FilesExpand file tree

 develop

/

cipher.go

Copy path

BlameMore file actions

BlameMore file actions

Latest commit

 

History

History

History

66 lines (55 loc) · 2.21 KB

 develop

/

cipher.go

Top

File metadata and controls

• Code
• Blame

66 lines (55 loc) · 2.21 KB

Raw

Copy raw file

Download raw file

Open symbols panel

Edit and raw actions

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

/*

* Copyright 2018 The CovenantSQL Authors.

*

* Licensed under the Apache License, Version 2.0 (the "License");

* you may not use this file except in compliance with the License.

* You may obtain a copy of the License at

*

* http://www.apache.org/licenses/LICENSE-2.0

*

* Unless required by applicable law or agreed to in writing, software

* distributed under the License is distributed on an "AS IS" BASIS,

* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

* See the License for the specific language governing permissions and

* limitations under the License.

*/

// Package crypto implements Asymmetric, Symmetric Encryption and Hash function.

package crypto

import (

"bytes"

"crypto/aes"

"errors"

ec "github.com/btcsuite/btcd/btcec"

"github.com/CovenantSQL/CovenantSQL/crypto/asymmetric"

)

var errInvalidPadding = errors.New("invalid PKCS#7 padding")

// Implement PKCS#7 padding with block size of 16 (AES block size).

// AddPKCSPadding adds padding to a block of data.

func AddPKCSPadding(src []byte) []byte {

padding := aes.BlockSize - len(src)%aes.BlockSize

padtext := bytes.Repeat([]byte{byte(padding)}, padding)

return append(src, padtext...)

}

// RemovePKCSPadding removes padding from data that was added with addPKCSPadding.

func RemovePKCSPadding(src []byte) ([]byte, error) {

length := len(src)

padLength := int(src[length-1])

if padLength > aes.BlockSize || length < aes.BlockSize {

return nil, errInvalidPadding

}

return src[:length-padLength], nil

}

// EncryptAndSign (inputPublicKey, inData) MAIN PROCEDURE:

// 1. newPrivateKey, newPubKey := genSecp256k1Keypair()

// 2. encKey, HMACKey := SHA512(ECDH(newPrivateKey, inputPublicKey))

// 3. PaddedIn := PKCSPadding(in)

// 4. OutBytes := IV + newPubKey + AES-256-CBC(encKey, PaddedIn) + HMAC-SHA-256(HMACKey)

func EncryptAndSign(inputPublicKey *asymmetric.PublicKey, inData []byte) ([]byte, error) {

return ec.Encrypt((*ec.PublicKey)(inputPublicKey), inData)

}

// DecryptAndCheck (inputPrivateKey, inData) MAIN PROCEDURE:

// 1. Decrypt the inData

// 2. Verify the HMAC.

func DecryptAndCheck(inputPrivateKey *asymmetric.PrivateKey, inData []byte) ([]byte, error) {

return ec.Decrypt((*ec.PrivateKey)(inputPrivateKey), inData)

}