func (t *DecryptTest) Rfc5297TestCaseA2() { key := aes_testing.FromRfcHex( "7f7e7d7c 7b7a7978 77767574 73727170" + "40414243 44454647 48494a4b 4c4d4e4f") ciphertext := aes_testing.FromRfcHex( "7bdb6e3b 432667eb 06f4d14b ff2fbd0f" + "cb900f2f ddbe4043 26601965 c889bf17" + "dba77ceb 094fa663 b7a3f748 ba8af829" + "ea64ad54 4a272e9c 485b62a3 fd5c0d") associated := [][]byte{ aes_testing.FromRfcHex( "00112233 44556677 8899aabb ccddeeff" + "deaddada deaddada ffeeddcc bbaa9988" + "77665544 33221100"), aes_testing.FromRfcHex( "10203040 50607080 90a0"), aes_testing.FromRfcHex( "09f91102 9d74e35b d84156c5 635688c0"), } expected := aes_testing.FromRfcHex( "74686973 20697320 736f6d65 20706c61" + "696e7465 78742074 6f20656e 63727970" + "74207573 696e6720 5349562d 414553") output, err := siv.Decrypt(key, ciphertext, associated) AssertEq(nil, err) ExpectThat(output, DeepEquals(expected)) }
func (t *DecryptTest) LongKey() { key := make([]byte, 65) ciphertext := make([]byte, 16) _, err := siv.Decrypt(key, ciphertext, nil) ExpectThat(err, Error(HasSubstr("-byte"))) }
func (t *DecryptTest) DoesntClobberAssociatedSlice() { // Grab a test case with some associated data. cases := aes_testing.EncryptCases() AssertGt(len(cases), 1) c := cases[1] AssertEq(len(c.Associated), 1) // Make a copy of the associated data. associated0 := dup(c.Associated[0]) // Create a longer slice with some other data too. associated1 := aes_testing.FromRfcHex("deadbeef") longSlice := [][]byte{ associated0, associated1, } // Call with a slice missing the last element, equivalent to the original // associated data. The last element shouldn't be clobbered. _, err := siv.Decrypt(c.Key, c.Output, longSlice[:1]) AssertEq(nil, err) ExpectThat( longSlice, ElementsAre( DeepEquals(associated0), DeepEquals(associated1), )) }
func (c *sivCrypter) Decrypt(ciphertext []byte) ([]byte, error) { plaintext, err := siv.Decrypt(c.key, ciphertext, nil) if _, ok := err.(*siv.NotAuthenticError); ok { err = &NotAuthenticError{err.Error()} } return plaintext, err }
// Open decrypts "in" using "nonce" and "authData" and append the result to "dst" func (s *sivAead) Open(dst, nonce, ciphertext, authData []byte) ([]byte, error) { if len(nonce) != 16 { // SIV supports any nonce size, but in gocryptfs we exclusively use 16. log.Panic("nonce must be 16 bytes long") } associated := [][]byte{authData, nonce} dec, err := siv.Decrypt(s.key, ciphertext, associated) return append(dst, dec...), err }
func (t *DecryptTest) TooMuchAssociatedData() { key := make([]byte, 64) ciphertext := make([]byte, 16) associated := make([][]byte, 127) _, err := siv.Decrypt(key, ciphertext, associated) ExpectThat(err, Error(HasSubstr("associated"))) ExpectThat(err, Error(HasSubstr("126"))) }
func (t *DecryptTest) ShortCiphertext() { key := make([]byte, 64) ciphertext := make([]byte, 15) _, err := siv.Decrypt(key, ciphertext, nil) ExpectThat(err, Error(HasSubstr("Invalid"))) ExpectThat(err, Error(HasSubstr("ciphertext"))) ExpectThat(err, Error(HasSubstr("length"))) }
func (t *DecryptTest) GeneratedTestCases() { cases := aes_testing.EncryptCases() AssertGe(len(cases), 100) for i, c := range cases { plaintext, err := siv.Decrypt(c.Key, c.Output, c.Associated) AssertEq(nil, err, "Case %d: %v", i, c) ExpectThat(plaintext, DeepEquals(c.Plaintext), "Case %d: %v", i, c) } }
