mirror of
https://github.com/emmansun/gmsm.git
synced 2025-04-25 19:56:18 +08:00
77 lines
2.5 KiB
Go
77 lines
2.5 KiB
Go
package cipher_test
|
|
|
|
import (
|
|
"crypto/aes"
|
|
"encoding/hex"
|
|
"fmt"
|
|
|
|
"github.com/emmansun/gmsm/cipher"
|
|
)
|
|
|
|
func ExampleNewECBEncrypter() {
|
|
// Load your secret key from a safe place and reuse it across multiple
|
|
// NewCipher calls. (Obviously don't use this example key for anything
|
|
// real.) If you want to convert a passphrase to a key, use a suitable
|
|
// package like bcrypt or scrypt.
|
|
key, _ := hex.DecodeString("6368616e676520746869732070617373")
|
|
plaintext := []byte("exampleplaintextexampleplaintext")
|
|
|
|
// ECB mode works on blocks so plaintexts may need to be padded to the
|
|
// next whole block. For an example of such padding, see
|
|
// https://tools.ietf.org/html/rfc5246#section-6.2.3.2. Here we'll
|
|
// assume that the plaintext is already of the correct length.
|
|
if len(plaintext)%aes.BlockSize != 0 {
|
|
panic("plaintext is not a multiple of the block size")
|
|
}
|
|
|
|
block, err := aes.NewCipher(key)
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
|
|
ciphertext := make([]byte, len(plaintext))
|
|
mode := cipher.NewECBEncrypter(block)
|
|
mode.CryptBlocks(ciphertext, plaintext)
|
|
|
|
// It's important to remember that ciphertexts must be authenticated
|
|
// (i.e. by using crypto/hmac) as well as being encrypted in order to
|
|
// be secure.
|
|
|
|
fmt.Printf("%x\n", ciphertext)
|
|
}
|
|
|
|
func ExampleNewECBDecrypter() {
|
|
// Load your secret key from a safe place and reuse it across multiple
|
|
// NewCipher calls. (Obviously don't use this example key for anything
|
|
// real.) If you want to convert a passphrase to a key, use a suitable
|
|
// package like bcrypt or scrypt.
|
|
key, _ := hex.DecodeString("6368616e676520746869732070617373")
|
|
ciphertext, _ := hex.DecodeString("f42512e1e4039213bd449ba47faa1b74f42512e1e4039213bd449ba47faa1b74")
|
|
|
|
block, err := aes.NewCipher(key)
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
|
|
// ECB mode always works in whole blocks.
|
|
if len(ciphertext)%aes.BlockSize != 0 {
|
|
panic("ciphertext is not a multiple of the block size")
|
|
}
|
|
|
|
mode := cipher.NewECBDecrypter(block)
|
|
|
|
// CryptBlocks can work in-place if the two arguments are the same.
|
|
mode.CryptBlocks(ciphertext, ciphertext)
|
|
|
|
// If the original plaintext lengths are not a multiple of the block
|
|
// size, padding would have to be added when encrypting, which would be
|
|
// removed at this point. For an example, see
|
|
// https://tools.ietf.org/html/rfc5246#section-6.2.3.2. However, it's
|
|
// critical to note that ciphertexts must be authenticated (i.e. by
|
|
// using crypto/hmac) before being decrypted in order to avoid creating
|
|
// a padding oracle.
|
|
|
|
fmt.Printf("%s\n", ciphertext)
|
|
// Output: exampleplaintextexampleplaintext
|
|
}
|