作者:Wombat
项目:wombat-deskto
// Encrypts the contents of a file and returns the encrypted byte slice.
// AES encryption with PCKS#7 padding.
func Encrypt(filename, key string) (encrypted []byte, err error) {
var (
aesCipher cipher.Block
data []byte
tempenc = make([]byte, blockSize)
)
aesCipher, err = aes.NewCipher([]byte(key))
if err != nil {
return
}
data, err = ioutil.ReadFile(filename)
if err != nil {
return encrypted, err
}
padded, err := padding.Pad(data, blockSize)
if err != nil {
return encrypted, err
}
for i := 0; i < len(padded)/blockSize; i++ {
aesCipher.Encrypt(tempenc, padded[i*blockSize:i*blockSize+blockSize])
encrypted = append(encrypted, tempenc...)
}
return encrypted, nil
}
作者:itiseri
项目:crypt
// Given the supplied cipher, whose block size must be 16 bytes, return two
// subkeys that can be used in MAC generation. See section 5.3 of NIST SP
// 800-38B. Note that the other NIST-approved block size of 8 bytes is not
// supported by this function.
func generateSubkeys(ciph cipher.Block) (k1 []byte, k2 []byte) {
if ciph.BlockSize() != blockSize {
panic("generateSubkeys requires a cipher with a block size of 16 bytes.")
}
// Step 1
l := make([]byte, blockSize)
ciph.Encrypt(l, subkeyZero)
// Step 2: Derive the first subkey.
if common.Msb(l) == 0 {
// TODO(jacobsa): Accept a destination buffer in ShiftLeft and then hoist
// the allocation in the else branch below.
k1 = common.ShiftLeft(l)
} else {
k1 = make([]byte, blockSize)
common.Xor(k1, common.ShiftLeft(l), subkeyRb)
}
// Step 3: Derive the second subkey.
if common.Msb(k1) == 0 {
k2 = common.ShiftLeft(k1)
} else {
k2 = make([]byte, blockSize)
common.Xor(k2, common.ShiftLeft(k1), subkeyRb)
}
return
}
作者:CuriousLL
项目:ecbciphe
func newCBC(b cipher.Block, IV []byte) *cbc {
return &cbc{
b: b,
blockSize: b.BlockSize(),
IV: IV,
}
}
作者:weixinhos
项目:beego-ya
func newECB(b cipher.Block) *ecb {
return &ecb{
b: b,
blockSize: b.BlockSize(),
}
}
作者:beatgammi
项目:seshcooki
// encode uses the given block cipher (in CTR mode) to encrypt the
// data, along with a hash, returning the iv and the ciphertext. What
// is returned looks like:
//
// encrypted(salt + sessionData) + iv + hmac
//
func encode(block cipher.Block, hmac hash.Hash, data []byte) ([]byte, error) {
buf := bytes.NewBuffer(nil)
salt := make([]byte, block.BlockSize())
if _, err := io.ReadFull(rand.Reader, salt); err != nil {
return nil, err
}
buf.Write(salt)
buf.Write(data)
session := buf.Bytes()
iv := make([]byte, block.BlockSize())
if _, err := rand.Read(iv); err != nil {
return nil, err
}
stream := cipher.NewCTR(block, iv)
stream.XORKeyStream(session, session)
buf.Write(iv)
hmac.Write(buf.Bytes())
buf.Write(hmac.Sum(nil))
return buf.Bytes(), nil
}
作者:scyt
项目:gorilla-sessions-filestor
// encrypt encrypts a value using the given Block in CTR mode.
//
// A random initialization vector is generated and prepended to the resulting
// ciphertext to be available for decryption. Also, a random salt with the
// length of the block size is prepended to the value before encryption.
func encrypt(block cipher.Block, value []byte) (rv []byte, err error) {
// Recover in case block has an invalid key.
defer func() {
if r := recover(); r != nil {
err = r.(error)
}
}()
size := block.BlockSize()
// Generate an initialization vector suitable for encryption.
// http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Initialization_vector_.28IV.29
iv := make([]byte, size)
if _, err = rand.Read(iv); err != nil {
return
}
// Create a salt.
salt := make([]byte, size)
if _, err = rand.Read(salt); err != nil {
return
}
value = append(salt, value...)
