte(str)) fmt.Printf("%x",h) }
AES is an advanced encryption standard algorithm. A symmetric encryption algorithm. It converts plaintext of a specified length into ciphertext of a specified length through an algorithm. Through the same algorithm, the ciphertext can be restored to plaintext. In applications, storing sensitive data with AES encryption can greatly improve data security.
The crypto/aes package is provided in golang, which can be used through the following code:
import ( "crypto/aes" "crypto/cipher" "fmt" ) func main() { key:=[]byte("mykey1234567890") plaintext:=[]byte("hello,world") block,_:=aes.NewCipher(key) ciphertext:=make([]byte,len(plaintext)) iv:=[]byte("1234567890123456") stream:=cipher.NewCTR(block,iv) stream.XORKeyStream(ciphertext,plaintext) fmt.Printf("%x ",ciphertext) }
2. Golang encrypted stored procedure
In actual applications, the data in the database is not suitable The plain text is stored directly. To avoid leakage of sensitive information, it is usually stored encrypted. The following is an encrypted stored procedure based on golang:
import ( "crypto/aes" "crypto/cipher" "crypto/md5" "database/sql" "fmt" _ "github.com/go-sql-driver/mysql" )
func getMd5(value string) string { m := md5.New() m.Write([]byte(value)) return hex.EncodeToString(m.Sum(nil)) }
func encrypt(str, key string) string { k := []byte(key) plaintext := []byte(str) block, _ := aes.NewCipher(k) ciphertext := make([]byte,len(plaintext)) iv := []byte("1234567890123456") stream := cipher.NewCTR(block, iv) stream.XORKeyStream(ciphertext, plaintext) return string(ciphertext) }
func decrypt(str, key string) string { k := []byte(key) ciphertext := []byte(str) block, _ := aes.NewCipher(k) plaintext := make([]byte,len(ciphertext)) iv := []byte("1234567890123456") stream := cipher.NewCTR(block, iv) stream.XORKeyStream(plaintext, ciphertext) return string(plaintext) }
func saveData(name, password, key string) error { // 打开数据库 db, err := sql.Open("mysql", "root:password@tcp(127.0.0.1:3306)/test") if err != nil { return err } defer db.Close() // 定义插入SQL语句 sql := "INSERT INTO user(name, password) VALUES(?, ?)" // 对密码进行加密存储 pwd := encrypt(password, key) // 执行SQL语句 stmt, err := db.Prepare(sql) if err != nil { return err } defer stmt.Close() _, err = stmt.Exec(name, pwd) return err }
func getData(name,key string) (string,error) { // 打开数据库 db, err := sql.Open("mysql", "root:password@tcp(127.0.0.1:3306)/test") if err != nil { return "",err } defer db.Close() // 定义查询SQL语句 sql := "SELECT password FROM user WHERE name = ?" // 执行SQL语句 stmt, err := db.Prepare(sql) if err != nil { return "",err } defer stmt.Close() // 读取数据并进行解密 var pwd string err = stmt.QueryRow(name).Scan(&pwd) if err != nil { return "",err } pwd = decrypt(pwd,key) return pwd,nil }
In summary, through the above golang encryption algorithm and encrypted storage process, sensitive data in the database can be encrypted and stored to ensure data security, while effectively preventing data leakage and improving data reliability and security.
The above is the detailed content of golang encrypted stored procedure. For more information, please follow other related articles on the PHP Chinese website!