File: cbc.go

package info (click to toggle)
golang-github-likexian-gokit 0.24.7-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 720 kB
  • sloc: makefile: 5
file content (114 lines) | stat: -rw-r--r-- 2,797 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
/*
 * Copyright 2012-2021 Li Kexian
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 *
 * A toolkit for Golang development
 * https://www.likexian.com/
 */

package xaes

import (
	"bytes"
	"crypto/aes"
	"crypto/cipher"
	"errors"
	"fmt"
)

var (
	// ErrMissingEncryptKey is missing encrypt key error
	ErrMissingEncryptKey = errors.New("xaes: key for encrypting is missing")
	// ErrMissingDecryptKey is missing decrypt key error
	ErrMissingDecryptKey = errors.New("xaes: key for decrypting is missing")
	// ErrInvalidIVSize is invalid IV size error
	ErrInvalidIVSize = fmt.Errorf("xaes: length of iv must be %d", aes.BlockSize)
)

// CBCEncrypt do AES CBC encrypt
func CBCEncrypt(plaintext, key, iv []byte) ([]byte, error) {
	if plaintext == nil {
		return nil, nil
	}

	if key == nil {
		return nil, ErrMissingEncryptKey
	}

	if iv == nil {
		iv = make([]byte, aes.BlockSize)
	}

	if len(iv) != aes.BlockSize {
		return nil, ErrInvalidIVSize
	}

	block, err := aes.NewCipher(key)
	if err != nil {
		return nil, err
	}

	blockSize := block.BlockSize()
	plaintext = PKCS7Padding(plaintext, blockSize)
	ciphertext := make([]byte, len(plaintext))
	blockMode := cipher.NewCBCEncrypter(block, iv)
	blockMode.CryptBlocks(ciphertext, plaintext)

	return ciphertext, nil
}

// CBCDecrypt do AES CBC decrypt
func CBCDecrypt(ciphertext, key, iv []byte) ([]byte, error) {
	if ciphertext == nil {
		return nil, nil
	}

	if key == nil {
		return nil, ErrMissingDecryptKey
	}

	if iv == nil {
		iv = make([]byte, aes.BlockSize)
	}

	if len(iv) != aes.BlockSize {
		return nil, ErrInvalidIVSize
	}

	block, err := aes.NewCipher(key)
	if err != nil {
		return nil, err
	}

	plaintext := make([]byte, len(ciphertext))
	blockMode := cipher.NewCBCDecrypter(block, iv)
	blockMode.CryptBlocks(plaintext, ciphertext)
	plaintext = PKCS7Unpadding(plaintext)

	return plaintext, nil
}

// PKCS7Padding do PKCS7 padding
func PKCS7Padding(data []byte, blockSize int) []byte {
	paddingSize := blockSize - len(data)%blockSize
	paddingText := bytes.Repeat([]byte{byte(paddingSize)}, paddingSize)
	return append(data, paddingText...)
}

// PKCS7Unpadding do PKCS7 unpadding
func PKCS7Unpadding(data []byte) []byte {
	dataSize := len(data)
	paddingSize := int(data[dataSize-1])
	return data[:(dataSize - paddingSize)]
}