// Encrypt it.
stream := cipher.NewCTR(block, iv)
stream.XORKeyStream(value, value)
// Return iv + ciphertext.
rv = append(iv, value...)
return
}
作者:crayontx
项目:go-rc
func decrypt(src io.Reader, des io.Writer, cipher cipher.Block, length int) error {
blockSize := cipher.BlockSize()
if length <= 0 {
return errors.New("length must be greater than 0")
}
buf := make([]byte, blockSize)
acc := 0
n, err := src.Read(buf)
for err == nil && acc < length {
acc += n
cipher.Decrypt(buf, buf)
if acc > length {
paddings := acc - length
des.Write(buf[0 : blockSize-paddings])
return nil
}
des.Write(buf)
buf = make([]byte, blockSize)
n, err = src.Read(buf)
}
return nil
}
作者:scyt
项目:gorilla-sessions-filestor
// decrypt decrypts a value using the given Block in CTR mode.
//
// The value to be decrypted must have a length greater than the block size,
// because the initialization vector is expected to prepend it. Also, a salt
// with the length of the block size is expected to prepend the plain value.
func decrypt(block cipher.Block, value []byte) (b []byte, err error) {
// Recover in case block has an invalid key.
defer func() {
if r := recover(); r != nil {
err = r.(error)
}
}()
size := block.BlockSize()
if len(value) > size {
// Extract iv.
iv := value[:size]
// Extract ciphertext.
value = value[size:]
// Decrypt it.
stream := cipher.NewCTR(block, iv)
stream.XORKeyStream(value, value)
if len(value) > size {
// Return value without the salt.
b = value[size:]
return
}
}
err = ErrDecryption
return
}
作者:ysmolsk
项目:cryptopals-matasano-solution
func CTREncrypt(block cipher.Block, nonce, dst, src []byte) {
size := block.BlockSize()
if len(nonce) != size {
panic("size of IV not equal to block size")
}
if len(dst) == 0 || len(src) == 0 {
return
}
// temp key
key := make([]byte, size)
// copy of nonce
n := make([]byte, size)
copy(n, nonce)
counter := binary.LittleEndian.Uint64(n[8:])
for i := 0; i < len(dst) && i < len(src); i += size {
block.Encrypt(key, n)
for j := 0; j < size && i+j < len(src); j++ {
dst[i+j] = src[i+j] ^ key[j]
}
counter++
binary.LittleEndian.PutUint64(n[8:], counter)
}
return
}
作者:yamnikov-ole
项目:ps
// Encrypt производит шифрования хранилища по паролю.
func Encrypt(s Storage, w io.Writer, pwd string) (err error) {
var (
key [keySize]byte
block cipher.Block
iv []byte
payload []byte
)
// Prepare encryptor
key = sha256.Sum256([]byte(pwd))
if block, err = aes.NewCipher(key[:]); err != nil {
return err
}
iv = make([]byte, block.BlockSize())
if _, err = rand.Read(iv); err != nil {
return err
}
if _, err = w.Write(iv); err != nil {
return err
}
w = cipher.StreamWriter{S: cipher.NewCFBEncrypter(block, iv), W: w}
// Encode and write
if _, err = w.Write(key[:]); err != nil {
return err
}
if payload, err = json.Marshal(s); err != nil {
return err
}
if _, err := w.Write(payload); err != nil {
return err
}
return nil
}
作者:optimus
项目:spi
func newRCBC(b cipher.Block, iv []byte) *rcbc {
return &rcbc{
b: b,
blockSize: b.BlockSize(),
iv: dup(iv),
tmp: make([]byte, b.BlockSize()),
}
}
作者:nc
项目:rclon
// aesTransform - encrypt or decrypt (according to "direction") using block
// cipher "bc" (typically AES)
func aesTransform(dst []byte, src []byte, direction directionConst, bc cipher.Block) {
if direction == DirectionEncrypt {
bc.Encrypt(dst, src)
return
} else if direction == DirectionDecrypt {
bc.Decrypt(dst, src)
return
}
}
作者:ysmolsk
项目:cryptopals-matasano-solution
func ECBEncrypt(block cipher.Block, dst, src []byte) {
size := block.BlockSize()
if len(dst)%size != 0 {
panic("size of dst and src should be multiples of blocksize")
}
for i := 0; i < len(dst); i += size {
block.Encrypt(dst[i:i+size], src[i:i+size])
}
}
作者:arthau
项目:write-ups-201
func get_key(master cipher.Block, ctr uint64) (cipher.Block, []byte) {
plain := make([]byte, 16)
new_key := make([]byte, 16)
binary.BigEndian.PutUint64(plain, ctr)
master.Encrypt(new_key, plain)
new_cipher, err := aes.NewCipher(new_key)
check(err)
return new_cipher, new_key
}
作者:rufli
项目:go-ethereu
// updateMAC reseeds the given hash with encrypted seed.
