github.com/readium/readium-lcp-server@v0.0.0-20240101192032-6e95190e99f1/crypto/encrypt.go (about) 1 // Copyright (c) 2016 Readium Foundation 2 // 3 // Redistribution and use in source and binary forms, with or without modification, 4 // are permitted provided that the following conditions are met: 5 // 6 // 1. Redistributions of source code must retain the above copyright notice, this 7 // list of conditions and the following disclaimer. 8 // 2. Redistributions in binary form must reproduce the above copyright notice, 9 // this list of conditions and the following disclaimer in the documentation and/or 10 // other materials provided with the distribution. 11 // 3. Neither the name of the organization nor the names of its contributors may be 12 // used to endorse or promote products derived from this software without specific 13 // prior written permission 14 // 15 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND 16 // ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 17 // WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 18 // DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR 19 // ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 20 // (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 21 // LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 22 // ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 24 // SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 26 package crypto 27 28 import ( 29 "crypto/aes" 30 "io" 31 ) 32 //"github.com/readium/readium-lcp-server/config" 33 // FOR: config.Config.AES256_CBC_OR_GCM 34 35 type Encrypter interface { 36 Encrypt(key ContentKey, r io.Reader, w io.Writer) error 37 GenerateKey() (ContentKey, error) 38 Signature() string 39 } 40 41 type Decrypter interface { 42 Decrypt(key ContentKey, r io.Reader, w io.Writer) error 43 } 44 45 func NewAESEncrypter_PUBLICATION_RESOURCES() Encrypter { 46 47 return NewAESCBCEncrypter() 48 49 // DISABLED, see https://github.com/readium/readium-lcp-server/issues/109 50 // if config.Config.AES256_CBC_OR_GCM == "GCM" { 51 // return NewAESGCMEncrypter() 52 // } else { // default to CBC 53 // return NewAESCBCEncrypter() 54 // } 55 } 56 57 func NewAESEncrypter_CONTENT_KEY() Encrypter { 58 // default to CBC 59 return NewAESCBCEncrypter() 60 } 61 62 func NewAESEncrypter_USER_KEY_CHECK() Encrypter { 63 // default to CBC 64 return NewAESEncrypter_CONTENT_KEY() 65 } 66 67 func NewAESEncrypter_FIELDS() Encrypter { 68 // default to CBC 69 return NewAESEncrypter_CONTENT_KEY() 70 } 71 72 var ( 73 keywrap_iv = []byte{0xa6, 0xa6, 0xa6, 0xa6, 74 0xa6, 0xa6, 0xa6, 0xa6} 75 ) 76 77 func KeyWrap(kek []byte, key []byte) []byte { 78 cipher, _ := aes.NewCipher(kek) 79 n := len(key) / 8 80 r := make([]byte, len(keywrap_iv)+len(key)) 81 a := make([]byte, len(keywrap_iv)) 82 83 copy(a, keywrap_iv) 84 copy(r[8:], key) 85 86 for j := 0; j < 6; j++ { 87 for i := 1; i <= n; i++ { 88 out := make([]byte, aes.BlockSize) 89 input := make([]byte, aes.BlockSize) 90 copy(input, a) 91 copy(input[8:], r[i*8:(i+1)*8]) 92 cipher.Encrypt(out, input) 93 t := n*j + i 94 copy(a, out[0:8]) 95 a[7] = a[7] ^ byte(t) 96 copy(r[i*8:], out[8:]) 97 } 98 } 99 100 copy(r, a) 101 return r 102 }