当前位置: 首页>>代码示例>>Golang>>正文


Golang AEAD.Open方法代码示例

本文整理汇总了Golang中crypto/cipher.AEAD.Open方法的典型用法代码示例。如果您正苦于以下问题:Golang AEAD.Open方法的具体用法?Golang AEAD.Open怎么用?Golang AEAD.Open使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在crypto/cipher.AEAD的用法示例。


在下文中一共展示了AEAD.Open方法的8个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。

示例1: Decrypt

func (alg *AesGcm) Decrypt(aad, cek, iv, cipherText, authTag []byte) (plainText []byte, err error) {

	cekSizeBits := len(cek) << 3

	if cekSizeBits != alg.keySizeBits {
		return nil, errors.New(fmt.Sprintf("AesGcm.Decrypt(): expected key of size %v bits, but was given %v bits.", alg.keySizeBits, cekSizeBits))
	}

	var block cipher.Block

	if block, err = aes.NewCipher(cek); err != nil {
		return nil, err
	}

	var aesgcm cipher.AEAD

	if aesgcm, err = cipher.NewGCM(block); err != nil {
		return nil, err
	}

	cipherWithTag := append(cipherText, authTag...)

	if plainText, err = aesgcm.Open(nil, iv, cipherWithTag, aad); err != nil {
		return nil, err
	}

	return plainText, nil
}
开发者ID:useidel,项目名称:notary,代码行数:28,代码来源:aes_gcm.go

示例2: DecryptProto

// Decrypts a proto using an AEAD. Unmarshals the result into dst. The result
// should only be considered written if this function returns true.
func DecryptProto(aead cipher.AEAD, msg string, additionalData []byte, dst proto.Message) bool {
	msgBytes, err := base64.RawURLEncoding.DecodeString(msg)
	if err != nil {
		glog.V(2).Infof("Tried to decrypt proto with invalid base64: %v", err)
		return false
	}

	var msgProto pb.EncryptedMessage
	err = proto.Unmarshal(msgBytes, &msgProto)
	if err != nil {
		glog.V(2).Infof("Tried to decrypt proto with invalid pb.EncryptedMessage: %v", err)
		return false
	}

	// Decrypt in-place.
	plaintext := msgProto.Ciphertext
	plaintext, err = aead.Open(plaintext[:0], msgProto.Nonce, msgProto.Ciphertext, additionalData)
	if err != nil {
		glog.V(2).Infof("Failed to decrypt data: %v", err)
		return false
	}

	err = proto.Unmarshal(plaintext, dst)
	if err != nil {
		glog.V(2).Infof("Failed to decrypt proto: %v", err)
		return false
	}

	return true
}
开发者ID:jonathanwei,项目名称:fproxy,代码行数:32,代码来源:crypto.go

示例3: Unwrap

func (alg *AesGcmKW) Unwrap(encryptedCek []byte, key interface{}, cekSizeBits int, header map[string]interface{}) (cek []byte, err error) {
	if kek, ok := key.([]byte); ok {

		kekSizeBits := len(kek) << 3

		if kekSizeBits != alg.keySizeBits {
			return nil, errors.New(fmt.Sprintf("AesGcmKW.Unwrap(): expected key of size %v bits, but was given %v bits.", alg.keySizeBits, kekSizeBits))
		}

		var iv, tag string

		if iv, ok = header["iv"].(string); !ok {
			return nil, errors.New("AesGcmKW.Unwrap(): expected 'iv' param in JWT header, but was not found.")
		}

		if tag, ok = header["tag"].(string); !ok {
			return nil, errors.New("AesGcmKW.Unwrap(): expected 'tag' param in JWT header, but was not found.")
		}

		var ivBytes, tagBytes []byte

		if ivBytes, err = base64url.Decode(iv); err != nil {
			return nil, err
		}

		if tagBytes, err = base64url.Decode(tag); err != nil {
			return nil, err
		}

		var block cipher.Block

		if block, err = aes.NewCipher(kek); err != nil {
			return nil, err
		}

		var aesgcm cipher.AEAD

		if aesgcm, err = cipher.NewGCM(block); err != nil {
			return nil, err
		}

		cipherAndTag := append(encryptedCek, tagBytes...)

		if cek, err = aesgcm.Open(nil, ivBytes, cipherAndTag, nil); err != nil {
			fmt.Printf("err = %v\n", err)
			return nil, err
		}

		return cek, nil
	}

	return nil, errors.New("AesGcmKW.Unwrap(): expected key to be '[]byte' array")
}
开发者ID:useidel,项目名称:notary,代码行数:53,代码来源:aes_gcm_kw.go

示例4: Decrypt

/*
Decrypt decrypts a literal of the form <b64URLmetadata>.<b64URLciphertext>.<b64URLnonce> given an AEAD cipher and
produces a metadata and data string.
*/
func Decrypt(aeadCipher cipher.AEAD, literal string) (string, string, error) {
	var (
		literalSubStrings []string
		metadata          []byte
		ciphertext        []byte
		nonce             []byte
		data              []byte
		err               error
	)

	//Split the literal into its base64 encoded metadata, ciphertext and nonce components
	literalSubStrings = strings.Split(literal, ".")
	if len(literalSubStrings) != 3 {
		return "", "", fmt.Errorf("Bad AEAD Literal: %v\n", literal)
	}

