Add symmetric AES encryption functions
This commit is contained in:
Daniel Huigens
parent
ffa226acbd
commit
9c0a78e7e2
2 changed files with 67 additions and 0 deletions
31
crypto/subtle.go
Normal file
31
crypto/subtle.go
Normal file
|
|
@ -0,0 +1,31 @@
|
||||||
|
package crypto
|
||||||
|
|
||||||
|
import (
|
||||||
|
"crypto/aes"
|
||||||
|
"crypto/cipher"
|
||||||
|
|
||||||
|
"golang.org/x/crypto/scrypt"
|
||||||
|
)
|
||||||
|
|
||||||
|
// EncryptWithoutIntegrity encrypts data with AES-CTR. Note: this encryption mode is not secure when stored/sent on an untrusted medium.
|
||||||
|
func EncryptWithoutIntegrity(key, input, iv []byte) (output []byte, err error) {
|
||||||
|
var block cipher.Block
|
||||||
|
if block, err = aes.NewCipher(key); err != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
output = make([]byte, len(input))
|
||||||
|
stream := cipher.NewCTR(block, iv)
|
||||||
|
stream.XORKeyStream(output, input)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DecryptWithoutIntegrity decrypts data encrypted with AES-CTR.
|
||||||
|
func DecryptWithoutIntegrity(key, input, iv []byte) ([]byte, error) {
|
||||||
|
// AES-CTR decryption is identical to encryption.
|
||||||
|
return EncryptWithoutIntegrity(key, input, iv)
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeriveKey derives a key from a password using scrypt.
|
||||||
|
func DeriveKey(password string, salt []byte) ([]byte, error) {
|
||||||
|
return scrypt.Key([]byte(password), salt, 32768, 8, 1, 32)
|
||||||
|
}
|
||||||
36
crypto/subtle_test.go
Normal file
36
crypto/subtle_test.go
Normal file
|
|
@ -0,0 +1,36 @@
|
||||||
|
package crypto
|
||||||
|
|
||||||
|
import (
|
||||||
|
"encoding/hex"
|
||||||
|
"testing"
|
||||||
|
)
|
||||||
|
|
||||||
|
func TestSubtle_EncryptWithoutIntegrity(t *testing.T) {
|
||||||
|
key, _ := hex.DecodeString("9469cccfc8a8d005247f39fa3e5b35a97db456cecf18deac6d84364d0818d763")
|
||||||
|
plaintext := []byte("some plaintext")
|
||||||
|
iv, _ := hex.DecodeString("c828f258a76aad7bc828f258a76aad7b")
|
||||||
|
|
||||||
|
ciphertext, _ := EncryptWithoutIntegrity(key, plaintext, iv)
|
||||||
|
if hex.EncodeToString(ciphertext) != "14697192f7e112fc88d83380693f" {
|
||||||
|
t.Fatal("EncryptWithoutIntegrity returned unexpected result")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestSubtle_DecryptWithoutIntegrity(t *testing.T) {
|
||||||
|
key, _ := hex.DecodeString("9469cccfc8a8d005247f39fa3e5b35a97db456cecf18deac6d84364d0818d763")
|
||||||
|
ciphertext, _ := hex.DecodeString("14697192f7e112fc88d83380693f")
|
||||||
|
iv, _ := hex.DecodeString("c828f258a76aad7bc828f258a76aad7b")
|
||||||
|
|
||||||
|
plaintext, _ := DecryptWithoutIntegrity(key, ciphertext, iv)
|
||||||
|
if string(plaintext) != "some plaintext" {
|
||||||
|
t.Fatal("DecryptWithoutIntegrity returned unexpected result")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestSubtle_DeriveKey(t *testing.T) {
|
||||||
|
salt, _ := hex.DecodeString("c828f258a76aad7b")
|
||||||
|
dk, _ := DeriveKey("some password", salt)
|
||||||
|
if hex.EncodeToString(dk) != "9469cccfc8a8d005247f39fa3e5b35a97db456cecf18deac6d84364d0818d763" {
|
||||||
|
t.Fatal("DeriveKey returned unexpected result")
|
||||||
|
}
|
||||||
|
}
|
||||||
Loading…
Add table
Add a link
Reference in a new issue