-
Notifications
You must be signed in to change notification settings - Fork 0
/
symm_out.go
72 lines (59 loc) · 1.6 KB
/
symm_out.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
package gfc
import (
"bytes"
"fmt"
"github.com/pkg/errors"
)
// formatOutputGfcSymm serializes the output for all symmetric key encryption by gfc
func formatOutputGfcSymm(
ciphertext []byte,
nonce []byte,
salt []byte,
) (
Buffer,
error,
) {
lenNonce := len(nonce)
lenSalt := len(salt)
buf := bytes.NewBuffer(ciphertext)
n, err := buf.Write(nonce)
if err != nil {
return nil, errors.Wrap(err, "failed to append nonce to symmetric encryption output")
}
if n != lenNonce {
return nil, fmt.Errorf("unexpected nonce bytes written - expecting %d, got %d", lenNonce, n)
}
n, err = buf.Write(salt)
if err != nil {
return nil, errors.Wrap(err, "failed to append salt to symmetric encryption output")
}
if n != lenSalt {
return nil, fmt.Errorf("unexpected salt bytes written - expecting %d, got %d", lenSalt, n)
}
return buf, nil
}
// decodeOutputGfcSymm unmarshals gfc symmetric key encryption output into message length, ciphertext, key, and nonce
func decodeOutputGfcSymm(
ciphertext Buffer,
key []byte,
nonceSize int,
) (
int, // lenMsg or nonceStart
[]byte, // Ciphertext
[]byte, // Key
[]byte, // Nonce
error,
) {
ciphertextBytes := ciphertext.Bytes()
lenGfcCiphertext := ciphertext.Len()
saltStart := lenGfcCiphertext - lenPBKDF2Salt
salt := ciphertextBytes[saltStart:]
key, _, err := keySaltPBKDF2(key, salt)
if err != nil {
return 0, nil, nil, nil, errors.Wrap(err, ErrPBKDF2KeySalt.Error())
}
nonceStart := saltStart - nonceSize
nonce := ciphertextBytes[nonceStart:saltStart]
ciphertextBytes = ciphertextBytes[:nonceStart]
return nonceStart, ciphertextBytes, key, nonce, nil
}