Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Expand file tree

/

encryption.go

Copy path
More file actions
More file actions

Latest commit

 

History

History
History
69 lines (63 loc) · 2.08 KB
/

encryption.go

Copy path

File metadata and controls

69 lines (63 loc) · 2.08 KB
Copy raw file
Download raw file
Open symbols panel
Edit and raw actions
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
// Copyright © 2020 The Things Network Foundation, The Things Industries B.V.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package crypto
import (
"crypto/aes"
"crypto/cipher"
"crypto/rand"
"io"
"go.thethings.network/lorawan-stack/v3/pkg/errors"
"go.thethings.network/lorawan-stack/v3/pkg/types"
)
var errMalformedCipherText = errors.DefineInvalidArgument("malformed_cipher_text", "malformed cipher text")
// Encrypt encrypts a plain text message.
// Uses AES128 keys in GCM (Galois/Counter Mode).
// Since GCM uses a nonce, the encrypted message will be different each time the operation is run for the same set of inputs.
// The returned cipher is in the format |nonce(12)|tag(16)|encrypted(plaintextLen)|.
func Encrypt(key types.AES128Key, plaintext []byte) ([]byte, error) {
cipherBlock, err := aes.NewCipher(key[:])
if err != nil {
return nil, err
}
gcm, err := cipher.NewGCM(cipherBlock)
if err != nil {
return nil, err
}
nonce := make([]byte, gcm.NonceSize())
_, err = io.ReadFull(rand.Reader, nonce)
if err != nil {
return nil, err
}
return gcm.Seal(nonce, nonce, plaintext, nil), nil
}
// Decrypt decrypts an encrypted message.
// Uses AES128 keys in GCM (Galois/Counter Mode).
func Decrypt(key types.AES128Key, encrypted []byte) ([]byte, error) {
cipherBlock, err := aes.NewCipher(key[:])
if err != nil {
return nil, err
}
gcm, err := cipher.NewGCM(cipherBlock)
if err != nil {
return nil, err
}
if len(encrypted) < gcm.NonceSize() {
return nil, errMalformedCipherText
}
return gcm.Open(nil,
encrypted[:gcm.NonceSize()],
encrypted[gcm.NonceSize():],
nil,
)
}
Morty Proxy This is a proxified and sanitized view of the page, visit original site.