當前位置: 首頁>>代碼示例>>Golang>>正文


Golang AEAD.NonceSize方法代碼示例

本文整理匯總了Golang中crypto/cipher.AEAD.NonceSize方法的典型用法代碼示例。如果您正苦於以下問題:Golang AEAD.NonceSize方法的具體用法?Golang AEAD.NonceSize怎麽用?Golang AEAD.NonceSize使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在crypto/cipher.AEAD的用法示例。


在下文中一共展示了AEAD.NonceSize方法的11個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Golang代碼示例。

示例1: encrypt

func (c AesContentCipher) encrypt(cek, plaintext, aad []byte) (iv, ciphertext, tag []byte, err error) {
	var aead cipher.AEAD
	aead, err = c.AeadFetch(cek)
	if err != nil {
		if debug.Enabled {
			debug.Printf("AeadFetch failed: %s", err)
		}
		err = fmt.Errorf("failed to fetch AEAD: %s", err)
		return
	}

	// Seal may panic (argh!), so protect ourselves from that
	defer func() {
		if e := recover(); e != nil {
			switch e.(type) {
			case error:
				err = e.(error)
			case string:
				err = errors.New(e.(string))
			default:
				err = fmt.Errorf("%s", e)
			}
			return
		}
	}()

	var bs ByteSource
	if c.NonceGenerator == nil {
		bs, err = NewRandomKeyGenerate(aead.NonceSize()).KeyGenerate()
	} else {
		bs, err = c.NonceGenerator.KeyGenerate()
	}
	if err != nil {
		return
	}
	iv = bs.Bytes()

	combined := aead.Seal(nil, iv, plaintext, aad)
	tagoffset := len(combined) - c.TagSize()
	if debug.Enabled {
		debug.Printf("tagsize = %d", c.TagSize())
	}
	tag = combined[tagoffset:]
	ciphertext = make([]byte, tagoffset)
	copy(ciphertext, combined[:tagoffset])

	if debug.Enabled {
		debug.Printf("encrypt: combined   = %x (%d)\n", combined, len(combined))
		debug.Printf("encrypt: ciphertext = %x (%d)\n", ciphertext, len(ciphertext))
		debug.Printf("encrypt: tag        = %x (%d)\n", tag, len(tag))
		debug.Printf("finally ciphertext = %x\n", ciphertext)
	}
	return
}
開發者ID:lestrrat,項目名稱:go-jwx,代碼行數:54,代碼來源:cipher.go

示例2: benchmarkAEAD

func benchmarkAEAD(b *testing.B, c cipher.AEAD) {
	b.SetBytes(benchSize)
	input := make([]byte, benchSize)
	output := make([]byte, benchSize)
	nonce := make([]byte, c.NonceSize())
	counter := 0
	t := time.Now()
	b.ResetTimer()
	for i := 0; i < b.N; i++ {
		c.Seal(output[:0], nonce, input, nil)
		counter += len(output)
	}
	ts := time.Since(t)
	b.Logf("aes-gcm speed: %.2f Mbit/s", float64(counter)*8/ts.Seconds()/1024/1024)
}
開發者ID:meshbird,項目名稱:meshbird,代碼行數:15,代碼來源:crypt_test.go

示例3: EncryptProto

// Encrypt a proto using an AEAD.
func EncryptProto(aead cipher.AEAD, msg proto.Message, additionalData []byte) string {
	plaintext := MarshalProtoOrPanic(msg)

	nonce := getNonce(aead.NonceSize())

	// Encrypt in-place.
	ciphertext := plaintext
	ciphertext = aead.Seal(ciphertext[:0], nonce, plaintext, additionalData)

	outBytes := MarshalProtoOrPanic(&pb.EncryptedMessage{
		Nonce:      nonce,
		Ciphertext: ciphertext,
	})

	// Return base64'd, so that the output is ASCII-safe.
	return base64.RawURLEncoding.EncodeToString(outBytes)
}
開發者ID:jonathanwei,項目名稱:fproxy,代碼行數:18,代碼來源:crypto.go

