예제 #1
0
// AES256CBCDecrypt decrypts the given ciphertext with AES-256 in CBC mode and
// returns the resulting plaintext. The supplied key must be 32 bytes long and
// the ciphertext must be prepended by the corresponding IV.
func AES256CBCDecrypt(key, ciphertext []byte) (plaintext []byte) {
	if len(key) != 32 {
		panic(log.Critical("cipher: AES-256 key is not 32 bytes long"))
	}
	block, _ := aes.NewCipher(key) // correct key length was enforced above

	// The IV needs to be unique, but not secure. Therefore it's common to
	// include it at the beginning of the ciphertext.
	if len(ciphertext) < aes.BlockSize {
		panic(log.Critical("cipher: ciphertext too short"))
	}
	iv := ciphertext[:aes.BlockSize]
	ciphertext = ciphertext[aes.BlockSize:]
	plaintext = make([]byte, len(ciphertext))

	// CBC mode always works in whole blocks.
	if len(ciphertext)%aes.BlockSize != 0 {
		panic(log.Critical("cipher: ciphertext is not a multiple of the block size"))
	}

	mode := cipher.NewCBCDecrypter(block, iv)

	// CryptBlocks can work in-place if the two arguments are the same.
	mode.CryptBlocks(plaintext, ciphertext)

	return
}
예제 #2
0
// AES256CBCEncrypt encrypts the given plaintext with AES-256 in CBC mode.
// The supplied key must be 32 bytes long.
// The returned ciphertext is prepended by a randomly generated IV.
func AES256CBCEncrypt(key, plaintext []byte, rand io.Reader) (ciphertext []byte) {
	if len(key) != 32 {
		panic(log.Critical("cipher: AES-256 key is not 32 bytes long"))
	}
	block, _ := aes.NewCipher(key) // correct key length was enforced above

	// CBC mode works on blocks so plaintexts may need to be padded to the
	// next whole block. For an example of such padding, see
	// https://tools.ietf.org/html/rfc5246#section-6.2.3.2. Here we'll
	// assume that the plaintext is already of the correct length.
	if len(plaintext)%aes.BlockSize != 0 {
		panic(log.Critical("cipher: plaintext is not a multiple of the block size"))
	}

	// The IV needs to be unique, but not secure. Therefore it's common to
	// include it at the beginning of the ciphertext.
	ciphertext = make([]byte, aes.BlockSize+len(plaintext))
	iv := ciphertext[:aes.BlockSize]
	_, err := io.ReadFull(rand, iv)
	if err != nil {
		panic(log.Critical(err))
	}

	mode := cipher.NewCBCEncrypter(block, iv)
	mode.CryptBlocks(ciphertext[aes.BlockSize:], plaintext)

	return
}
예제 #3
0
// AES256CTRStream creates a new AES-256 stream in CTR mode.
// The supplied key must be 32 bytes long and the iv 16 bytes.
func AES256CTRStream(key, iv []byte) cipher.Stream {
	if len(key) != 32 {
		panic(log.Critical("cipher: AES-256 key is not 32 bytes long"))
	}
	if len(iv) != 16 {
		panic(log.Critical("cipher: AES-256 IV is not 16 bytes long"))
	}
	block, _ := aes.NewCipher(key) // correct key length was enforced above
	return cipher.NewCTR(block, iv)
}
예제 #4
0
// This example shows when and how to use the critical log level.
func Example_critical() {
	alwaysFalseCondition := false
	// ...
	if alwaysFalseCondition {
		panic(log.Critical("package name: this condition should never be true"))
	}
}
예제 #5
0
// RandPass returns a random 256-bit password in base64 encoding.
func RandPass(rand io.Reader) string {
	var pass = make([]byte, 32)
	if _, err := io.ReadFull(rand, pass); err != nil {
		panic(log.Critical(err))
	}
	return base64.Encode(pass)
}
예제 #6
0
파일: uid.go 프로젝트: JonathanLogan/mute
// Domain returns the domain of the uid identity.
func (msg *Message) Domain() string {
	_, domain, err := identity.Split(msg.UIDContent.IDENTITY)
	if err != nil {
		// UID messages have to be valid
		panic(log.Critical(err))
	}
	return domain
}
예제 #7
0
파일: uid.go 프로젝트: JonathanLogan/mute
// Localpart returns the localpart of the uid identity.
func (msg *Message) Localpart() string {
	lp, _, err := identity.Split(msg.UIDContent.IDENTITY)
	if err != nil {
		// UID messages have to be valid
		panic(log.Critical(err))
	}
	return lp
}
예제 #8
0
// ToUint16 converts the byte slice b of length 2 to an uint16.
// If b does not have length 2 the function panics.
func ToUint16(b []byte) (u uint16) {
	if len(b) != 2 {
		panic(log.Critical("encode: ToUint16(): len(b) != 2"))
	}
	u = uint16(b[1])<<8 |
		uint16(b[0])
	return
}
예제 #9
0
파일: nonce.go 프로젝트: JonathanLogan/mute
// Nonce generates a random nonce.
func Nonce(rand io.Reader) []byte {
	var b = make([]byte, 8)
	_, err := io.ReadFull(rand, b)
	if err != nil {
		panic(log.Critical(err))
	}
	return b
}
예제 #10
0
func (ce *CtrlEngine) getID(c *cli.Context) string {
	id := c.String("id")
	if id == "" && interactive {
		active, err := ce.msgDB.GetValue(msgdb.ActiveUID)
		if err != nil {
			panic(log.Critical(err))
		}
		id = active
	}
	return id
}
예제 #11
0
// AES256CTREncrypt encrypts the given plaintext with AES-256 in CTR mode.
// The supplied key must be 32 bytes long.
// The returned ciphertext is prepended by a randomly generated IV.
func AES256CTREncrypt(key, plaintext []byte, rand io.Reader) (ciphertext []byte) {
	if len(key) != 32 {
		panic(log.Critical("cipher: AES-256 key is not 32 bytes long"))
	}
	block, _ := aes.NewCipher(key) // correct key length was enforced above

