func runDataEncryptionCmd()

in dataencryptioncmd.go [231:415]

• 175 lines of code
• 47 McCabe index (conditional complexity)

func runDataEncryptionCmd(ctx *cli.Context, args []string) error {
	// Extract value of persistent flags
	logPath, _ := ctx.Flags().Get(LogPathFlagName).GetValue()
	// Extract value of flags just for the command
	genKeyPairFlag := ctx.Flags().Get(GenKeyPairFlagName).IsAssigned()
	rmKeyPairFlag := ctx.Flags().Get(RmKeyPairFlagName).IsAssigned()
	createSecret := ctx.Flags().Get(CreateSecretParam).IsAssigned()
	getSecretValue := ctx.Flags().Get(GetSecretParamValue).IsAssigned()
	encryptFlag := ctx.Flags().Get(EncryptFlagName).IsAssigned()
	decryptFlag := ctx.Flags().Get(DecryptFlagName).IsAssigned()
	checkKeyFlag := ctx.Flags().Get(CheckKeyPairFlagName).IsAssigned()
	signDataFlag := ctx.Flags().Get(SignDataFlagName).IsAssigned()
	verifySignFlag := ctx.Flags().Get(VerifySignatureFlagName).IsAssigned()

	keyPairId, _ := ctx.Flags().Get(KeyPairIdFlagName).GetValue()
	keyPairTimeout, _ := ctx.Flags().Get(KeyPairTimeoutFlagName).GetValue()
	data, _ := ctx.Flags().Get(DataFlagName).GetValue()
	secretName, _ := ctx.Flags().Get(SecretName).GetValue()
	aesKey, _ := ctx.Flags().Get(AesSecuredFlagName).GetValue()
	signature, _ := ctx.Flags().Get(SignatureFlagName).GetValue()
	jsonFlag := ctx.Flags().Get(JsonFlagName).IsAssigned()

	// Necessary initialization work
	log.InitLog("aliyun_assist_main.log", logPath, true)
	// IF write log failed, do nothing
	log.GetLogger().SetErrorCallback(func(error) {})
	// Add field SubCmd to make log entries separated from the main process's
	commonFields := log.DefaultCommonFields()
	commonFields["SubCmd"] = DataEncryptSubCmd
	log.GetLogger().SetFormatter(&log.CustomLogrusTextFormatter{
		CommonFields: commonFields,
	})