示例4: encrypt

// encrypt is used to encrypt a value
func (b *AESGCMBarrier) encrypt(path string, term uint32, gcm cipher.AEAD, plain []byte) []byte {
	// Allocate the output buffer with room for tern, version byte,
	// nonce, GCM tag and the plaintext
	capacity := termSize + 1 + gcm.NonceSize() + gcm.Overhead() + len(plain)
	size := termSize + 1 + gcm.NonceSize()
	out := make([]byte, size, capacity)

	// Set the key term
	binary.BigEndian.PutUint32(out[:4], term)

	// Set the version byte
	out[4] = b.currentAESGCMVersionByte

	// Generate a random nonce
	nonce := out[5 : 5+gcm.NonceSize()]
	rand.Read(nonce)

	// Seal the output
	switch b.currentAESGCMVersionByte {
	case AESGCMVersion1:
		out = gcm.Seal(out, nonce, plain, nil)
	case AESGCMVersion2:
		out = gcm.Seal(out, nonce, plain, []byte(path))
	default:
		panic("Unknown AESGCM version")
	}

	return out
}
開發者ID:citywander,項目名稱:vault,代碼行數:30,代碼來源:barrier_aes_gcm.go

示例5: Encrypt

/*
Encrypt generates a literal of the form <b64URLmetadata>.<b64URLciphertext>.<b64URLnonce> given an AEAD cipher, a metadata string and a data
string. Only the data is encrypted - the metadata must be appropriate to expose in the clear. Each call generates a random
nonce of the length required by the cipher.
*/
func Encrypt(aeadCipher cipher.AEAD, metadata, data string) (string, error) {

	var (
		nonce         = make([]byte, aeadCipher.NonceSize())
		ciphertext    []byte
		b64metadata   []byte
		b64ciphertext []byte
		b64nonce      []byte
		buf           bytes.Buffer
		err           error
	)

	//A nonce of the length required by the AEAD is generated
	_, err = rand.Read(nonce)
	if err != nil {
		return "", err
	}

	//Seal encrypts the data using the aeadCipher's key and the nonce and appends an authentication code for the metadata
	ciphertext = aeadCipher.Seal(ciphertext, nonce, []byte(data), []byte(metadata))

	//Base64 Encode metadata, ciphertext and nonce
	b64metadata = make([]byte, base64.URLEncoding.EncodedLen(len([]byte(metadata))))
	base64.URLEncoding.Encode(b64metadata, []byte(metadata))
	b64ciphertext = make([]byte, base64.URLEncoding.EncodedLen(len(ciphertext)))
	base64.URLEncoding.Encode(b64ciphertext, ciphertext)
	b64nonce = make([]byte, base64.URLEncoding.EncodedLen(len(nonce)))
	base64.URLEncoding.Encode(b64nonce, nonce)

	//Compose a <b64URLmetadata>.<b64URLciphertext>.<b64URLnonce> literal
	buf.Write(b64metadata)
	buf.Write([]byte("."))
	buf.Write(b64ciphertext)
	buf.Write([]byte("."))
	buf.Write(b64nonce)

	//Return the AEAD literal
	return string(buf.Bytes()), nil
}
開發者ID:develrns,項目名稱:resilient,代碼行數:44,代碼來源:aead.go

示例6: decrypt

// decrypt is used to decrypt a value
func (b *AESGCMBarrier) decrypt(gcm cipher.AEAD, cipher []byte) ([]byte, error) {
	// Verify the epoch
	if cipher[0] != 0 || cipher[1] != 0 || cipher[2] != 0 || cipher[3] != keyEpoch {
		return nil, fmt.Errorf("epoch mis-match")
	}

	// Verify the version byte
	if cipher[4] != aesgcmVersionByte {
		return nil, fmt.Errorf("version bytes mis-match")
	}

	// Capture the parts
	nonce := cipher[5 : 5+gcm.NonceSize()]
	raw := cipher[5+gcm.NonceSize():]
	out := make([]byte, 0, len(raw)-gcm.NonceSize())

	// Attempt to open
	return gcm.Open(out, nonce, raw, nil)
}
開發者ID:beornf,項目名稱:vault,代碼行數:20,代碼來源:barrier_aes_gcm.go

