Commit 98399d8518849cf7d531ec9fe56c517237fb278b
1 parent
74f41102fa
Exists in
master
cleanup
Showing
1 changed file
with
9 additions
and
3 deletions
Show diff stats
main.go
1 | package aes | 1 | package aes |
2 | 2 | ||
3 | import ( | 3 | import ( |
4 | "crypto/aes" | 4 | "crypto/aes" |
5 | "crypto/cipher" | 5 | "crypto/cipher" |
6 | "crypto/rand" | 6 | "crypto/rand" |
7 | "errors" | 7 | "errors" |
8 | "fmt" | ||
8 | "io" | 9 | "io" |
9 | mrand "math/rand" | 10 | mrand "math/rand" |
10 | "time" | 11 | "time" |
11 | ) | 12 | ) |
12 | 13 | ||
13 | const ( | 14 | const ( |
14 | keySize = 32 | 15 | keySize = 32 |
15 | allowedRunes = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" | 16 | allowedRunes = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" |
16 | ) | 17 | ) |
17 | 18 | ||
18 | // RandomKey returns a randomly generated 32 bytes long hex encoded key. | 19 | // RandomKey returns a randomly generated 32 bytes long key. |
19 | func RandomKey() (key []byte) { | 20 | func RandomKey() (key []byte) { |
20 | mrand.Seed(time.Now().UnixNano()) | 21 | mrand.Seed(time.Now().UnixNano()) |
21 | 22 | ||
22 | key = make([]byte, keySize) | 23 | key = make([]byte, keySize) |
23 | 24 | ||
24 | for i := range key { | 25 | for i := range key { |
25 | key[i] = allowedRunes[mrand.Intn(len(allowedRunes))] | 26 | key[i] = allowedRunes[mrand.Intn(len(allowedRunes))] |
26 | } | 27 | } |
27 | 28 | ||
28 | return key | 29 | return key |
29 | } | 30 | } |
30 | 31 | ||
31 | // Encrypt encrypts plaintext with key and returns resulting bytes. | 32 | // Encrypt encrypts plaintext with key and returns resulting bytes. |
32 | func Encrypt(plaintext []byte, key []byte) ([]byte, error) { | 33 | func Encrypt(plaintext, key []byte) ([]byte, error) { |
34 | if len(key) != keySize { | ||
35 | return nil, fmt.Errorf("key size invalid: %d, must be %d\n", len(key), keySize) | ||
36 | } | ||
37 | |||
33 | c, err := aes.NewCipher(key) | 38 | c, err := aes.NewCipher(key) |
34 | if err != nil { | 39 | if err != nil { |
35 | return nil, err | 40 | return nil, err |
36 | } | 41 | } |
37 | 42 | ||
38 | gcm, err := cipher.NewGCM(c) | 43 | gcm, err := cipher.NewGCM(c) |
39 | if err != nil { | 44 | if err != nil { |
40 | return nil, err | 45 | return nil, err |
41 | } | 46 | } |
42 | 47 | ||
43 | nonce := make([]byte, gcm.NonceSize()) | 48 | nonce := make([]byte, gcm.NonceSize()) |
44 | if _, err = io.ReadFull(rand.Reader, nonce); err != nil { | 49 | if _, err = io.ReadFull(rand.Reader, nonce); err != nil { |
45 | return nil, err | 50 | return nil, err |
46 | } | 51 | } |
47 | 52 | ||
48 | return gcm.Seal(nonce, nonce, plaintext, nil), nil | 53 | return gcm.Seal(nonce, nonce, plaintext, nil), nil |
49 | } | 54 | } |
50 | 55 | ||
51 | // Decrypt decrypts ciphertext with key and returns resulting bytes. | 56 | // Decrypt decrypts ciphertext with key and returns resulting bytes. |
52 | func Decrypt(ciphertext []byte, key []byte) ([]byte, error) { | 57 | func Decrypt(ciphertext, key []byte) ([]byte, error) { |
53 | c, err := aes.NewCipher(key) | 58 | c, err := aes.NewCipher(key) |
54 | if err != nil { | 59 | if err != nil { |
55 | return nil, err | 60 | return nil, err |
56 | } | 61 | } |
57 | 62 | ||
58 | gcm, err := cipher.NewGCM(c) | 63 | gcm, err := cipher.NewGCM(c) |
59 | if err != nil { | 64 | if err != nil { |
60 | return nil, err | 65 | return nil, err |
61 | } | 66 | } |
62 | 67 | ||
63 | nonceSize := gcm.NonceSize() | 68 | nonceSize := gcm.NonceSize() |
64 | if len(ciphertext) < nonceSize { | 69 | if len(ciphertext) < nonceSize { |
65 | return nil, errors.New("ciphertext too short") | 70 | return nil, errors.New("ciphertext too short") |
66 | } | 71 | } |
67 | 72 | ||
68 | nonce, ciphertext := ciphertext[:nonceSize], ciphertext[nonceSize:] | 73 | nonce, ciphertext := ciphertext[:nonceSize], ciphertext[nonceSize:] |
74 | |||
69 | return gcm.Open(nil, nonce, ciphertext, nil) | 75 | return gcm.Open(nil, nonce, ciphertext, nil) |
70 | } | 76 | } |
71 | 77 |