bindbox-game/internal/service/activity/seed_crypto.go

package activity

import (
    "crypto/hmac"
    "crypto/sha256"
    "encoding/binary"
    "encoding/hex"
    "os"

    "bindbox-game/configs"
)

func masterKey() []byte {
    if v := os.Getenv("RANDOM_COMMIT_MASTER_KEY"); v != "" {
        b, err := hex.DecodeString(v)
        if err == nil && len(b) > 0 { return b }
    }
    s := configs.Get().Random.CommitMasterKey
    if s == "" {
        return nil
    }
    b, err := hex.DecodeString(s)
    if err != nil || len(b) == 0 {
        return nil
    }
    return b
}

func deriveMask(key []byte, issueID int64, version int32) []byte {
    m := hmac.New(sha256.New, key)
    buf := make([]byte, 12)
    binary.BigEndian.PutUint64(buf[:8], uint64(issueID))
    binary.BigEndian.PutUint32(buf[8:12], uint32(version))
    m.Write(buf)
    sum := m.Sum(nil)
    return sum[:32]
}

func maskSeed(master []byte, issueID int64, version int32) ([]byte, bool) {
    key := masterKey()
    if key == nil {
        return master, false
    }
    ks := deriveMask(key, issueID, version)
    out := make([]byte, len(master))
    for i := range master {
        out[i] = master[i] ^ ks[i%len(ks)]
    }
    return out, true
}

func unmaskSeed(enc []byte, issueID int64, version int32) []byte {
    key := masterKey()
    if key == nil {
        return enc
    }
    ks := deriveMask(key, issueID, version)
    out := make([]byte, len(enc))
    for i := range enc {
        out[i] = enc[i] ^ ks[i%len(ks)]
    }
    return out
}