示例7: decrypt

// decrypt is used to decrypt a value
func (b *AESGCMBarrier) decrypt(gcm cipher.AEAD, cipher []byte) ([]byte, error) {
	// Verify the term is always just one
	term := binary.BigEndian.Uint32(cipher[:4])
	if term != initialKeyTerm {
		return nil, fmt.Errorf("term mis-match")
	}

	// Verify the version byte
	if cipher[4] != aesgcmVersionByte {
		return nil, fmt.Errorf("version bytes mis-match")
	}

	// Capture the parts
	nonce := cipher[5 : 5+gcm.NonceSize()]
	raw := cipher[5+gcm.NonceSize():]
	out := make([]byte, 0, len(raw)-gcm.NonceSize())

	// Attempt to open
	return gcm.Open(out, nonce, raw, nil)
}
開發者ID:kgutwin,項目名稱:vault,代碼行數:21,代碼來源:barrier_aes_gcm.go

示例8: encrypt

// encrypt is used to encrypt a value
func (b *AESGCMBarrier) encrypt(term uint32, gcm cipher.AEAD, plain []byte) []byte {
	// Allocate the output buffer with room for tern, version byte,
	// nonce, GCM tag and the plaintext
	capacity := termSize + 1 + gcm.NonceSize() + gcm.Overhead() + len(plain)
	size := termSize + 1 + gcm.NonceSize()
	out := make([]byte, size, capacity)

	// Set the key term
	binary.BigEndian.PutUint32(out[:4], term)

	// Set the version byte
	out[4] = aesgcmVersionByte

	// Generate a random nonce
	nonce := out[5 : 5+gcm.NonceSize()]
	rand.Read(nonce)

	// Seal the output
	out = gcm.Seal(out, nonce, plain, nil)
	return out
}
開發者ID:kgutwin,項目名稱:vault,代碼行數:22,代碼來源:barrier_aes_gcm.go

示例9: encrypt

// encrypt is used to encrypt a value
func (b *AESGCMBarrier) encrypt(gcm cipher.AEAD, plain []byte) []byte {
	// Allocate the output buffer with room for epoch, version byte,
	// nonce, GCM tag and the plaintext
	capacity := epochSize + 1 + gcm.NonceSize() + gcm.Overhead() + len(plain)
	size := epochSize + 1 + gcm.NonceSize()
	out := make([]byte, size, capacity)

	// Set the epoch to 1
	out[3] = keyEpoch

	// Set the version byte
	out[4] = aesgcmVersionByte

	// Generate a random nonce
	nonce := out[5 : 5+gcm.NonceSize()]
	rand.Read(nonce)

	// Seal the output
	out = gcm.Seal(out, nonce, plain, nil)
	return out
}
開發者ID:beornf,項目名稱:vault,代碼行數:22,代碼來源:barrier_aes_gcm.go

示例10: decrypt

// decrypt is used to decrypt a value
func (b *AESGCMBarrier) decrypt(path string, gcm cipher.AEAD, cipher []byte) ([]byte, error) {
	// Verify the term is always just one
	term := binary.BigEndian.Uint32(cipher[:4])
	if term != initialKeyTerm {
		return nil, fmt.Errorf("term mis-match")
	}

	// Capture the parts
	nonce := cipher[5 : 5+gcm.NonceSize()]
	raw := cipher[5+gcm.NonceSize():]
	out := make([]byte, 0, len(raw)-gcm.NonceSize())

	// Verify the cipher byte and attempt to open
	switch cipher[4] {
	case AESGCMVersion1:
		return gcm.Open(out, nonce, raw, nil)
	case AESGCMVersion2:
		return gcm.Open(out, nonce, raw, []byte(path))
	default:
		return nil, fmt.Errorf("version bytes mis-match")
	}
}
開發者ID:citywander,項目名稱:vault,代碼行數:23,代碼來源:barrier_aes_gcm.go

示例11: fixNonce

func fixNonce(gcm cipher.AEAD, nonce []byte) []byte {
	realNonce := make([]byte, gcm.NonceSize())
	copy(realNonce, nonce)
	return realNonce
}
開發者ID:logan,項目名稱:heim,代碼行數:5,代碼來源:aesgcm.go


注:本文中的crypto/cipher.AEAD.NonceSize方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。