func DecryptCommands(cmds g.Commands, key []byte) (g.Commands, error) { assoc := make([][]byte, 0) for i, c := range cmds { com, err := siv.Decrypt(key, []byte(c), assoc) if err != nil { return nil, err } cmds[i] = g.Command(com) } return cmds, nil }
func DecryptInvocations(cmds g.Invocations, key []byte) (g.Invocations, error) { assoc := make([][]byte, 0) for i, c := range cmds { com, err := siv.Decrypt(key, []byte(c.Command), assoc) dir, err := siv.Decrypt(key, []byte(c.Directory), assoc) host, err := siv.Decrypt(key, []byte(c.Host), assoc) shell, err := siv.Decrypt(key, []byte(c.Shell), assoc) user, err := siv.Decrypt(key, []byte(c.User), assoc) tags := make([]string, 0) for _, tag := range c.Tags { if len(tag) > 0 { t, err := siv.Decrypt(key, []byte(tag), assoc) if err != nil { return nil, err } tags = append(tags, string(t)) } } if err != nil { return nil, err } cmds[i].Command = string(com) cmds[i].Directory = string(dir) cmds[i].Host = string(host) cmds[i].Shell = string(shell) cmds[i].User = string(user) cmds[i].Tags = tags } return cmds, nil }
func (t *DecryptTest) CorruptedCiphertext() { // Grab a test case. cases := aes_testing.EncryptCases() AssertGt(len(cases), 10) c := cases[10] // Corrupt its ciphertext and call. AssertGt(len(c.Output), 19) c.Output[19]++ _, err := siv.Decrypt(c.Key, c.Output, c.Associated) ExpectThat(err, Error(HasSubstr("authentic"))) _, ok := err.(*siv.NotAuthenticError) ExpectTrue(ok, "Not an instance of *NotAuthenticError.") }
func (t *DecryptTest) WrongKey() { // Grab a test case. cases := aes_testing.EncryptCases() AssertGt(len(cases), 1) c := cases[1] // Corrupt its key and call. AssertGt(len(c.Key), 13) c.Key[13]++ _, err := siv.Decrypt(c.Key, c.Output, c.Associated) ExpectThat(err, Error(HasSubstr("authentic"))) _, ok := err.(*siv.NotAuthenticError) ExpectTrue(ok, "Not an instance of *NotAuthenticError.") }
func (t *DecryptTest) Rfc5297TestCaseA1() { key := aes_testing.FromRfcHex( "fffefdfc fbfaf9f8 f7f6f5f4 f3f2f1f0" + "f0f1f2f3 f4f5f6f7 f8f9fafb fcfdfeff") ciphertext := aes_testing.FromRfcHex( "85632d07 c6e8f37f 950acd32 0a2ecc93" + "40c02b96 90c4dc04 daef7f6a fe5c") associated := [][]byte{ aes_testing.FromRfcHex( "10111213 14151617 18191a1b 1c1d1e1f" + "20212223 24252627"), } expected := aes_testing.FromRfcHex( "11223344 55667788 99aabbcc ddee") output, err := siv.Decrypt(key, ciphertext, associated) AssertEq(nil, err) ExpectThat(output, DeepEquals(expected)) }
func benchmarkDecrypt( b *testing.B, size int) { var err error // Generate the appropriate amount of random data. plaintext := make([]byte, size) _, err = rand.Read(plaintext) if err != nil { b.Fatalf("rand.Read: %v", err) } // Create a random key. const keyLen = 32 key := make([]byte, keyLen) _, err = rand.Read(key) if err != nil { b.Fatalf("rand.Read: %v", err) } // Encrypt it. ciphertext, err := siv.Encrypt(nil, key, plaintext, nil) if err != nil { b.Fatalf("Encrypt: %v", err) } // Repeatedly decrypt it. b.ResetTimer() for i := 0; i < b.N; i++ { _, err = siv.Decrypt(key, ciphertext, nil) if err != nil { b.Fatalf("Decrypt: %v", err) } } b.SetBytes(int64(size)) }