Beispiel #1
0
// Decrypt takes data and a key and outputs decrypted data and any possible errors
// The key can be any length or empty (not recommended).  A SHA-512/256 key is generated
// from the supplied key ensuring the 32 byte AES-256 key length requirement is met.
// Once decrypted, the data is decompressed using gzip.
func Decrypt(data []byte, key []byte) ([]byte, error) {

	// should never happen
	if len(data) < aes.BlockSize {
		return nil, errors.New("insufficient data to decrypt")
	}

	// generate a 32 byte key from the variable length key supplied
	// Sum512_256 == 32 byte key == aes256
	aes256Key := sha512.Sum512_256(key)

	block, err := aes.NewCipher(aes256Key[:])
	if err != nil {
		return nil, err
	}

	iv := data[:aes.BlockSize]
	dectext := data[aes.BlockSize:]
	cfb := cipher.NewCFBDecrypter(block, iv)
	cfb.XORKeyStream(dectext, dectext)

	r, err := gzip.NewReader(bytes.NewReader(dectext))
	if err != nil {
		return nil, err
	}

	data, err = ioutil.ReadAll(r)
	if err != nil {
		return nil, err
	}

	// trim off key that was prepended during encryption
	return data[len(aes256Key):], nil

}
Beispiel #2
0
func (i *ImageManifest) Hashes() map[string]string {
	i.hashesOnce.Do(func() {
		digest := sha512.Sum512_256(i.RawManifest())
		i.hashes = map[string]string{"sha512_256": hex.EncodeToString(digest[:])}
	})
	return i.hashes
}
Beispiel #3
0
// Benchmarks SHA512/256 on 16K of random data.
func BenchmarkSHA512_256(b *testing.B) {
	data, err := ioutil.ReadFile("testdata/random")
	if err != nil {
		b.Fatal(err)
	}
	b.SetBytes(int64(len(data)))
	for i := 0; i < b.N; i++ {
		_ = sha512.Sum512_256(data)
	}
}
Beispiel #4
0
func main() {
	msg := []byte("Taichi Nakashima")

	checksum256 := sha256.Sum256(msg)
	fmt.Printf("Length (SHA-256): %d byte (%d bits)\n", len(checksum256), len(checksum256)*8)
	fmt.Printf("Output (SHA-256): %x\n\n", checksum256)

	checksum512 := sha512.Sum512(msg)
	fmt.Printf("Length (SHA-512): %d byte (%d bits)\n", len(checksum512), len(checksum512)*8)
	fmt.Printf("Output (SHA-512): %x\n\n", checksum512)

	checksum512_256 := sha512.Sum512_256(msg)
	fmt.Printf("Length (SHA-512/256): %d byte (%d bits)\n", len(checksum512_256), len(checksum512_256)*8)
	fmt.Printf("Output (SHA-512/256): %x\n\n", checksum512_256)
}
Beispiel #5
0
func doHash(p *[]byte, digest string) {
	if digest == "sha512" {
		var hash [sha512.Size]byte
		hash = sha512.Sum512(*p)
		fmt.Printf("%x\n", hash)

	} else if digest == "sha384" {
		var hash [sha512.Size384]byte
		hash = sha512.Sum384(*p)
		fmt.Printf("%x\n", hash)
	} else if digest != "" {
		fmt.Println("Unknown algorithm, we only support sha256, sha384, and sha512")
	} else {
		var hash [sha512.Size256]byte
		hash = sha512.Sum512_256(*p)
		fmt.Printf("%x\n", hash)
	}

}
Beispiel #6
0
// Encrypt takes data and a key and outputs encrypted data and any possible errors
// The key can be any length or empty (not recommended).  The data can be any length
// or empty.  A SHA-512/256 key is generated from the supplied key ensuring the
// 32 byte AES-256 key length requirement is met.  The data is compressed using
// gzip prior to encryption.  Raw byte output will need to be hex/base64 encoded
// before it is printable.
func Encrypt(data []byte, key []byte) ([]byte, error) {

	// generate a 32 byte key from the variable length key supplied
	// Sum512_256 == 32 byte key == aes256
	aes256Key := sha512.Sum512_256(key)

	block, err := aes.NewCipher(aes256Key[:])
	if err != nil {
		return nil, err
	}

	buf := &bytes.Buffer{}
	w, err := gzip.NewWriterLevel(buf, gzip.BestCompression)
	if err != nil {
		return nil, err
	}
	// we always encrypt the key with the data
	// to ensure that enough data is encrypted.
	// this allows encrypting empty or small strings safely.
	// it is trimmed from the output in decrypt
	if _, err := w.Write(aes256Key[:]); err != nil {
		return nil, err
	}
	if _, err := w.Write(data); err != nil {
		return nil, err
	}
	if err := w.Close(); err != nil {
		return nil, err
	}

	ciphertext := make([]byte, aes.BlockSize+buf.Len())

	iv := ciphertext[:aes.BlockSize]
	if _, err := io.ReadFull(rand.Reader, iv); err != nil {
		return nil, err
	}

	cfb := cipher.NewCFBEncrypter(block, iv)
	cfb.XORKeyStream(ciphertext[aes.BlockSize:], buf.Bytes())

	return ciphertext, nil

}
Beispiel #7
0
func shasum(data *[]byte, algorithm string) (interface{}, error) {
	var sum interface{}
	switch strings.ToLower(algorithm) {
	case "md5":
		sum = md5.Sum(*data)
	case "1":
		sum = sha1.Sum(*data)
	case "224":
		sum = sha256.Sum224(*data)
	case "256":
		sum = sha256.Sum256(*data)
	case "384":
		sum = sha512.Sum384(*data)
	case "512":
		sum = sha512.Sum512(*data)
	case "512224":
		sum = sha512.Sum512_224(*data)
	case "512256":
		sum = sha512.Sum512_256(*data)
	default:
		return nil, errors.New("unsupported algorithm")
	}
	return sum, nil
}
Beispiel #8
0
func hashPasswd(passwd string) string {
	return fmt.Sprintf("%x", sha512.Sum512_256([]byte(passwd)))
}
Beispiel #9
0
// Hash performs a one-way hash on data using SHA-512/256.
func Hash(data []byte) [DigestSize]byte {
	digest := sha512.Sum512_256(data)
	return digest
}
Beispiel #10
0
func NewSHA512256(payloadLen int) func() {
	input := NewRand(payloadLen)

	return func() { sha512.Sum512_256(input) }
}