go-lockset
A go package to add support for data at rest encryption if you are using the database/sql
to access your database.
Installation
In your Golang project, please run:
go get github.com/bartmika/go-lockset
Documentation
All documentation can be found here.
Usage
package main
import (
// ...
"github.com/bartmika/go-lockset"
)
func main() {
// Before you begin, make sure you have an environment variable set `LOCKSET_ENTRY_KEY` or the following.
SetLocksetEntryKey("sdfdsfedrdsfsdfsdfazfasfasdfsdfa")
// To encrypt the text "Hello World", wrap it around the `LockString` struct as follows.
ls := lockset.LockString{Plaintext: "Hello World"}
var tenantID uint64 = 1
//
// Save to the database.
//
ctx, cancel := context.WithTimeout(ctx, 5*time.Second)
defer cancel()
query := `
INSERT INTO bulletin_board_items (
tenant_id, text
) VALUES (
$1, $2
)`
stmt, err := r.db.PrepareContext(ctx, query)
if err != nil {
panic(err)
}
defer stmt.Close()
_, err = stmt.ExecContext(ctx, tenantID, ls)
//
// Get from the database
//
var newlst lockset.LockString
query = `
SELECT
text
WHERE
tenant_id = $1`
err = r.db.QueryRowContext(ctx, query, tenant_id).Scan(
&newlst,
)
if err != nil {
// CASE 1 OF 2: Cannot find record with that email.
if err == sql.ErrNoRows {
return // Do nothing...
}
// CASE 2 OF 2: All other errors.
return panic(err)
}
}
// You should see the result!
fmt.Println(newlst.Plaintext)
}
Contributing
Found a bug? Want a feature to improve your developer experience when dealing with the time
package? Please create an issue.
License
Made with
The project is licensed under the ISC License.
Resource used:
- How We Encrypt Data in MySQL With Go By Baron Schwartz helped me understand the overall big picture with what is involved with setting up your own data at rest encryption with Golang.
- Built In Interfaces by Jason Moiron help understand how we utilize the
sql.Scanner
anddriver.Valuer
interfaces inside the go packages database/sql to write our own custom functionality. - Securing Information in Database using Data Encryption (written in Go) by Purnaresa Yuliartanto help understand how to do encryption and decryption.
- go-cryptkeeper by Zach Auclair is a go package which implemented data at rest encryption utilizing the
sql.Scanner
anddriver.Valuer
interfaces inside the go packages database/sql to write our own custom functionality.