[PD1] encryptMessageContent and supporting function implemented
This commit is contained in:
parent
2c4f1fd2fc
commit
0629b45894
SSH key fingerprint:
SHA256:odOD9vln9U7qNe1R8o3UCbE3jkQCkr5/q5mgd5hwua0
1 changed files with 78 additions and 15 deletions
|
|
@ -2,13 +2,19 @@ package cryptoUtils
|
|||
|
||||
import (
|
||||
"PD1/internal/client"
|
||||
"crypto"
|
||||
"crypto/rand"
|
||||
"crypto/rsa"
|
||||
"crypto/sha256"
|
||||
"crypto/tls"
|
||||
"crypto/x509"
|
||||
"encoding/binary"
|
||||
"encoding/pem"
|
||||
"log"
|
||||
"os"
|
||||
|
||||
"vendor/golang.org/x/crypto/chacha20poly1305"
|
||||
|
||||
"software.sslmate.com/src/go-pkcs12"
|
||||
)
|
||||
|
||||
|
|
@ -86,7 +92,64 @@ func (k KeyStore)GetTLSConfigClient() *tls.Config {
|
|||
return config
|
||||
}
|
||||
|
||||
func (k KeyStore)EncryptMessageContent(peerPubKey rsa.PublicKey, content []byte) []byte {
|
||||
func (k KeyStore) EncryptMessageContent(receiverCert *x509.Certificate, content []byte) []byte {
|
||||
// Digital envolope
|
||||
|
||||
// Create a random symmetric key
|
||||
dataKey := make([]byte, 32)
|
||||
if _, err := rand.Read(dataKey); err != nil {
|
||||
log.Panicln("Could not create dataKey properly: ", err)
|
||||
}
|
||||
|
||||
cipher, err := chacha20poly1305.New(dataKey)
|
||||
if err != nil {
|
||||
log.Panicln("Could not create cipher: ", err)
|
||||
}
|
||||
|
||||
nonce := make([]byte, cipher.NonceSize(), cipher.NonceSize()+len(content)+cipher.Overhead())
|
||||
if _, err := rand.Read(nonce); err != nil {
|
||||
log.Panicln("Could not create data nonce properly: ", err)
|
||||
}
|
||||
|
||||
// sign the message and append the signature
|
||||
hashedContent := sha256.Sum256(content)
|
||||
signature, err := rsa.SignPKCS1v15(nil, &k.privKey, crypto.SHA256, hashedContent[:])
|
||||
if err != nil {
|
||||
log.Panicln("Could not create content signature: ", err)
|
||||
}
|
||||
content = pair(content, signature)
|
||||
ciphertext := cipher.Seal(nonce, nonce, content, nil)
|
||||
|
||||
// crypto/rand.Reader is a good source of entropy for randomizing the
|
||||
// encryption function.
|
||||
receiverPubKey := receiverCert.PublicKey.(*rsa.PublicKey)
|
||||
encryptedDataKey, err := rsa.EncryptOAEP(sha256.New(), rand.Reader, receiverPubKey, dataKey, nil)
|
||||
if err != nil {
|
||||
log.Panicln("Could not encrypt dataKey: ", err)
|
||||
}
|
||||
|
||||
return pair(encryptedDataKey, ciphertext)
|
||||
}
|
||||
|
||||
func (k KeyStore) DecryptMessageContent(senderCert *x509.Certificate, cipherContent []byte) []byte {
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func pair(l []byte, r []byte) []byte {
|
||||
length := len(l)
|
||||
lenBytes := make([]byte, 2)
|
||||
binary.BigEndian.PutUint16(lenBytes, uint16(length))
|
||||
|
||||
lWithLen := append(lenBytes, l...)
|
||||
return append(lWithLen, r...)
|
||||
}
|
||||
|
||||
func unPair(pair []byte) ([]byte, []byte) {
|
||||
lenBytes := pair[:2]
|
||||
pair = pair[2:]
|
||||
length := binary.BigEndian.Uint16(lenBytes)
|
||||
l := pair[:length]
|
||||
r := pair[length:]
|
||||
return l, r
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue