Exemplo n.º 1
0
// Uses text/plain as the Content-type which may need to change in the future.
// Probably not, though.
func (s *Secret) SetValue(session Session, secret []byte) error {
	switch session.Algorithm {
	case AlgoPlain:
		s.Value = secret
	case AlgoDH:
		block, err := aes.NewCipher(session.Key)
		if err != nil {
			return err
		}
		enc := cipher.NewCBCEncrypter(block, s.Parameters)
		ciphertext := pad.PKCS7Pad(secret, aes.BlockSize)
		s.Value = make([]byte, len(ciphertext))
		enc.CryptBlocks(s.Value, ciphertext)
	default:
		return InvalidSession
	}
	return nil
}
Exemplo n.º 2
0
// PBAesEncryptPtr: AES-based password-based encryption
// Changes the slice supplied itself
func (p *pbe) PBAesEncryptPtr(block *[]byte, password string) error {
	// extract constants
	saltlen := p.pbkdf2_salt_length
	keylen := p.aes_key_length
	blocklen := AES_BLOCK_LENGTH

	// generate salt
	salt, err := rnd.Salt(saltlen)
	if err != nil {
		return err
	}

	// generate IV
	iv, err := rnd.IV(blocklen)
	if err != nil {
		return err
	}

	// generate key
	key := p.PBKDF2Key(password, salt, keylen)

	// pad data block
	*block = pad.PKCS7Pad(*block, blocklen)

	// encrypt it
	err = aes_enc_block(*block, iv, key)
	if err != nil {
		return err
	}

	// join padded block + IV + salt into single buffer
	*block = append(*block, iv...)
	*block = append(*block, salt...)

	return nil
}