	//Decode the metadata, ciphertext and nonce
	metadata, err = base64.URLEncoding.DecodeString(literalSubStrings[0])
	if err != nil {
		return "", "", fmt.Errorf("Decode metadata failed: %v\n", literal)
	}
	ciphertext, err = base64.URLEncoding.DecodeString(literalSubStrings[1])
	if err != nil {
		return "", "", fmt.Errorf("Decode ciphertext failed: %v\n", literal)
	}
	nonce, err = base64.URLEncoding.DecodeString(literalSubStrings[2])
	if err != nil {
		return "", "", fmt.Errorf("Decode nonce failed: %v\n", literal)
	}

	//Open validates the integrity of the metadata using the authentication code in the ciphertext
	//and, if valid, decrypts the ciphertext
	data, err = aeadCipher.Open(data, nonce, ciphertext, metadata)
	if err != nil {
		return "", "", err
	}
	return string(metadata), string(data), nil
}
开发者ID:develrns,项目名称:resilient,代码行数:42,代码来源:aead.go

示例5: decrypt

// decrypt is used to decrypt a value
func (b *AESGCMBarrier) decrypt(gcm cipher.AEAD, cipher []byte) ([]byte, error) {
	// Verify the epoch
	if cipher[0] != 0 || cipher[1] != 0 || cipher[2] != 0 || cipher[3] != keyEpoch {
		return nil, fmt.Errorf("epoch mis-match")
	}

	// Verify the version byte
	if cipher[4] != aesgcmVersionByte {
		return nil, fmt.Errorf("version bytes mis-match")
	}

	// Capture the parts
	nonce := cipher[5 : 5+gcm.NonceSize()]
	raw := cipher[5+gcm.NonceSize():]
	out := make([]byte, 0, len(raw)-gcm.NonceSize())

	// Attempt to open
	return gcm.Open(out, nonce, raw, nil)
}
开发者ID:beornf,项目名称:vault,代码行数:20,代码来源:barrier_aes_gcm.go

示例6: decrypt

// decrypt is used to decrypt a value
func (b *AESGCMBarrier) decrypt(gcm cipher.AEAD, cipher []byte) ([]byte, error) {
	// Verify the term is always just one
	term := binary.BigEndian.Uint32(cipher[:4])
	if term != initialKeyTerm {
		return nil, fmt.Errorf("term mis-match")
	}

	// Verify the version byte
	if cipher[4] != aesgcmVersionByte {
		return nil, fmt.Errorf("version bytes mis-match")
	}

	// Capture the parts
	nonce := cipher[5 : 5+gcm.NonceSize()]
	raw := cipher[5+gcm.NonceSize():]
	out := make([]byte, 0, len(raw)-gcm.NonceSize())

	// Attempt to open
	return gcm.Open(out, nonce, raw, nil)
}
开发者ID:kgutwin,项目名称:vault,代码行数:21,代码来源:barrier_aes_gcm.go

示例7: decrypt

// decrypt is used to decrypt a value
func (b *AESGCMBarrier) decrypt(path string, gcm cipher.AEAD, cipher []byte) ([]byte, error) {
	// Verify the term is always just one
	term := binary.BigEndian.Uint32(cipher[:4])
	if term != initialKeyTerm {
		return nil, fmt.Errorf("term mis-match")
	}

	// Capture the parts
	nonce := cipher[5 : 5+gcm.NonceSize()]
	raw := cipher[5+gcm.NonceSize():]
	out := make([]byte, 0, len(raw)-gcm.NonceSize())

	// Verify the cipher byte and attempt to open
	switch cipher[4] {
	case AESGCMVersion1:
		return gcm.Open(out, nonce, raw, nil)
	case AESGCMVersion2:
		return gcm.Open(out, nonce, raw, []byte(path))
	default:
		return nil, fmt.Errorf("version bytes mis-match")
	}
}
开发者ID:citywander,项目名称:vault,代码行数:23,代码来源:barrier_aes_gcm.go

示例8: getErrData

func getErrData(aead cipher.AEAD, stream io.Reader) (string, ErrData) {
	// Decode encrypted error from STDIN (json base64 gob)
	var api APIErr
	err := json.NewDecoder(stream).Decode(&api)
	if err != nil {
		panic(err)
	}

	rawdata, err := base64.StdEncoding.DecodeString(api.Data)
	if err != nil {
		panic(err)
	}

	rawdatabuf := bytes.NewBuffer(rawdata)
	encdecoder := gob.NewDecoder(rawdatabuf)

	var encerr EncryptedError
	err = encdecoder.Decode(&encerr)
	if err != nil {
		panic(err)
	}

	errbytes, err := aead.Open(nil, encerr.Nonce, encerr.Ciphertext, nil)
	if err != nil {
		panic(err)
	}

	// Decode error struct from decrypted bytes
	errbuf := bytes.NewBuffer(errbytes)
	errdecoder := gob.NewDecoder(errbuf)

	var errdata ErrData
	err = errdecoder.Decode(&errdata)
	if err != nil {
		panic(err)
	}

	return api.Status, errdata
}
开发者ID:Hamcha,项目名称:oo,代码行数:39,代码来源:main.go


注:本文中的crypto/cipher.AEAD.Open方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。