// it returns the first 16 bytes of the hash sum after seeding.
func updateMAC(mac hash.Hash, block cipher.Block, seed []byte) []byte {
aesbuf := make([]byte, aes.BlockSize)
block.Encrypt(aesbuf, mac.Sum(nil))
for i := range aesbuf {
aesbuf[i] ^= seed[i]
}
mac.Write(aesbuf)
return mac.Sum(nil)[:16]
}
作者:carriercom
项目:grumbl
// Encrypt encrypts the plaintext src and outputs the corresponding ciphertext into dst.
// Besides outputting a ciphertext into dst, Encrypt also outputs an authentication tag
// of ocb2.TagSize bytes into tag, which should be used to verify the authenticity of the
// message on the receiving side.
//
// To ensure both authenticity and secrecy of messages, each invocation to this function must
// be given an unique nonce of ocb2.NonceSize bytes. The nonce need not be secret (it can be
// a counter), but it needs to be unique.
//
// The block cipher used in function must work on a block size equal to ocb2.BlockSize.
// The tag slice used in this function must have a length equal to ocb2.TagSize.
// The nonce slice used in this function must have a length equal to ocb2.NonceSize.
// If any of the above are violated, Encrypt will panic.
func Encrypt(cipher cipher.Block, dst []byte, src []byte, nonce []byte, tag []byte) {
if cipher.BlockSize() != BlockSize {
panic("ocb2: cipher blocksize is not equal to ocb2.BlockSize")
}
if len(nonce) != NonceSize {
panic("ocb2: nonce length is not equal to ocb2.NonceSize")
}
var (
checksum [BlockSize]byte
delta [BlockSize]byte
tmp [BlockSize]byte
pad [BlockSize]byte
calcTag [NonceSize]byte
off int
)
cipher.Encrypt(delta[0:], nonce[0:])
zeros(checksum[0:])
remain := len(src)
for remain > BlockSize {
times2(delta[0:])
xor(tmp[0:], delta[0:], src[off:off+BlockSize])
cipher.Encrypt(tmp[0:], tmp[0:])
xor(dst[off:off+BlockSize], delta[0:], tmp[0:])
xor(checksum[0:], checksum[0:], src[off:off+BlockSize])
remain -= BlockSize
off += BlockSize
}
times2(delta[0:])
zeros(tmp[0:])
num := remain * 8
tmp[BlockSize-2] = uint8((uint32(num) >> 8) & 0xff)
tmp[BlockSize-1] = uint8(num & 0xff)
xor(tmp[0:], tmp[0:], delta[0:])
cipher.Encrypt(pad[0:], tmp[0:])
copied := copy(tmp[0:], src[off:])
if copied != remain {
panic("ocb2: copy failed")
}
if copy(tmp[copied:], pad[copied:]) != (BlockSize - remain) {
panic("ocb2: copy failed")
}
xor(checksum[0:], checksum[0:], tmp[0:])
xor(tmp[0:], pad[0:], tmp[0:])
if copy(dst[off:], tmp[0:]) != remain {
panic("ocb2: copy failed")
}
times3(delta[0:])
xor(tmp[0:], delta[0:], checksum[0:])
cipher.Encrypt(calcTag[0:], tmp[0:])
copy(tag, calcTag[:])
}
作者:qingta
项目:man
func aesDecrypt(block cipher.Block, src []byte) []byte {
var dst = make([]byte, 16)
var src_len = len(src)
var dec []byte
for i := 0; i < src_len; i += 16 {
block.Decrypt(dst, src[i:i+16])
dec = append(dec, dst...)
}
return dec
}
作者:Jimd
项目:nsc
func newCFB8(block cipher.Block, iv []byte, decrypt bool) (stream cipher.Stream) {
cfb8 := new(cfb8)
cfb8.b = block
cfb8.next = make([]byte, len(iv))
cfb8.out = make([]byte, block.BlockSize())
cfb8.decrypt = decrypt
copy(cfb8.next, iv)
stream = cfb8
return
}
作者:LivousCraftNetwor
项目:GoLilyPa
func newCFB8(block cipher.Block, iv []byte, decrypt bool) (stream cipher.Stream) {
cfb8 := new(cfb8)
cfb8.Block = block
cfb8.Iv = make([]byte, len(iv))
cfb8.Tmp = make([]byte, block.BlockSize())
cfb8.Decrypt = decrypt
copy(cfb8.Iv, iv)
stream = cfb8
return
}
作者:Juml
项目:GoLilyPa
func newCFB8(block cipher.Block, iv []byte, decrypt bool) (stream cipher.Stream) {
bytes := make([]byte, len(iv))
copy(bytes, iv)
return &cfb8{
block: block,
iv: bytes,
tmp: make([]byte, block.BlockSize()),
decrypt: decrypt,
}
}
