Created
August 31, 2018 10:27
-
-
Save proteye/23ce999162fe2d6423ab9505461dea25 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package aeslib | |
| import ( | |
| "bytes" | |
| "crypto/aes" | |
| "crypto/cipher" | |
| "crypto/rand" | |
| "crypto/sha256" | |
| "encoding/base64" | |
| "errors" | |
| "io" | |
| "strings" | |
| "golang.org/x/crypto/pbkdf2" | |
| ) | |
| const BlockSize = 32 | |
| func deriveKey(passphrase string, salt []byte) []byte { | |
| // http://www.ietf.org/rfc/rfc2898.txt | |
| if salt == nil { | |
| salt = make([]byte, 8) | |
| // rand.Read(salt) | |
| } | |
| return pbkdf2.Key([]byte(passphrase), salt, 1000, BlockSize, sha256.New) | |
| } | |
| func addBase64Padding(value string) string { | |
| m := len(value) % 4 | |
| if m != 0 { | |
| value += strings.Repeat("=", 4-m) | |
| } | |
| return value | |
| } | |
| func removeBase64Padding(value string) string { | |
| return strings.Replace(value, "=", "", -1) | |
| } | |
| func Pad(src []byte) []byte { | |
| padding := aes.BlockSize - len(src)%aes.BlockSize | |
| padtext := bytes.Repeat([]byte{byte(padding)}, padding) | |
| return append(src, padtext...) | |
| } | |
| func Unpad(src []byte) ([]byte, error) { | |
| length := len(src) | |
| unpadding := int(src[length-1]) | |
| if unpadding > length { | |
| return nil, errors.New("unpad error. This could happen when incorrect encryption key is used") | |
| } | |
| return src[:(length - unpadding)], nil | |
| } | |
| func encrypt(key []byte, text string) (string, error) { | |
| block, err := aes.NewCipher(key) | |
| if err != nil { | |
| return "", err | |
| } | |
| msg := Pad([]byte(text)) | |
| ciphertext := make([]byte, aes.BlockSize+len(msg)) | |
| iv := ciphertext[:aes.BlockSize] | |
| if _, err := io.ReadFull(rand.Reader, iv); err != nil { | |
| return "", err | |
| } | |
| cfb := cipher.NewCFBEncrypter(block, iv) | |
| cfb.XORKeyStream(ciphertext[aes.BlockSize:], []byte(msg)) | |
| finalMsg := removeBase64Padding(base64.URLEncoding.EncodeToString(ciphertext)) | |
| return finalMsg, nil | |
| } | |
| func decrypt(key []byte, text string) (string, error) { | |
| block, err := aes.NewCipher(key) | |
| if err != nil { | |
| return "", err | |
| } | |
| decodedMsg, err := base64.URLEncoding.DecodeString(addBase64Padding(text)) | |
| if err != nil { | |
| return "", err | |
| } | |
| if (len(decodedMsg) % aes.BlockSize) != 0 { | |
| return "", errors.New("blocksize must be multipe of decoded message length") | |
| } | |
| iv := decodedMsg[:aes.BlockSize] | |
| msg := decodedMsg[aes.BlockSize:] | |
| cfb := cipher.NewCFBDecrypter(block, iv) | |
| cfb.XORKeyStream(msg, msg) | |
| unpadMsg, err := Unpad(msg) | |
| if err != nil { | |
| return "", err | |
| } | |
| return string(unpadMsg), nil | |
| } | |
| func Encrypt(password string, plaintext string) string { | |
| key := deriveKey(password, nil) | |
| encryptMsg, _ := encrypt(key, plaintext) | |
| return encryptMsg | |
| } | |
| func Decrypt(password string, cipher string) string { | |
| key := deriveKey(password, nil) | |
| msg, _ := decrypt(key, cipher) | |
| return msg | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment