Commit 98399d8518849cf7d531ec9fe56c517237fb278b

Authored by Marko Tikvić
1 parent 74f41102fa
Exists in master

cleanup

Showing 1 changed file with 9 additions and 3 deletions   Show diff stats
1 package aes 1 package aes
2 2
3 import ( 3 import (
4 "crypto/aes" 4 "crypto/aes"
5 "crypto/cipher" 5 "crypto/cipher"
6 "crypto/rand" 6 "crypto/rand"
7 "errors" 7 "errors"
8 "fmt"
8 "io" 9 "io"
9 mrand "math/rand" 10 mrand "math/rand"
10 "time" 11 "time"
11 ) 12 )
12 13
13 const ( 14 const (
14 keySize = 32 15 keySize = 32
15 allowedRunes = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" 16 allowedRunes = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
16 ) 17 )
17 18
18 // RandomKey returns a randomly generated 32 bytes long hex encoded key. 19 // RandomKey returns a randomly generated 32 bytes long key.
19 func RandomKey() (key []byte) { 20 func RandomKey() (key []byte) {
20 mrand.Seed(time.Now().UnixNano()) 21 mrand.Seed(time.Now().UnixNano())
21 22
22 key = make([]byte, keySize) 23 key = make([]byte, keySize)
23 24
24 for i := range key { 25 for i := range key {
25 key[i] = allowedRunes[mrand.Intn(len(allowedRunes))] 26 key[i] = allowedRunes[mrand.Intn(len(allowedRunes))]
26 } 27 }
27 28
28 return key 29 return key
29 } 30 }
30 31
31 // Encrypt encrypts plaintext with key and returns resulting bytes. 32 // Encrypt encrypts plaintext with key and returns resulting bytes.
32 func Encrypt(plaintext []byte, key []byte) ([]byte, error) { 33 func Encrypt(plaintext, key []byte) ([]byte, error) {
34 if len(key) != keySize {
35 return nil, fmt.Errorf("key size invalid: %d, must be %d\n", len(key), keySize)
36 }
37
33 c, err := aes.NewCipher(key) 38 c, err := aes.NewCipher(key)
34 if err != nil { 39 if err != nil {
35 return nil, err 40 return nil, err
36 } 41 }
37 42
38 gcm, err := cipher.NewGCM(c) 43 gcm, err := cipher.NewGCM(c)
39 if err != nil { 44 if err != nil {
40 return nil, err 45 return nil, err
41 } 46 }
42 47
43 nonce := make([]byte, gcm.NonceSize()) 48 nonce := make([]byte, gcm.NonceSize())
44 if _, err = io.ReadFull(rand.Reader, nonce); err != nil { 49 if _, err = io.ReadFull(rand.Reader, nonce); err != nil {
45 return nil, err 50 return nil, err
46 } 51 }
47 52
48 return gcm.Seal(nonce, nonce, plaintext, nil), nil 53 return gcm.Seal(nonce, nonce, plaintext, nil), nil
49 } 54 }
50 55
51 // Decrypt decrypts ciphertext with key and returns resulting bytes. 56 // Decrypt decrypts ciphertext with key and returns resulting bytes.
52 func Decrypt(ciphertext []byte, key []byte) ([]byte, error) { 57 func Decrypt(ciphertext, key []byte) ([]byte, error) {
53 c, err := aes.NewCipher(key) 58 c, err := aes.NewCipher(key)
54 if err != nil { 59 if err != nil {
55 return nil, err 60 return nil, err
56 } 61 }
57 62
58 gcm, err := cipher.NewGCM(c) 63 gcm, err := cipher.NewGCM(c)
59 if err != nil { 64 if err != nil {
60 return nil, err 65 return nil, err
61 } 66 }
62 67
63 nonceSize := gcm.NonceSize() 68 nonceSize := gcm.NonceSize()
64 if len(ciphertext) < nonceSize { 69 if len(ciphertext) < nonceSize {
65 return nil, errors.New("ciphertext too short") 70 return nil, errors.New("ciphertext too short")
66 } 71 }
67 72
68 nonce, ciphertext := ciphertext[:nonceSize], ciphertext[nonceSize:] 73 nonce, ciphertext := ciphertext[:nonceSize], ciphertext[nonceSize:]
74
69 return gcm.Open(nil, nonce, ciphertext, nil) 75 return gcm.Open(nil, nonce, ciphertext, nil)
70 } 76 }
71 77