altru/dukcapil
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add included

Browse Source
This commit is contained in:
Aditya Siregar 2026-05-07 09:45:48 +07:00
parent 56d854fbc0
commit 25f438237c
3 changed files with 71 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
infra/990030524100001.pem Normal file
View File

@ -0,0 +1,9 @@
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2W7yEB6g1kHTHyMToWm4
Fe5YshgLThXl/U2cIGTwbsBqqiRbuhC/OXJo1jVYabzYTzpmc2mcG6DUz38o/WND
M48Ie3g8c02r5aYSGFYbTTmYy7ES2QgjATGY8au8mxoaj7OlzLIzqa1WhSGL3mRu
KMH+vFSfoioNAwHHmOKzzAG58ObZJ3rNcAU1NCGiLPN4QtQBiu7RZrtAfIQb+bDV
byKFPSJnSgeF+7Oa7VStTCURsAf3PgmsaJ0SmGdss8nSDGDeZudIicIaHBEGIixx
bPo5lngt98Sfp8PRd4WAWyuTM7JNBNF8OgaVeZ+5T+N8yv8pwgrtkxIZq5a9/wlO
FwIDAQAB
-----END PUBLIC KEY-----

23
internal/client/dukcapil_client.go
View File

@ -8,12 +8,14 @@ import (
"fmt" "fmt"
"io" "io"
"net/http" "net/http"
"os"
"strings" "strings"
"time" "time"
"go-backend-template/config" "go-backend-template/config"
"go-backend-template/internal/contract" "go-backend-template/internal/contract"
"go-backend-template/internal/logger" "go-backend-template/internal/logger"
"go-backend-template/internal/util"
) )
// DukcapilClient performs HTTPS calls to the Dukcapil 1:N face recognition endpoint (CALL_FN). // DukcapilClient performs HTTPS calls to the Dukcapil 1:N face recognition endpoint (CALL_FN).
@ -37,18 +39,35 @@ func (c *DukcapilClient) FaceMatch(ctx context.Context, req *contract.FaceMatchR
return nil, errors.New("dukcapil: incomplete configuration") return nil, errors.New("dukcapil: incomplete configuration")
} }
ip := req.IP ip := req.IP
if strings.TrimSpace(ip) == "" { if strings.TrimSpace(ip) == "" {
ip = c.cfg.DefaultIP ip = c.cfg.DefaultIP
} }
// Load PEM public key from file
pemBytes, err := os.ReadFile("infra/990030524100001.pem")
if err != nil {
return nil, fmt.Errorf("dukcapil: failed to read PEM file: %w", err)
}
// Encrypt UserID and Password
encryptedUserID, err := util.EncryptWithPublicKey(c.cfg.UserID, pemBytes)
if err != nil {
return nil, fmt.Errorf("dukcapil: encrypt user_id: %w", err)
}
encryptedPassword, err := util.EncryptWithPublicKey(c.cfg.Password, pemBytes)
if err != nil {
return nil, fmt.Errorf("dukcapil: encrypt password: %w", err)
}
body := contract.DukcapilFaceRequest{ body := contract.DukcapilFaceRequest{
TransactionID: req.TransactionID, TransactionID: req.TransactionID,
TransactionSource: req.TransactionSource, TransactionSource: req.TransactionSource,
Threshold: req.Threshold, Threshold: req.Threshold,
Image: req.Image, Image: req.Image,
UserID: c.cfg.UserID, UserID: encryptedUserID,
Password: c.cfg.Password, Password: encryptedPassword,
IP: ip, IP: ip,
} }

30
internal/util/rsa_util.go Normal file
View File

@ -0,0 +1,30 @@
package util
import (
"crypto/rsa"
"crypto/x509"
"encoding/base64"
"encoding/pem"
"errors"
)
// EncryptWithPublicKey encrypts data with a PEM public key and returns base64 encoded string
func EncryptWithPublicKey(data string, pemBytes []byte) (string, error) {
block, _ := pem.Decode(pemBytes)
if block == nil {
return "", errors.New("failed to parse PEM block containing the public key")
}
pub, err := x509.ParsePKIXPublicKey(block.Bytes)
if err != nil {
return "", err
}
pubKey, ok := pub.(*rsa.PublicKey)
if !ok {
return "", errors.New("not RSA public key")
}
ciphertext, err := rsa.EncryptPKCS1v15(nil, pubKey, []byte(data))
if err != nil {
return "", err
}
return base64.StdEncoding.EncodeToString(ciphertext), nil
}