-
Notifications
You must be signed in to change notification settings - Fork 17
/
Copy pathAesCbc256StringEncryptionFull.go
115 lines (100 loc) · 3.48 KB
/
AesCbc256StringEncryptionFull.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
package main
import (
"bytes"
"strings"
"crypto/aes"
"crypto/cipher"
"crypto/rand"
"encoding/base64"
"fmt"
"io"
)
func main() {
fmt.Printf("AES CBC 256 String encryption with random key full\n")
plaintext := string("The quick brown fox jumps over the lazy dog")
fmt.Printf("plaintext: " + plaintext + "\n")
// generate random key
encryptionKey := []byte(GenerateRandomAesKey())
encryptionKeyBase64 := string(Base64Encoding(encryptionKey))
fmt.Printf("encryptionKey (Base64): " + encryptionKeyBase64 + "\n")
fmt.Printf("\n* * * Encryption * * *\n");
ciphertextBase64 := string(AesCbcEncryptToBase64(encryptionKey, plaintext))
fmt.Printf("ciphertext: " + ciphertextBase64 + "\n");
fmt.Printf("output is (Base64) iv : (Base64) ciphertext\n");
fmt.Printf("\n* * * Decryption * * *\n");
decryptionKeyBase64 := string(encryptionKeyBase64);
ciphertextDecryptionBase64 := string(ciphertextBase64);
fmt.Printf("decryptionkey (Base64): " + decryptionKeyBase64 + "\n")
decryptionKey := []byte(Base64Decoding(decryptionKeyBase64))
fmt.Printf("ciphertext: " + ciphertextDecryptionBase64 + "\n");
fmt.Printf("input is (Base64) iv : (Base64) ciphertext\n");
decryptedtext := string(aesCbcDecryptFromBase64(decryptionKey, ciphertextDecryptionBase64))
fmt.Printf("decryptedtext: " + decryptedtext + "\n")
}
func AesCbcEncryptToBase64(key []byte, data string)(string) {
plaintext := []byte(data)
plaintext = PKCS5Padding(plaintext, 16)
iv := []byte(GenerateRandomInitvector())
block, err := aes.NewCipher(key)
if err != nil {
panic(err)
}
ciphertext := make([]byte, len(plaintext))
mode := cipher.NewCBCEncrypter(block, iv)
mode.CryptBlocks(ciphertext, plaintext)
ciphertextBase64 := string(Base64Encoding(ciphertext))
ivBase64 := string(Base64Encoding(iv))
ciphertextCompleteBase64 := string(ivBase64 + ":" + ciphertextBase64)
return ciphertextCompleteBase64
}
func aesCbcDecryptFromBase64(encryptionKey []byte, ciphertextCompleteBase64 string)(string) {
data := strings.Split(ciphertextCompleteBase64, ":")
iv := []byte(Base64Decoding(data[0]))
ciphertext := []byte(Base64Decoding(data[1]))
block, err := aes.NewCipher(encryptionKey)
if err != nil {
panic(err)
}
if len(ciphertext) < aes.BlockSize {
panic("ciphertext too short")
}
if len(ciphertext)%aes.BlockSize != 0 {
panic("ciphertext is not a multiple of the block size")
}
mode := cipher.NewCBCDecrypter(block, iv)
mode.CryptBlocks(ciphertext, ciphertext)
return string(ciphertext)
}
func PKCS5Padding(ciphertext []byte, blockSize int) []byte {
padding := blockSize - len(ciphertext)%blockSize
padtext := bytes.Repeat([]byte{byte(padding)}, padding)
return append(ciphertext, padtext...)
}
func PKCS5Trimming(encrypt []byte) []byte {
padding := encrypt[len(encrypt)-1]
return encrypt[:len(encrypt)-int(padding)]
}
func GenerateRandomAesKey()([]byte) {
key := make([]byte, 32)
if _, err := io.ReadFull(rand.Reader, key); err != nil {
panic(err.Error())
}
return key
}
func GenerateRandomInitvector()([]byte) {
iv := make([]byte, 16)
if _, err := io.ReadFull(rand.Reader, iv); err != nil {
panic(err.Error())
}
return iv
}
func Base64Encoding(input []byte)(string) {
return base64.StdEncoding.EncodeToString(input)
}
func Base64Decoding(input string)([]byte) {
data, err := base64.StdEncoding.DecodeString(input)
if err != nil {
return data
}
return data
}