Documentation
¶
Index ¶
- Variables
- func DecryptCbcMode(data, key, iv []byte) ([]byte, error)
- func DecryptEcbByteByByte(oracle *Oracle) ([]byte, error)
- func EncryptEbcOrCbc(data []byte) ([]byte, error)
- func GenerateRandBuffer(size int) ([]byte, error)
- func Pkcs7Padding(data []byte, blockSize int) []byte
- func StripPkcs7Padding(data []byte) ([]byte, error)
- type Mode
- type Oracle
Constants ¶
This section is empty.
Variables ¶
var ErrInvalidPadding = errors.New("invalid PKCS7 padding")
Functions ¶
func DecryptCbcMode ¶
DecryptCbcMode decrypts a cipher encrypted with AES-128 in CBC mode.
The cipher-block chaining (CBC) mode is more secure than EBC because each input to the cipher core is randomized, hiding patterns in the plaintext. Nice write-up: https://crypto.stackexchange.com/questions/1129/can-cbc-ciphertext-be-decrypted-if-the-key-is-known-but-the-iv-not
func DecryptEcbByteByByte ¶
DecryptEcbByteByByte decrypts the input oracle's unknown buffer.
func EncryptEbcOrCbc ¶
EncryptEbcOrCbc pads the beginning and end of the data with random buffers of random length, and then encrypts the result using either ECB or CBC mode (also randomly picked).
func GenerateRandBuffer ¶
GenerateRandBuffer generates a random buffer.
func Pkcs7Padding ¶
Pkcs7Padding pads the input buffer to blockSize. The value used for padding is the number of padding bytes.
func StripPkcs7Padding ¶
StripPkcs7Padding removes the padding bytes from the input buffer. Returns an error if the padding is not valid PKCS#7.
TODO: how should inputs without padding be handled? Assuming that padding is not added to inputs with length equal to block size.
Types ¶
type Mode ¶
type Mode int
func EncryptAndDetectEbcOrCbc ¶
EncryptAndDetectEbcOrCbc encrypts a buffer with either ECB or CBC mode (randomly picked) and then detects which encryption mode was used.
Source Files