go_sshkeys/cipher/aes/aes128/cbc/funcs.go

package cbc

import (
	"bytes"
	gCipher "crypto/cipher"

	"r00t2.io/sshkeys/internal"
	"r00t2.io/sshkeys/internal/ciphers/aesCommon"
)

// Setup populates a Cipher from a key. The key must include the IV suffixed to the actual key.
func (c *Cipher) Setup(key []byte) (err error) {

	if c == nil {
		*c = Cipher{
			&aesCommon.AesCipher{},
		}
	}

	if err = c.CipherSetup(key, aesCommon.Aes128Bits); err != nil {
		return
	}

	return
}

// Name returns the name as used in the key file bytes.
func (c *Cipher) Name() (name string) {

	name = Name

	return
}

// NameBytes returns the byte form of Cipher.Name with leading bytecount allocator.
func (c *Cipher) NameBytes() (name []byte) {

	var err error

	if name, err = internal.PackBytes(Name); err != nil {
		return
	}

	return
}

/*
	Encrypt encrypts data (a string, []byte, byte, *bytes.Buffer, or *bytes.Reader) to the *bytes.Reader encrypted.

	NOTE: Padding IS applied automatically.

	NOTE: If data is a *bytes.Buffer, no bytes will be consumed -- the bytes are taken in entirety without consuming them (Buffer.Bytes()).
		  It is up to the caller to consume the buffer as desired beforehand or isolate to a specific sub-buffer beforehand to pass to Cipher.Encrypt.

	NOTE: If data is a *bytes.Reader, ALL bytes WILL be consumed.
*/
func (c *Cipher) Encrypt(data interface{}) (encrypted *bytes.Reader, err error) {

	var padded []byte
	var cryptDst []byte
	var cryptBlock gCipher.Block
	var crypter gCipher.BlockMode

	if cryptDst, padded, cryptBlock, err = c.GetCryptBlock(data); err != nil {
		return
	}

	crypter = gCipher.NewCBCEncrypter(cryptBlock, c.IV)

	crypter.CryptBlocks(cryptDst, padded)

	encrypted = bytes.NewReader(cryptDst)

	return
}

/*
	AllocateEncrypt is the same as Cipher.Encrypt but includes an unencrypted byte allocator prefix.

	NOTE: Padding IS applied automatically.

	NOTE: If data is a *bytes.Buffer, no bytes will be consumed -- the bytes are taken in entirety without consuming them (Buffer.Bytes()).
		  It is up to the caller to consume the buffer as desired beforehand or isolate to a specific sub-buffer beforehand to pass to Cipher.AllocateEncrypt.

	NOTE: If data is a *bytes.Reader, ALL bytes WILL be consumed.
*/
func (c *Cipher) AllocateEncrypt(data interface{}) (encrypted *bytes.Reader, err error) {

	var b *bytes.Reader
	var buf *bytes.Buffer = new(bytes.Buffer)
	var alloc []byte = make([]byte, 4)

	if b, err = c.Encrypt(data); err != nil {
		return
	}
	if alloc, err = internal.PackBytes(b); err != nil {
		return
	}

	if _, err = buf.Write(alloc); err != nil {
		return
	}
	if _, err = b.WriteTo(buf); err != nil {
		return
	}

	encrypted = bytes.NewReader(buf.Bytes())

	return
}

/*
	Decrypt takes a raw byte slice, a *bytes.Buffer, or a *bytes.Reader and returns a plain/decrypted *bytes.Reader.

	NOTE: The decrypted data contains padding. It is up to the caller to remove/strip.

	NOTE: If data is a *bytes.Buffer, no bytes will be consumed -- the bytes are taken in entirety without consuming them (Buffer.Bytes()).
		  It is up to the caller to consume the buffer as desired beforehand or isolate to a specific sub-buffer beforehand to pass to Cipher.Decrypt.

	NOTE: If data is a *bytes.Reader, ALL bytes WILL be consumed.
*/
func (c *Cipher) Decrypt(data interface{}) (decrypted *bytes.Reader, err error) {

	var plain []byte
	var padded []byte
	var cryptBlock gCipher.Block
	var decrypter gCipher.BlockMode

	if plain, padded, cryptBlock, err = c.GetDecryptBlock(data); err != nil {
		return
	}

	decrypter = gCipher.NewCBCDecrypter(cryptBlock, c.IV)

	decrypter.CryptBlocks(plain, padded)

	decrypted = bytes.NewReader(plain)

	return
}

/*
	AllocatedDecrypt is the same as Cipher.Decrypt but assumes that data includes an unencrypted uint32 byte allocator prefix.

	Be *extremely* certain of this, as things can get REALLY weird if you pass in data that doesn't actually have that prefix.

	NOTE: The decrypted data contains padding. It is up to the caller to remove/strip.

	NOTE: If data is a bytes.Buffer pointer, it will consume ONLY the leading prefix and the length of bytes the prefix indicates and no more.