	// The IV needs to be unique, but not secure. Therefore it's common to
	// include it at the beginning of the ciphertext.
	ciphertext = make([]byte, aes.BlockSize+len(plaintext))
	iv := ciphertext[:aes.BlockSize]
	_, err := io.ReadFull(rand, iv)
	if err != nil {
		panic(log.Critical(err))
	}

	stream := cipher.NewCTR(block, iv)
	stream.XORKeyStream(ciphertext[aes.BlockSize:], plaintext)

	return
}
예제 #12
0
// AES256CTRDecrypt decrypts the given ciphertext with AES-256 in CTR mode and
// returns the resulting plaintext. The supplied key must be 32 bytes long and
// the ciphertext must be prepended by the corresponding IV.
func AES256CTRDecrypt(key, ciphertext []byte) (plaintext []byte) {
	if len(key) != 32 {
		panic(log.Critical("cipher: AES-256 key is not 32 bytes long"))
	}
	block, _ := aes.NewCipher(key) // correct key length was enforced above

	// The IV needs to be unique, but not secure. Therefore it's common to
	// include it at the beginning of the ciphertext.
	if len(ciphertext) < aes.BlockSize {
		panic(log.Critical("cipher: ciphertext too short"))
	}
	iv := ciphertext[:aes.BlockSize]
	ciphertext = ciphertext[aes.BlockSize:]
	plaintext = make([]byte, len(ciphertext))

	stream := cipher.NewCTR(block, iv)
	stream.XORKeyStream(plaintext, ciphertext)

	return
}
예제 #13
0
// HasSession implements corresponding method for msg.KeyStore interface.
func (ce *CryptEngine) HasSession(sessionKey string) bool {
	_, _, _, err := ce.keyDB.GetSession(sessionKey)
	switch {
	case err == sql.ErrNoRows:
		return false
	case err != nil:
		// TODO: handle this without panic!
		panic(log.Critical(err))
	}
	return true
}
예제 #14
0
파일: uid.go 프로젝트: JonathanLogan/mute
func marshalSorted(strct interface{}) []byte {
	// convert the struct to map before the JSON encoding, because maps are
	// automatically sorted and structs are not
	m := structs.Map(strct)
	jsn, err := json.Marshal(m)
	if err != nil {
		// There should be not way this can happen, but better less than 100%
		// test coverage than an uncaught error.
		panic(log.Critical(err))
	}
	return jsn
}
예제 #15
0
// ToUint64 converts the byte slice b of length 8 to an uint64.
// If b does not have length 8 the function panics.
func ToUint64(b []byte) (u uint64) {
	if len(b) != 8 {
		panic(log.Critical("encode: ToUint64(): len(b) != 8"))
	}
	u = uint64(b[7])<<56 |
		uint64(b[6])<<48 |
		uint64(b[5])<<40 |
		uint64(b[4])<<32 |
		uint64(b[3])<<24 |
		uint64(b[2])<<16 |
		uint64(b[1])<<8 |
		uint64(b[0])
	return
}