	timeout := 60
	if keyPairTimeout != "" {
		if t, err := strconv.Atoi(keyPairTimeout); err != nil || t <= 0 {
			fmt.Fprintf(os.Stderr, "Invalid param, `%s` needs to be a positive integer.\n", KeyPairTimeoutFlagName)
			cli.Exit(1)
		} else {
			timeout = t
		}
	}
	if keyPairId != "" && len(keyPairId) > 32 {
		fmt.Fprintf(os.Stderr, "Invalid param, length of `%s` needs less than or equal to 32.\n", KeyPairIdFlagName)
		cli.Exit(1)
	}
	if secretName != "" && len(secretName) > 32 {
		fmt.Fprintf(os.Stderr, "Invalid param, length of `%s` needs less than or equal to 32.\n", secretName)
		cli.Exit(1)
	}
	if genKeyPairFlag {
		keyInfo, errCode, err := client.GenRsaKeyPair(keyPairId, timeout)
		if err != nil {
			fmt.Fprintln(os.Stderr, "Generate key pair failed: ", err)
			cli.Exit(int(errCode))
		} else {
			if jsonFlag {
				if output, err := json.MarshalIndent(keyInfo, "", "\t"); err != nil {
					fmt.Fprintln(os.Stderr, "Generate key pair failed: ", err)
					cli.Exit(1)
				} else {
					fmt.Println(string(output))
				}
			} else {
				fmt.Printf("%s\n%s", keyInfo.Id, keyInfo.PublicKey)
			}
		}
	} else if rmKeyPairFlag {
		if keyPairId == "" {
			fmt.Fprintf(os.Stderr, "Params `%s` can not be empty.\n", KeyPairIdFlagName)
			cli.Exit(1)
		}
		errCode, err := client.RmRsaKeyPair(keyPairId)
		if err != nil {
			fmt.Fprintln(os.Stderr, "Remove key pair failed: ", err)
			cli.Exit(int(errCode))
		} else {
			fmt.Printf("Key pair [%s] has been removed\n", keyPairId)
		}
	} else if createSecret {
		if keyPairId == "" || data == "" || secretName == "" {
			fmt.Fprintf(os.Stderr, "Params `%s` and `%s` and `%s` can not be empty.\n", KeyPairIdFlagName, DataFlagName, SecretName)
			cli.Exit(1)
		}
		paramInfo, errCode, err := client.CreateSecretParam(keyPairId, secretName, data, aesKey, int64(timeout))
		if err != nil {
			fmt.Fprintln(os.Stderr, "Create secret param failed: ", err)
			cli.Exit(int(errCode))
		} else {
			if output, err := json.MarshalIndent(paramInfo, "", "\t"); err != nil {
				fmt.Fprintln(os.Stderr, "Create secret param failed: ", err)
				cli.Exit(1)
			} else {
				fmt.Println(string(output))
			}
		}
	} else if getSecretValue {
		if secretName == "" {
			fmt.Fprintf(os.Stderr, "Params `%s` can not be empty.\n", SecretName)
			cli.Exit(1)
		}
		paramValueInfo, errCode, err := client.GetSecretParamValue(secretName)
		if err != nil {
			fmt.Fprintln(os.Stderr, "Get secret param value failed: ", err)
			cli.Exit(int(errCode))
		}
		if jsonFlag {
			if output, err := json.MarshalIndent(paramValueInfo, "", "\t"); err != nil {
				fmt.Fprintln(os.Stderr, "Get secret param value failed: ", err)
				cli.Exit(1)
			} else {
				fmt.Println(string(output))
			}
		} else {
			fmt.Println(paramValueInfo.SecretValue)
		}
	} else if encryptFlag {
		if keyPairId == "" || data == "" {
			fmt.Fprintf(os.Stderr, "Params `%s` and `%s` can not be empty.\n", KeyPairIdFlagName, DataFlagName)
			cli.Exit(1)
		}
		byteData := []byte(data)
		if len(byteData) > cryptdata.LIMIT_PLAINTEXT_LEN {
			fmt.Fprintf(os.Stderr, "Max length of data to encrypt is %d bytes, but real length is %d", cryptdata.LIMIT_PLAINTEXT_LEN, len(byteData))
			cli.Exit(1)
		}
		cipherText, errCode, err := client.EncryptText(keyPairId, data)
		if err != nil {
			fmt.Fprintf(os.Stderr, "Encrypt data with key pair[%s] failed: %s\n", keyPairId, err.Error())
			cli.Exit(int(errCode))
		} else {
			fmt.Print(cipherText)
		}
	} else if decryptFlag {
		if keyPairId == "" || data == "" {
			fmt.Fprintf(os.Stderr, "Params `%s` and `%s` can not be empty.\n", KeyPairIdFlagName, DataFlagName)
			cli.Exit(1)
		}
		plainText, errCode, err := client.DecryptText(keyPairId, data)
		if err != nil {
			fmt.Fprintf(os.Stderr, "Decrypt data with key pair[%s] failed: %s\n", keyPairId, err.Error())
			cli.Exit(int(errCode))
		} else {
			fmt.Print(plainText)
		}
	} else if checkKeyFlag {
		output, errCode, err := client.CheckKey(keyPairId, jsonFlag)
		if err != nil {
			fmt.Fprintf(os.Stderr, "CheckKey with keyPairId[%s] failed: %s\n", keyPairId, err.Error())
			cli.Exit(int(errCode))
		} else {
			fmt.Println(output)
		}
	} else if signDataFlag {
		if keyPairId == "" || data == "" {
			fmt.Fprintf(os.Stderr, "Params `%s` and `%s` can not be empty.\n", KeyPairIdFlagName, DataFlagName)
			cli.Exit(1)
		}
		signature, errCode, err := client.SignData(keyPairId, data)
		if err != nil {
			fmt.Fprintf(os.Stderr, "Sign data with key pair[%s] failed: %s\n", keyPairId, err.Error())
			cli.Exit(int(errCode))
		}
		fmt.Println(signature)
	} else if verifySignFlag {
		if keyPairId == "" || data == "" || signature == "" {
			fmt.Fprintf(os.Stderr, "Params `%s`, `%s` and `%s` can not be empty.\n", KeyPairIdFlagName, DataFlagName, SignatureFlagName)
			cli.Exit(1)
		}

		valid, errCode, err := client.VerifySignature(keyPairId, data, signature)
		if err != nil {
			fmt.Fprintf(os.Stderr, "Verify signature with key pair[%s] failed: %s\n", keyPairId, err.Error())
			cli.Exit(int(errCode))
		}
		if valid {
			fmt.Println("valid")
			cli.Exit(0)
		}
		fmt.Println("invalid")
		cli.Exit(1)

	}
	return nil
}