	NOTE: If data is a *bytes.Reader, it will consume ONLY the leading prefix and the length of bytes the prefix indicates and no more.
*/
func (c *Cipher) AllocatedDecrypt(data interface{}) (decrypted *bytes.Reader, err error) {

	var b []byte

	if b, err = internal.UnpackBytes(data); err != nil {
		return
	}
	if decrypted, err = c.Decrypt(b); err != nil {
		return
	}

	return
}
stubbed out cipher funcs 2022-04-28 05:18:25 -04:00			`package cbc`

			`import (`
aes128 completely done. ish. done-ish. it's entirely untested. CTR should work as i modeled it after PoC, and CBC probably works as it's straightforward, but I have no idea about the GCM. TODO. 2022-04-29 02:49:33 -04:00			`"bytes"`
			`gCipher "crypto/cipher"`

			`"r00t2.io/sshkeys/internal"`
			`"r00t2.io/sshkeys/internal/ciphers/aesCommon"`
stubbed out cipher funcs 2022-04-28 05:18:25 -04:00			`)`

all AES CBC funcs done 2022-04-28 05:40:27 -04:00			`// Setup populates a Cipher from a key. The key must include the IV suffixed to the actual key.`
stubbed out cipher funcs 2022-04-28 05:18:25 -04:00			`func (c *Cipher) Setup(key []byte) (err error) {`

all AES CBC funcs done 2022-04-28 05:40:27 -04:00			`if c == nil {`
aes128 completely done. ish. done-ish. it's entirely untested. CTR should work as i modeled it after PoC, and CBC probably works as it's straightforward, but I have no idea about the GCM. TODO. 2022-04-29 02:49:33 -04:00			`*c = Cipher{`
			`&aesCommon.AesCipher{},`
			`}`
all AES CBC funcs done 2022-04-28 05:40:27 -04:00			`}`

aes128 completely done. ish. done-ish. it's entirely untested. CTR should work as i modeled it after PoC, and CBC probably works as it's straightforward, but I have no idea about the GCM. TODO. 2022-04-29 02:49:33 -04:00			`if err = c.CipherSetup(key, aesCommon.Aes128Bits); err != nil {`
			`return`
			`}`
stubbed out cipher funcs 2022-04-28 05:18:25 -04:00
			`return`
			`}`

			`// Name returns the name as used in the key file bytes.`
			`func (c *Cipher) Name() (name string) {`

			`name = Name`

			`return`
			`}`

			`// NameBytes returns the byte form of Cipher.Name with leading bytecount allocator.`
			`func (c *Cipher) NameBytes() (name []byte) {`

			`var err error`

			`if name, err = internal.PackBytes(Name); err != nil {`
			`return`
			`}`

			`return`
			`}`

			`/*`
			`Encrypt encrypts data (a string, []byte, byte, bytes.Buffer, or bytes.Reader) to the *bytes.Reader encrypted.`

			`NOTE: Padding IS applied automatically.`

			`NOTE: If data is a *bytes.Buffer, no bytes will be consumed -- the bytes are taken in entirety without consuming them (Buffer.Bytes()).`
			`It is up to the caller to consume the buffer as desired beforehand or isolate to a specific sub-buffer beforehand to pass to Cipher.Encrypt.`

			`NOTE: If data is a *bytes.Reader, ALL bytes WILL be consumed.`
			`*/`
			`func (c Cipher) Encrypt(data interface{}) (encrypted bytes.Reader, err error) {`

aes128 completely done. ish. done-ish. it's entirely untested. CTR should work as i modeled it after PoC, and CBC probably works as it's straightforward, but I have no idea about the GCM. TODO. 2022-04-29 02:49:33 -04:00			`var padded []byte`
stubbed out cipher funcs 2022-04-28 05:18:25 -04:00			`var cryptDst []byte`
all AES CBC funcs done 2022-04-28 05:40:27 -04:00			`var cryptBlock gCipher.Block`
			`var crypter gCipher.BlockMode`
stubbed out cipher funcs 2022-04-28 05:18:25 -04:00
aes128 completely done. ish. done-ish. it's entirely untested. CTR should work as i modeled it after PoC, and CBC probably works as it's straightforward, but I have no idea about the GCM. TODO. 2022-04-29 02:49:33 -04:00			`if cryptDst, padded, cryptBlock, err = c.GetCryptBlock(data); err != nil {`
stubbed out cipher funcs 2022-04-28 05:18:25 -04:00			`return`
			`}`

aes128 completely done. ish. done-ish. it's entirely untested. CTR should work as i modeled it after PoC, and CBC probably works as it's straightforward, but I have no idea about the GCM. TODO. 2022-04-29 02:49:33 -04:00			`crypter = gCipher.NewCBCEncrypter(cryptBlock, c.IV)`
stubbed out cipher funcs 2022-04-28 05:18:25 -04:00
aes128 completely done. ish. done-ish. it's entirely untested. CTR should work as i modeled it after PoC, and CBC probably works as it's straightforward, but I have no idea about the GCM. TODO. 2022-04-29 02:49:33 -04:00			`crypter.CryptBlocks(cryptDst, padded)`
all AES CBC funcs done 2022-04-28 05:40:27 -04:00
			`encrypted = bytes.NewReader(cryptDst)`
stubbed out cipher funcs 2022-04-28 05:18:25 -04:00
			`return`
			`}`

