Move subtle.go to its own package
This commit is contained in:
Daniel Huigens
parent
784c5cfc2e
commit
d4cdec5229
3 changed files with 4 additions and 4 deletions
33
subtle/subtle.go
Normal file
33
subtle/subtle.go
Normal file
|
|
@ -0,0 +1,33 @@
|
|||
package subtle
|
||||
|
||||
import (
|
||||
"crypto/aes"
|
||||
"crypto/cipher"
|
||||
|
||||
"golang.org/x/crypto/scrypt"
|
||||
)
|
||||
|
||||
// EncryptWithoutIntegrity encrypts data with AES-CTR. Note: this encryption
|
||||
// mode is not secure when stored/sent on an untrusted medium.
|
||||
func EncryptWithoutIntegrity(key, input, iv []byte) (output []byte, err error) {
|
||||
var block cipher.Block
|
||||
if block, err = aes.NewCipher(key); err != nil {
|
||||
return
|
||||
}
|
||||
output = make([]byte, len(input))
|
||||
stream := cipher.NewCTR(block, iv)
|
||||
stream.XORKeyStream(output, input)
|
||||
return
|
||||
}
|
||||
|
||||
// DecryptWithoutIntegrity decrypts data encrypted with AES-CTR.
|
||||
func DecryptWithoutIntegrity(key, input, iv []byte) ([]byte, error) {
|
||||
// AES-CTR decryption is identical to encryption.
|
||||
return EncryptWithoutIntegrity(key, input, iv)
|
||||
}
|
||||
|
||||
// DeriveKey derives a key from a password using scrypt. N should be set to the
|
||||
// highest power of 2 you can derive within 100 milliseconds.
|
||||
func DeriveKey(password string, salt []byte, N int) ([]byte, error) {
|
||||
return scrypt.Key([]byte(password), salt, N, 8, 1, 32)
|
||||
}
|
||||
31
subtle/subtle_test.go
Normal file
31
subtle/subtle_test.go
Normal file
|
|
@ -0,0 +1,31 @@
|
|||
package subtle
|
||||
|
||||
import (
|
||||
"github.com/stretchr/testify/assert"
|
||||
"encoding/hex"
|
||||
"testing"
|
||||
)
|
||||
|
||||
func TestSubtle_EncryptWithoutIntegrity(t *testing.T) {
|
||||
key, _ := hex.DecodeString("9469cccfc8a8d005247f39fa3e5b35a97db456cecf18deac6d84364d0818d763")
|
||||
plaintext := []byte("some plaintext")
|
||||
iv, _ := hex.DecodeString("c828f258a76aad7bc828f258a76aad7b")
|
||||
|
||||
ciphertext, _ := EncryptWithoutIntegrity(key, plaintext, iv)
|
||||
assert.Exactly(t, "14697192f7e112fc88d83380693f", hex.EncodeToString(ciphertext))
|
||||
}
|
||||
|
||||
func TestSubtle_DecryptWithoutIntegrity(t *testing.T) {
|
||||
key, _ := hex.DecodeString("9469cccfc8a8d005247f39fa3e5b35a97db456cecf18deac6d84364d0818d763")
|
||||
ciphertext, _ := hex.DecodeString("14697192f7e112fc88d83380693f")
|
||||
iv, _ := hex.DecodeString("c828f258a76aad7bc828f258a76aad7b")
|
||||
|
||||
plaintext, _ := DecryptWithoutIntegrity(key, ciphertext, iv)
|
||||
assert.Exactly(t, "some plaintext", string(plaintext))
|
||||
}
|
||||
|
||||
func TestSubtle_DeriveKey(t *testing.T) {
|
||||
salt, _ := hex.DecodeString("c828f258a76aad7b")
|
||||
dk, _ := DeriveKey("some password", salt, 32768)
|
||||
assert.Exactly(t, "9469cccfc8a8d005247f39fa3e5b35a97db456cecf18deac6d84364d0818d763", hex.EncodeToString(dk))
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue