This part of my post "Just enough cryptography for better securing your apps"
| package main | |
| import ( | |
| "crypto/aes" | |
| "crypto/cipher" | |
| "crypto/hmac" | |
| "crypto/rand" | |
| "crypto/sha1" | |
| "crypto/sha256" | |
| "encoding/base64" | |
| "fmt" | |
| "io" | |
| "golang.org/x/crypto/pbkdf2" | |
| ) | |
| func encryptAES_GCM(key []byte, message []byte) string { | |
| block, _ := aes.NewCipher(key) | |
| nonce := make([]byte, 12) | |
| if _, err := io.ReadFull(rand.Reader, nonce); err != nil { | |
| panic(err.Error()) | |
| } | |
| aesgcm, err := cipher.NewGCM(block) | |
| if err != nil { | |
| panic(err.Error()) | |
| } | |
| ciphertext := aesgcm.Seal(nil, nonce, message, nil) | |
| return base64.StdEncoding.EncodeToString(ciphertext) | |
| } | |
| func deriveKey(key []byte, salt []byte) string { | |
| derivedKey := pbkdf2.Key(key, salt, 4096, 32, sha1.New) | |
| return base64.StdEncoding.EncodeToString(derivedKey) | |
| } | |
| func computeHmac256(message []byte, key []byte) string { | |
| h := hmac.New(sha256.New, key) | |
| h.Write(message) | |
| return base64.StdEncoding.EncodeToString(h.Sum(nil)) | |
| } | |
| func main() { | |
| message := []byte("hello world") | |
| key := []byte("super secret key") | |
| messageHmac := computeHmac256(message, key) | |
| fmt.Println(string(message), messageHmac) | |
| fmt.Println(string(key), deriveKey(key, message)) | |
| fmt.Println(string(message), encryptAES_GCM(key, message)) | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment