Skip to content

Commit 563401a

Browse files
pilinuxpilinux
committed
AES-GCM: encryption with nonce appended to ciphertext
1 parent df34be2 commit 563401a

File tree

2 files changed

+74
-0
lines changed

2 files changed

+74
-0
lines changed

_example/aes/main.go

Lines changed: 48 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -78,4 +78,52 @@ func main() {
7878
return
7979
}
8080
fmt.Println("plaintext:", plaintext)
81+
82+
// encrypt the data with AES-128 in GCM using EncryptAesGcmWithNonceAppended function
83+
ciphertext128, err = crypt.EncryptAesGcmWithNonceAppended(key128, text)
84+
if err != nil {
85+
fmt.Println(err)
86+
return
87+
}
88+
fmt.Println("ciphertext (AES-128):", ciphertext128)
89+
90+
// decrypt the data with AES-128 in GCM using DecryptAesGcmWithNonceAppended function
91+
plaintext, err = crypt.DecryptAesGcmWithNonceAppended(key128, ciphertext128)
92+
if err != nil {
93+
fmt.Println(err)
94+
return
95+
}
96+
fmt.Println("plaintext:", plaintext)
97+
98+
// encrypt the data with AES-192 in GCM using EncryptAesGcmWithNonceAppended function
99+
ciphertext192, err = crypt.EncryptAesGcmWithNonceAppended(key192, text)
100+
if err != nil {
101+
fmt.Println(err)
102+
return
103+
}
104+
fmt.Println("ciphertext (AES-192):", ciphertext192)
105+
106+
// decrypt the data with AES-192 in GCM using DecryptAesGcmWithNonceAppended function
107+
plaintext, err = crypt.DecryptAesGcmWithNonceAppended(key192, ciphertext192)
108+
if err != nil {
109+
fmt.Println(err)
110+
return
111+
}
112+
fmt.Println("plaintext:", plaintext)
113+
114+
// encrypt the data with AES-256 in GCM using EncryptAesGcmWithNonceAppended function
115+
ciphertext256, err = crypt.EncryptAesGcmWithNonceAppended(key256, text)
116+
if err != nil {
117+
fmt.Println(err)
118+
return
119+
}
120+
fmt.Println("ciphertext (AES-256):", ciphertext256)
121+
122+
// decrypt the data with AES-256 in GCM using DecryptAesGcmWithNonceAppended function
123+
plaintext, err = crypt.DecryptAesGcmWithNonceAppended(key256, ciphertext256)
124+
if err != nil {
125+
fmt.Println(err)
126+
return
127+
}
128+
fmt.Println("plaintext:", plaintext)
81129
}

aes.go

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -72,3 +72,29 @@ func DecryptAesGcm(key, nonce, ciphertext []byte) (text string, err error) {
7272

7373
return
7474
}
75+
76+
// EncryptAesGcmWithNonceAppended encrypts and authenticates the given message with AES in GCM mode
77+
// using the given 128, 192 or 256-bit key.
78+
// It appends the ciphertext to the nonce.
79+
func EncryptAesGcmWithNonceAppended(key []byte, text string) (ciphertext []byte, err error) {
80+
ciphertext, nonce, err := EncryptAesGcm(key, text)
81+
if err != nil {
82+
return
83+
}
84+
ciphertext = append(nonce, ciphertext...)
85+
return
86+
}
87+
88+
// DecryptAesGcmWithNonceAppended decrypts and authenticates the given message with AES in GCM mode
89+
// using the given 128, 192 or 256-bit key.
90+
// It expects the ciphertext to have the nonce appended.
91+
func DecryptAesGcmWithNonceAppended(key, ciphertext []byte) (text string, err error) {
92+
nonceSize := 12
93+
if len(ciphertext) < nonceSize {
94+
err = fmt.Errorf("ciphertext is too short")
95+
return
96+
}
97+
nonce, ciphertext := ciphertext[:nonceSize], ciphertext[nonceSize:]
98+
text, err = DecryptAesGcm(key, nonce, ciphertext)
99+
return
100+
}

0 commit comments

Comments
 (0)