Exemplo n.º 1
0
// PBAesDecryptPtr: AES-based password-based decryption
// Changes the slice supplied itself
func (p *pbe) PBAesDecryptPtr(block *[]byte, password string) error {
	// extract constants
	saltlen := p.pbkdf2_salt_length
	keylen := p.aes_key_length
	blocklen := AES_BLOCK_LENGTH

	// define indexes
	salt_idx := len(*block) - saltlen
	iv_idx := salt_idx - blocklen

	// extract salt & IV
	salt := (*block)[salt_idx:]
	iv := (*block)[iv_idx:salt_idx]

	// restore key
	key := PBKDF2Key(password, salt, keylen)

	// remove salt & IV
	*block = (*block)[:iv_idx]

	// decrypt
	err := aes_dec_block(*block, iv, key)
	if err != nil {
		return err
	}

	// remove padding
	*block, err = pad.PKCS7Unpad(*block)

	return err
}
Exemplo n.º 2
0
// This method is specific to the bindings
func (s *Secret) GetValue(session Session) ([]byte, error) {
	switch session.Algorithm {
	case AlgoPlain:
		return s.Value, nil
	case AlgoDH:
		paddedPlaintext := make([]byte, len(s.Value))
		block, err := aes.NewCipher(session.Key)
		if err != nil {
			return []byte{}, err
		}
		dec := cipher.NewCBCDecrypter(block, s.Parameters)
		dec.CryptBlocks(paddedPlaintext, s.Value)
		return pad.PKCS7Unpad(paddedPlaintext)
	default:
		return []byte{}, InvalidSession
	}
}