			`/*`
			`AllocateEncrypt is the same as Cipher.Encrypt but includes an unencrypted byte allocator prefix.`

			`NOTE: Padding IS applied automatically.`

			`NOTE: If data is a *bytes.Buffer, no bytes will be consumed -- the bytes are taken in entirety without consuming them (Buffer.Bytes()).`
			`It is up to the caller to consume the buffer as desired beforehand or isolate to a specific sub-buffer beforehand to pass to Cipher.AllocateEncrypt.`

			`NOTE: If data is a *bytes.Reader, ALL bytes WILL be consumed.`
			`*/`
			`func (c Cipher) AllocateEncrypt(data interface{}) (encrypted bytes.Reader, err error) {`

			`var b *bytes.Reader`
			`var buf *bytes.Buffer = new(bytes.Buffer)`
			`var alloc []byte = make([]byte, 4)`

			`if b, err = c.Encrypt(data); err != nil {`
			`return`
			`}`
			`if alloc, err = internal.PackBytes(b); err != nil {`
			`return`
			`}`

			`if _, err = buf.Write(alloc); err != nil {`
			`return`
			`}`
			`if _, err = b.WriteTo(buf); err != nil {`
			`return`
			`}`

			`encrypted = bytes.NewReader(buf.Bytes())`

			`return`
			`}`

			`/*`
			`Decrypt takes a raw byte slice, a bytes.Buffer, or a bytes.Reader and returns a plain/decrypted *bytes.Reader.`

			`NOTE: The decrypted data contains padding. It is up to the caller to remove/strip.`

			`NOTE: If data is a *bytes.Buffer, no bytes will be consumed -- the bytes are taken in entirety without consuming them (Buffer.Bytes()).`
			`It is up to the caller to consume the buffer as desired beforehand or isolate to a specific sub-buffer beforehand to pass to Cipher.Decrypt.`

			`NOTE: If data is a *bytes.Reader, ALL bytes WILL be consumed.`
			`*/`
			`func (c Cipher) Decrypt(data interface{}) (decrypted bytes.Reader, err error) {`

aes128 completely done. ish. done-ish. it's entirely untested. CTR should work as i modeled it after PoC, and CBC probably works as it's straightforward, but I have no idea about the GCM. TODO. 2022-04-29 02:49:33 -04:00			`var plain []byte`
			`var padded []byte`
all AES CBC funcs done 2022-04-28 05:40:27 -04:00			`var cryptBlock gCipher.Block`
			`var decrypter gCipher.BlockMode`
stubbed out cipher funcs 2022-04-28 05:18:25 -04:00
aes128 completely done. ish. done-ish. it's entirely untested. CTR should work as i modeled it after PoC, and CBC probably works as it's straightforward, but I have no idea about the GCM. TODO. 2022-04-29 02:49:33 -04:00			`if plain, padded, cryptBlock, err = c.GetDecryptBlock(data); err != nil {`
stubbed out cipher funcs 2022-04-28 05:18:25 -04:00			`return`
			`}`

aes128 completely done. ish. done-ish. it's entirely untested. CTR should work as i modeled it after PoC, and CBC probably works as it's straightforward, but I have no idea about the GCM. TODO. 2022-04-29 02:49:33 -04:00			`decrypter = gCipher.NewCBCDecrypter(cryptBlock, c.IV)`
stubbed out cipher funcs 2022-04-28 05:18:25 -04:00
aes128 completely done. ish. done-ish. it's entirely untested. CTR should work as i modeled it after PoC, and CBC probably works as it's straightforward, but I have no idea about the GCM. TODO. 2022-04-29 02:49:33 -04:00			`decrypter.CryptBlocks(plain, padded)`
all AES CBC funcs done 2022-04-28 05:40:27 -04:00
aes128 completely done. ish. done-ish. it's entirely untested. CTR should work as i modeled it after PoC, and CBC probably works as it's straightforward, but I have no idea about the GCM. TODO. 2022-04-29 02:49:33 -04:00			`decrypted = bytes.NewReader(plain)`
stubbed out cipher funcs 2022-04-28 05:18:25 -04:00
			`return`
			`}`

			`/*`
			`AllocatedDecrypt is the same as Cipher.Decrypt but assumes that data includes an unencrypted uint32 byte allocator prefix.`

			`Be extremely certain of this, as things can get REALLY weird if you pass in data that doesn't actually have that prefix.`

			`NOTE: The decrypted data contains padding. It is up to the caller to remove/strip.`

			`NOTE: If data is a bytes.Buffer pointer, it will consume ONLY the leading prefix and the length of bytes the prefix indicates and no more.`

			`NOTE: If data is a *bytes.Reader, it will consume ONLY the leading prefix and the length of bytes the prefix indicates and no more.`
			`*/`
			`func (c Cipher) AllocatedDecrypt(data interface{}) (decrypted bytes.Reader, err error) {`

			`var b []byte`

			`if b, err = internal.UnpackBytes(data); err != nil {`
			`return`
			`}`
			`if decrypted, err = c.Decrypt(b); err != nil {`
			`return`
			`}`

			`return`
			`}`