package cbc import ( `bytes` gAes `crypto/aes` gCipher `crypto/cipher` `io` `r00t2.io/sshkeys/cipher` `r00t2.io/sshkeys/cipher/aes` `r00t2.io/sshkeys/cipher/aes/aes128` `r00t2.io/sshkeys/internal` ) // Setup populates a Cipher from a key. The key must include the IV suffixed to the actual key. func (c *Cipher) Setup(key []byte) (err error) { if key == nil || len(key) < aes128.KdfKeySize { err = cipher.ErrBadKeyLen return } if c == nil { c = &Cipher{} } c.key = key[0:aes128.KeySize] c.iv = key[aes128.KeySize:(aes128.KdfKeySize)] return } // Name returns the name as used in the key file bytes. func (c *Cipher) Name() (name string) { name = Name return } // NameBytes returns the byte form of Cipher.Name with leading bytecount allocator. func (c *Cipher) NameBytes() (name []byte) { var err error if name, err = internal.PackBytes(Name); err != nil { return } return } // BlockSize returns the blocksize of this Cipher. func (c *Cipher) BlockSize() (size int) { size = aes.BlockSize return } // KdfKeySize returns the target key length from KDF to use with this Cipher. func (c *Cipher) KdfKeySize() (size int) { size = aes128.KeySize return } /* Encrypt encrypts data (a string, []byte, byte, *bytes.Buffer, or *bytes.Reader) to the *bytes.Reader encrypted. NOTE: Padding IS applied automatically. NOTE: If data is a *bytes.Buffer, no bytes will be consumed -- the bytes are taken in entirety without consuming them (Buffer.Bytes()). It is up to the caller to consume the buffer as desired beforehand or isolate to a specific sub-buffer beforehand to pass to Cipher.Encrypt. NOTE: If data is a *bytes.Reader, ALL bytes WILL be consumed. */ func (c *Cipher) Encrypt(data interface{}) (encrypted *bytes.Reader, err error) { var b []byte var cryptDst []byte var padded *bytes.Reader var cryptBlock gCipher.Block var crypter gCipher.BlockMode if b, err = internal.SerializeData(data); err != nil { return } if padded, err = c.Pad(b); err != nil { return } b = make([]byte, padded.Len()) if b, err = io.ReadAll(padded); err != nil { return } cryptDst = make([]byte, len(b)) if cryptBlock, err = gAes.NewCipher(c.key); err != nil { return } crypter = gCipher.NewCBCEncrypter(cryptBlock, c.iv) crypter.CryptBlocks(cryptDst, b) encrypted = bytes.NewReader(cryptDst) return } /* AllocateEncrypt is the same as Cipher.Encrypt but includes an unencrypted byte allocator prefix. NOTE: Padding IS applied automatically. NOTE: If data is a *bytes.Buffer, no bytes will be consumed -- the bytes are taken in entirety without consuming them (Buffer.Bytes()). It is up to the caller to consume the buffer as desired beforehand or isolate to a specific sub-buffer beforehand to pass to Cipher.AllocateEncrypt. NOTE: If data is a *bytes.Reader, ALL bytes WILL be consumed. */ func (c *Cipher) AllocateEncrypt(data interface{}) (encrypted *bytes.Reader, err error) { var b *bytes.Reader var buf *bytes.Buffer = new(bytes.Buffer) var alloc []byte = make([]byte, 4) if b, err = c.Encrypt(data); err != nil { return } if alloc, err = internal.PackBytes(b); err != nil { return } if _, err = buf.Write(alloc); err != nil { return } if _, err = b.WriteTo(buf); err != nil { return } encrypted = bytes.NewReader(buf.Bytes()) return } /* Pad will pad data (a string, []byte, byte, or *bytes.Buffer) to the Cipher.BlockSize (if necessary). The resulting padded buffer is returned. NOTE: If data is a *bytes.Buffer, no bytes will be consumed -- the bytes are taken in entirety without consuming them (Buffer.Bytes()). It is up to the caller to consume the buffer as desired beforehand or isolate to a specific sub-buffer beforehand to pass to Cipher.Pad. NOTE: If data is a *bytes.Reader, ALL bytes WILL be consumed. */ func (c *Cipher) Pad(data interface{}) (paddedBuf *bytes.Reader, err error) { var b []byte var padNum int var pad []byte var buf *bytes.Buffer if b, err = internal.UnpackBytes(data); err != nil { return } buf = bytes.NewBuffer(b) for padIdx := 1; (buf.Len() % aes.BlockSize) != 0; padIdx++ { padNum = padIdx & cipher.PadMod pad = []byte{byte(uint32(padNum))} if _, err = buf.Write(pad); err != nil { return } } return } /* Decrypt takes a raw byte slice, a *bytes.Buffer, or a *bytes.Reader and returns a plain/decrypted *bytes.Reader. NOTE: The decrypted data contains padding. It is up to the caller to remove/strip. NOTE: If data is a *bytes.Buffer, no bytes will be consumed -- the bytes are taken in entirety without consuming them (Buffer.Bytes()). It is up to the caller to consume the buffer as desired beforehand or isolate to a specific sub-buffer beforehand to pass to Cipher.Decrypt. NOTE: If data is a *bytes.Reader, ALL bytes WILL be consumed. */ func (c *Cipher) Decrypt(data interface{}) (decrypted *bytes.Reader, err error) { var b []byte var decryptDst []byte var cryptBlock gCipher.Block var decrypter gCipher.BlockMode if b, err = internal.SerializeData(data); err != nil { return } decryptDst = make([]byte, len(b)) if cryptBlock, err = gAes.NewCipher(c.key); err != nil { return } decrypter = gCipher.NewCBCDecrypter(cryptBlock, c.iv) decrypter.CryptBlocks(decryptDst, b) decrypted = bytes.NewReader(decryptDst) return } /* AllocatedDecrypt is the same as Cipher.Decrypt but assumes that data includes an unencrypted uint32 byte allocator prefix. Be *extremely* certain of this, as things can get REALLY weird if you pass in data that doesn't actually have that prefix. NOTE: The decrypted data contains padding. It is up to the caller to remove/strip. NOTE: If data is a bytes.Buffer pointer, it will consume ONLY the leading prefix and the length of bytes the prefix indicates and no more. NOTE: If data is a *bytes.Reader, it will consume ONLY the leading prefix and the length of bytes the prefix indicates and no more. */ func (c *Cipher) AllocatedDecrypt(data interface{}) (decrypted *bytes.Reader, err error) { var b []byte if b, err = internal.UnpackBytes(data); err != nil { return } if decrypted, err = c.Decrypt(b); err != nil { return } return } /* IsPlain indicates if this Cipher is a plain/null encryption (cipher.null.Null). It will always return false. It is included for interface compatability. */ func (c *Cipher) IsPlain() (plain bool) { plain = false return }