github.com/IBM-Bluemix/golang-openssl-wrapper@v0.0.0-20160104220506-7f2d5273b515/examples/crypto.go (about) 1 package main 2 3 import ( 4 "fmt" 5 "github.com/IBM-Bluemix/golang-openssl-wrapper/crypto" 6 "github.com/IBM-Bluemix/golang-openssl-wrapper/rand" 7 ) 8 9 func main() { 10 var ( 11 plaintext = "My super super super super duper long string to be encrypted" 12 ivLen = 12 13 14 sLen, eLen int 15 encrypted, decrypted, iv string 16 bufEncrypt, bufDecrypt []byte 17 ctxEncrypt, ctxDecrypt crypto.EVP_CIPHER_CTX 18 ) 19 20 // Setup error strings 21 crypto.ERR_load_crypto_strings() 22 23 // Add all OpenSSL algorithms 24 crypto.OpenSSL_add_all_algorithms() 25 26 // Load an OpenSSL config 27 crypto.OPENSSL_config("") 28 29 // Enable FIPS mode 30 crypto.FIPS_mode_set(1) 31 32 // Create new EVP_CIPHER_CTX instances 33 ctxEncrypt, ctxDecrypt = crypto.EVP_CIPHER_CTX_new(), crypto.EVP_CIPHER_CTX_new() 34 35 // Panic if either EVP_CIPHER_CTX fails to create 36 if ctxEncrypt == nil { 37 panic("ctxEncrypt is nil") 38 } 39 if ctxDecrypt == nil { 40 panic("ctxDecrypt is nil") 41 } 42 43 // Initialize the EVP_CIPHER_CTX instances 44 crypto.EVP_CIPHER_CTX_init(ctxEncrypt) 45 crypto.EVP_CIPHER_CTX_init(ctxDecrypt) 46 47 // Create random IV for nondeterministic encryption 48 buf := make([]byte, ivLen) 49 _, e := rand.Read(buf) 50 if e != nil { 51 panic(e) 52 } 53 iv = string(buf) 54 55 // Pass the IV into the encrypted string to be used when decoding 56 encrypted = iv 57 58 // Print plaintext string 59 fmt.Printf("plaintext: %s\n", plaintext) 60 61 /* 62 Encrypting a string 63 */ 64 // Initialize the ctxEncrypt context for encryption 65 crypto.EVP_EncryptInit_ex(ctxEncrypt, crypto.EVP_aes_256_cbc(), crypto.SwigcptrStruct_SS_engine_st(0), "somekey", iv) 66 67 // Make a buffer with enough size for the plaintext plus one block 68 bufEncrypt = make([]byte, len(plaintext)+ctxEncrypt.GetCipher().GetBlock_size()) 69 70 // Update the cipher with some content 71 crypto.EVP_EncryptUpdate(ctxEncrypt, bufEncrypt, &sLen, plaintext, len(plaintext)) 72 73 // Append encrypted data to encrypted string 74 encrypted += string(bufEncrypt[:sLen]) 75 76 // Finalize the cipher to flush any remaining data 77 crypto.EVP_EncryptFinal_ex(ctxEncrypt, bufEncrypt, &eLen) 78 79 // Append any remaining data to the encrypted string 80 encrypted += string(bufEncrypt[:eLen]) 81 82 // Clean up the EVP_CIPHER_CTX 83 crypto.EVP_CIPHER_CTX_cleanup(ctxEncrypt) 84 85 /* 86 Decrypting a string 87 */ 88 // Grab the IV from the encrypted string 89 iv = string([]byte(encrypted)[:ivLen]) 90 91 // Slice the encrypted string to begin after the iv 92 encrypted = encrypted[ivLen:] 93 94 // Initialize the ctxDecrypt context for decryption 95 crypto.EVP_DecryptInit_ex(ctxDecrypt, crypto.EVP_aes_256_cbc(), crypto.SwigcptrStruct_SS_engine_st(0), "somekey", iv) 96 97 // Make a buffer the exact size of the encrypted text 98 bufDecrypt = make([]byte, len(encrypted)) 99 100 // Update the cipher with the encrypted string 101 crypto.EVP_DecryptUpdate(ctxDecrypt, bufDecrypt, &sLen, encrypted, len(encrypted)) 102 103 // Append decrypted data to decrypted string 104 decrypted = string(bufDecrypt[:sLen]) 105 106 // Finalize the cipher to flush any remaining data 107 crypto.EVP_DecryptFinal_ex(ctxDecrypt, bufDecrypt, &eLen) 108 109 // Append any remaining data to decrypted string 110 decrypted += string(bufDecrypt[:eLen]) 111 112 // Print decoded string 113 fmt.Printf("decrypted: %s\n", decrypted) 114 115 // Clean up the EVP_CIPHER_CTX 116 crypto.EVP_CIPHER_CTX_cleanup(ctxDecrypt) 117 }