Created
November 13, 2015 22:09
-
-
Save ufoot/b4beabbc9050df4217c2 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package main | |
import ( | |
"bytes" | |
"encoding/hex" | |
"errors" | |
"fmt" | |
"golang.org/x/crypto/openpgp" | |
"io" | |
"io/ioutil" | |
"time" | |
) | |
func SymEncrypt(content, password []byte) ([]byte, error) { | |
var byteWriter bytes.Buffer | |
var err error | |
var output io.WriteCloser | |
var ret []byte | |
var hints openpgp.FileHints | |
hints.IsBinary = true | |
hints.ModTime = time.Now() | |
output, err = openpgp.SymmetricallyEncrypt(&byteWriter, password, &hints, nil) | |
if err != nil { | |
return nil, err | |
} | |
output.Write(content) | |
output.Close() | |
ret = byteWriter.Bytes() | |
return ret, nil | |
} | |
func SymDecrypt(content, password []byte) ([]byte, error) { | |
var err error | |
var byteReader io.Reader | |
var messageDetails *openpgp.MessageDetails | |
var ret []byte | |
byteReader = bytes.NewReader(content) | |
fmt.Printf("openpgp.ReadMessage BEGIN\n") | |
messageDetails, err = openpgp.ReadMessage(byteReader, nil, | |
func(keys []openpgp.Key, symmetric bool) ([]byte, error) { | |
return password, nil | |
}, nil) | |
fmt.Printf("openpgp.ReadMessage END\n") | |
if err != nil { | |
return nil, err | |
} | |
if !messageDetails.IsEncrypted { | |
return nil, errors.New("PGP content was not encrypted") | |
} | |
ret, err = ioutil.ReadAll(messageDetails.UnverifiedBody) | |
return ret, err | |
} | |
func main() { | |
content := []byte("foo bar") | |
password := []byte("0123456789abcdefgh") | |
var encrypted []byte | |
var decrypted []byte | |
var err error | |
fmt.Printf("Encrypting %s/%s\n", string(content), string(password)) | |
encrypted, err = SymEncrypt(content, password) | |
if err == nil { | |
// at this stage, we have some encrypted content | |
fmt.Printf("encrypted content=\"%s\" encrypted=\"%s\"\n", | |
string(content), | |
hex.EncodeToString(encrypted)) | |
// 1st test, check encrypt/decrypt work in nominal case | |
fmt.Printf("good pw BEGIN\n") | |
decrypted, err = | |
SymDecrypt(encrypted, password) | |
fmt.Printf("bad pw BEGIN\n") | |
if err == nil { | |
fmt.Printf("decrypted encrypted=\"%s\" decrypted=\"%s\"\n", | |
hex.EncodeToString(encrypted), | |
string(decrypted)) | |
if string(content) != string(decrypted) { | |
fmt.Errorf("Content and decrypted differ\n") | |
} | |
} else { | |
fmt.Errorf("%s\n", err) | |
} | |
// 2nd test, check encrypt/decrypt work as expected | |
// when password is wrong, that is, decrypt ends with | |
// an error, and does not decrypt the content | |
fmt.Printf("bad pw BEGIN\n") | |
decrypted, err =SymDecrypt(encrypted,[]byte("this is a wrong password\n")) | |
fmt.Printf("bad pw END\n") | |
if err != nil { | |
fmt.Printf("OK, decrypt is impossible with a bad password\n") | |
} else { | |
fmt.Errorf("decrypt is possible with a bad password, this *should* be impossible\n") | |
} | |
} else { | |
fmt.Errorf("%s\n", err) | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment