-
Notifications
You must be signed in to change notification settings - Fork 199
/
aes_encoder.go
146 lines (114 loc) · 3.08 KB
/
aes_encoder.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
package secret
import (
"bytes"
"crypto/aes"
"crypto/cipher"
"crypto/rand"
"encoding/binary"
"encoding/hex"
"fmt"
"io"
"strings"
)
type AesEncoder struct {
CipherBlock cipher.Block
}
func GenerateAesSecretKey() ([]byte, error) {
randomBytes := make([]byte, 16)
if _, err := rand.Read(randomBytes); err != nil {
return nil, err
}
result := []byte(hex.EncodeToString(randomBytes))
return result, nil
}
func NewAesEncoder(key []byte) (*AesEncoder, error) {
key, err := hexToBinary(key)
if err != nil {
return nil, err
}
c, err := aes.NewCipher(key)
if err != nil {
return nil, err
}
secret := &AesEncoder{c}
return secret, nil
}
func (s *AesEncoder) Encrypt(data []byte) ([]byte, error) {
dataToEncrypt := pad(data)
cipherData := make([]byte, aes.BlockSize+len(dataToEncrypt))
iv := cipherData[:aes.BlockSize]
if _, err := io.ReadFull(rand.Reader, iv); err != nil {
return nil, err
}
mode := cipher.NewCBCEncrypter(s.CipherBlock, iv)
mode.CryptBlocks(cipherData[aes.BlockSize:], dataToEncrypt)
ivSize := make([]byte, 2)
binary.LittleEndian.PutUint16(ivSize, aes.BlockSize)
var args []byte
args = append(args, ivSize...)
args = append(args, cipherData...)
result := make([]byte, hex.EncodedLen(len(args)))
hex.Encode(result, args)
return result, nil
}
func (s *AesEncoder) Decrypt(data []byte) ([]byte, error) {
if len(data) == 0 {
return data, nil
}
dataToExtract, err := hexToBinary(data)
if err != nil {
return nil, err
}
ivLengthInfoSize := 2
ivSize := aes.BlockSize
paddingMaxSize := aes.BlockSize
minimalDataBinarySize := ivLengthInfoSize + ivSize + paddingMaxSize
minimalDataSize := minimalDataBinarySize * 2
if len(dataToExtract) < minimalDataBinarySize { // iv + padding
return nil, fmt.Errorf("minimum required data length: '%v'", minimalDataSize)
}
iv := dataToExtract[ivLengthInfoSize : ivLengthInfoSize+ivSize]
cipherText := dataToExtract[ivLengthInfoSize+ivSize:]
if len(cipherText)%aes.BlockSize != 0 {
return nil, fmt.Errorf("data isn't a multiple of the block size")
}
mode := cipher.NewCBCDecrypter(s.CipherBlock, iv)
mode.CryptBlocks(cipherText, cipherText)
result, err := unpad(cipherText)
if err != nil {
return nil, err
}
return result, nil
}
func pad(data []byte) []byte {
padding := aes.BlockSize - len(data)%aes.BlockSize
padtext := bytes.Repeat([]byte{byte(padding)}, padding)
return append(data, padtext...)
}
func unpad(data []byte) ([]byte, error) {
length := len(data)
unpadding := int(data[length-1])
if unpadding > length {
return nil, fmt.Errorf("inconsistent data, unpad failed")
}
return data[:(length - unpadding)], nil
}
func hexToBinary(data []byte) ([]byte, error) {
result := make([]byte, hex.DecodedLen(len(data)))
if _, err := hex.Decode(result, data); err != nil {
return nil, err
}
return result, nil
}
func IsExtractDataError(err error) bool {
dataErrorPrefixes := []string{
"minimum required data length",
"encoding/hex: odd length hex string",
}
for _, prefix := range dataErrorPrefixes {
if strings.HasPrefix(err.Error(), prefix) {
return true
}
}
return false
}